-
Notifications
You must be signed in to change notification settings - Fork 6
/
start-squid.sh
executable file
·146 lines (124 loc) · 4.69 KB
/
start-squid.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
#!/bin/bash
NAME=squid
DESC="Squid HTTP Proxy"
DAEMON=/usr/sbin/squid
CONFDIR=/etc/squid
CONFIG=$CONFDIR/squid.conf
if [[ ! -f $CONFIG ]]; then
echo "###########################################################"
echo "No userdefined $CONFIG found. Will now copy the dist files."
echo "###########################################################"
find /etc/squid.dist/ -mindepth 1 -maxdepth 1 | \
while read FILE; do \
[[ ! -d $CONFDIR/$(basename $FILE) && ! -f $CONFDIR/$(basename $FILE) ]] && \
cp -avr $FILE $CONFDIR/
done
echo "###########################################################"
echo
fi
if [[ ! -d $CONFDIR/ssl ]] && [[ -f /etc/squid.dist/ssl-selfsigned.conf || -f /etc/squid/ssl-selfsigned.conf ]]; then
echo "#########################################################################"
echo "No $CONFDIR/ssl directory found. Will now create selfsigned certificates."
echo "#########################################################################"
SSLCONF=/etc/squid.dist/ssl-selfsigned.conf
[[ -f /etc/squid/ssl-selfsigned.conf ]] && SSLCONF=/etc/squid/ssl-selfsigned.conf
mkdir $CONFDIR/ssl && \
openssl req -new \
-newkey rsa:4096 -sha256 -nodes -keyout $CONFDIR/ssl/selfsigned.key \
-days 99365 \
-x509 -out $CONFDIR/ssl/selfsigned.crt \
-config $SSLCONF && \
cat $CONFDIR/ssl/selfsigned.{key,crt} > $CONFDIR/ssl/selfsigned.chain && \
openssl pkcs12 -export -passout pass: \
-in $CONFDIR/ssl/selfsigned.chain \
-out $CONFDIR/ssl/selfsigned.pfx
echo "#########################################################################"
echo
fi
if [[ -n $PROXY_UID && $(id -u proxy 2>/dev/null) != $PROXY_UID ]]; then
echo "##################################################"
echo "Configured user id changed. Setting permissions..."
echo "##################################################"
find / -user proxy -exec chown -vhR $PROXY_UID {} \; 2>/dev/null
usermod -u $PROXY_UID proxy 2>/dev/null
echo "##################################################"
echo
fi
if [[ -n $PROXY_GID && $(id -g proxy 2>/dev/null) != $PROXY_UID ]]; then
echo "###################################################"
echo "Configured group id changed. Setting permissions..."
echo "###################################################"
find / -group proxy -exec chgrp -vhR $PROXY_GID {} \; 2>/dev/null
groupmod -g $PROXY_GID proxy 2>/dev/null
echo "###################################################"
echo
fi
SQUID_ARGS="-N -YC -d1 -f $CONFIG"
[ ! -f /etc/default/squid ] || . /etc/default/squid
. /lib/lsb/init-functions
PATH=/bin:/usr/bin:/sbin:/usr/sbin
if [ ! -x $DAEMON ]; then echo "ERROR $DAEMON is not executable!"; exit 0; fi
ulimit -n 65535
find_cache_dir () {
w=" " # space tab
res=`$DAEMON -k parse -f $CONFIG 2>&1 |
grep "Processing:" |
sed s/.*Processing:\ // |
sed -ne '
s/^['"$w"']*'$1'['"$w"']\+[^'"$w"']\+['"$w"']\+\([^'"$w"']\+\).*$/\1/p;
t end;
d;
:end q'`
[ -n "$res" ] || res=$2
echo "$res"
}
grepconf () {
w=" " # space tab
res=`$DAEMON -k parse -f $CONFIG 2>&1 |
grep "Processing:" |
sed s/.*Processing:\ // |
sed -ne '
s/^['"$w"']*'$1'['"$w"']\+\([^'"$w"']\+\).*$/\1/p;
t end;
d;
:end q'`
[ -n "$res" ] || res=$2
echo "$res"
}
create_run_dir () {
run_dir=/var/run/squid
usr=`grepconf cache_effective_user proxy`
grp=`grepconf cache_effective_group proxy`
if [ "$(dpkg-statoverride --list $run_dir)" = "" ] &&
[ ! -e $run_dir ] ; then
mkdir -p $run_dir
chown $usr:$grp $run_dir
[ -x /sbin/restorecon ] && restorecon $run_dir
fi
}
cache_dir=`find_cache_dir cache_dir`
cache_type=`grepconf cache_dir`
run_dir=/var/run/squid
#
# Create run dir (needed for several workers on SMP)
#
create_run_dir
[[ ! -f /etc/squid/conf.d/pidfile.conf && $run_dir != "" ]] && \
echo "pid_filename $run_dir/squid.pid" > /etc/squid/conf.d/pidfile.conf
[[ $run_dir != "" ]] && rm -rf $run_dir/*
rm -f /run/squid.pid #shouldn't be there, but just to be sure
#
# Create spool dirs if they don't exist.
#
if test -d "$cache_dir" -a ! -d "$cache_dir/00"
then
log_warning_msg "Creating $DESC cache structure"
$DAEMON --foreground -z -f $CONFIG
[ -x /sbin/restorecon ] && restorecon -R $cache_dir
fi
umask 027
ulimit -n 65535
cd $run_dir
[[ $run_dir != "" ]] && rm -rf $run_dir/*
rm -f /run/squid.pid #shouldn't be there, but just to be sure
$DAEMON $SQUID_ARGS