docker
/
squid-4
1
0
Fork 0
Code Issues Pull Requests 1 Releases Wiki Activity

Add example usage

This commit is contained in:
Will Rouesnel 2016-03-26 21:38:21 +11:00
parent 3a8b53db48
commit b262d98827
2 changed files with 19 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
Dockerfile
View File

@ -1,51 +0,0 @@
FROM debian:jessie
RUN sed s:deb:deb-src: /etc/apt/sources.list >> /etc/apt/sources.list
RUN apt-get update && apt-get build-dep -y squid3 && apt-get install -y wget tar xz-utils libssl-dev
RUN mkdir /src \
&& cd /src \
&& wget http://www.squid-cache.org/Versions/v4/squid-4.0.7.tar.xz \
&& tar -xvvf squid-4.0.7.tar.xz
RUN cd /src/squid-4.0.7 && \
./configure \
--datadir=/usr/share/squid3 \
--sysconfdir=/etc/squid3 \
--mandir=/usr/share/man \
--enable-inline \
--enable-async-io=8 \
--enable-storeio="ufs,aufs,diskd,rock" \
--enable-removal-policies="lru,heap" \
--enable-delay-pools \
--enable-cache-digests \
--enable-underscores \
--enable-icap-client \
--enable-follow-x-forwarded-for \
--enable-auth-basic="DB,fake,getpwnam,LDAP,NCSA,NIS,PAM,POP3,RADIUS,SASL,SMB" \
--enable-auth-digest="file,LDAP" \
--enable-auth-negotiate="kerberos,wrapper" \
--enable-auth-ntlm="fake" \
--enable-external-acl-helpers="file_userip,kerberos_ldap_group,LDAP_group,session,SQL_session,unix_group,wbinfo_group" \
--enable-url-rewrite-helpers="fake" \
--enable-eui \
--enable-esi \
--enable-icmp \
--enable-zph-qos \
--with-openssl \
--enable-ssl \
--enable-ssl-crtd \
--disable-translation \
--with-swapdir=/var/spool/squid3 \
--with-logdir=/var/log/squid3 \
--with-pidfile=/var/run/squid3.pid \
--with-filedescriptors=65536 \
--with-large-files \
--with-default-user=proxy
ARG cores=1
RUN cd /src/squid-4.0.7 && \
make -j$cores && \
make install

19
README.md
View File

@ -42,3 +42,22 @@ variables:
Default memory cache size. I've no real clue what this should be, but RAM Default memory cache size. I've no real clue what this should be, but RAM
is plentiful so I like to keep it fairly large. is plentiful so I like to keep it fairly large.
# Example Usage
The following command line will get you up and running quickly. It presumes
you've generated a suitable CA certificate and are intending to use the proxy
as a local MITM on your machine:
```
sudo mkdir -p /srv/squid/cache
docker run -it -p 3128:127.0.0.1:3128 --rm \
-v /srv/squid/cache:/var/cache/squid4 \
-v /etc/ssl/certs:/etc/ssl/certs:ro \
-v /etc/ssl/private/local_mitm.pem:/local-mitm.pem:ro \
-v /etc/ssl/certs/local_mitm.pem:/local-mitm.crt:ro \
-e MITM_CERT=/local-mitm.crt \
-e MITM_KEY=/local-mitm.pem \
-e MITM_PROXY=yes \
squid
```
Note that it doesn't really matter where we mount the certificate - the image
launch script makes a copy as root to avoid messing with permissions anyway.