squid/docker-compose.yml

70 lines
1.8 KiB
YAML
Raw Normal View History

2020-07-30 14:32:27 +00:00
version: "3.7"
services:
2020-07-30 14:37:30 +00:00
squid:
2020-07-30 14:32:27 +00:00
deploy:
placement:
constraints: [node.labels.com.sigyl.git-stack == yes]
replicas: 1
restart_policy:
condition: any
2020-08-06 10:10:50 +00:00
image: wrouesnel/docker-squid4
2020-08-06 10:34:15 +00:00
environment:
2020-08-06 10:50:03 +00:00
- MITM_PROXY=yes
- HTTP_PORT=3128
2020-08-06 14:41:10 +00:00
- MITM_CERT=/run/secrets/ca.crt
- MITM_KEY=/run/secrets/ca.key
2020-08-06 10:50:03 +00:00
- VISIBLE_HOSTNAME=git.local-domain
2020-08-06 11:55:43 +00:00
- EXTRA_CONFIG1=tls_outgoing_options capath=/etc/ssl/certs \
options=NO_SSLv3,NO_TLSv1 \
2020-08-06 12:53:44 +00:00
min-version=1.2
2020-08-06 13:18:21 +00:00
#cipher=ECDHE+ECDSA \
2020-08-06 13:13:03 +00:00
#ALL:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS \
2020-08-06 13:33:20 +00:00
- EXTRA_CONFIG2=sslproxy_cipher ECDHE+ECDSA+AESGCM:ECDHE+RSA+AESGCM:EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM #:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+RC4:EECDH:EDH+aRSA:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS
2020-08-06 10:50:03 +00:00
# - CONFIG_DISABLE=yes
2020-08-06 14:34:23 +00:00
#volumes:
2020-08-06 10:50:03 +00:00
#- ./squid-4/squid.intercept.conf:/etc/squid4/squid.conf
2020-08-06 10:34:15 +00:00
# - squid-cache:/apps/squid/var/cache/squid
2020-08-04 19:48:14 +00:00
#- ./squid.intercept.conf:/etc/squid/squid.conf
2020-08-06 14:34:23 +00:00
#- ./myCA/CA_crt.pem:/local-mitm.crt:ro
#- ./myCA/CA_key.pem:/local-mitm.pem:ro
2020-07-30 14:32:27 +00:00
ports:
2020-08-03 11:28:17 +00:00
- 3128:3128
2020-07-30 14:32:27 +00:00
networks:
- appnet
- externalnet
2020-08-06 14:41:10 +00:00
secrets:
- ca.crt
- ca.key
2020-08-03 12:49:03 +00:00
squid-deb:
deploy:
placement:
constraints: [node.labels.com.sigyl.git-stack == yes]
replicas: 1
restart_policy:
condition: any
image: mikepurvis/squid-deb-proxy:latest
volumes:
- squid-deb-cache:/cachedir
ports:
- 8000:8000
networks:
- appnet
- externalnet
2020-07-30 14:32:27 +00:00
volumes:
squid-cache:
2020-08-03 12:49:03 +00:00
squid-deb-cache:
2020-07-30 14:32:27 +00:00
networks:
appnet:
driver: overlay
externalnet:
driver: overlay
2020-08-03 12:49:03 +00:00
external: true
2020-08-06 14:34:23 +00:00
secrets:
2020-08-06 14:41:10 +00:00
'ca.crt':
2020-08-06 14:36:35 +00:00
file: .secrets/ca.crt
2020-08-06 14:41:10 +00:00
'ca.key':
2020-08-06 14:34:23 +00:00
file: .secrets/ca.key