Skip to content

Latest commit

 

History

History
1638 lines (990 loc) · 42.4 KB

REFERENCE.md

File metadata and controls

1638 lines (990 loc) · 42.4 KB

Reference

Table of Contents

Classes

Public Classes

  • squid: Module for configuring the squid caching service. The module will set the SELINUX-context for the cache_dir and port, needs puppet-selinux

Private Classes

  • squid::config: Configure the system to use squid config is included in the main class squid for parameters see squid class
  • squid::install: Installs the squid package
  • squid::params: This class manages Squid parameters
  • squid::service: Manages the Squid daemon

Defined types

Data types

Classes

squid

Module for configuring the squid caching service. The module will set the SELINUX-context for the cache_dir and port, needs puppet-selinux

Examples

The set up a simple squid server with a cache to forward http port 80 requests.
class { 'squid': }
squid::acl { 'Safe_ports':
  type    => port,
  entries => ['80'],
}
squid::http_access { 'Safe_ports':
  action => allow,
}
squid::http_access{ '!Safe_ports':
  action => deny,
}
class { 'squid':
  cache_mem    => '512 MB',
  workers      => 3,
  coredump_dir => '/var/spool/squid',
}
class { 'squid':
  cache_mem                 => '512 MB',
  workers                   => 3,
  coredump_dir              => '/var/spool/squid',
  acls                      => { 'remote_urls' => {
                                   type    => 'url_regex',
                                   entries => ['http://example.org/path',
                                               'http://example.com/anotherpath'],
                                 },
                               },
  http_access               => { 'our_networks hosts' => { action => 'allow', }},
  http_ports                => { '10000' => { options => 'accel vhost', }},
  snmp_ports                => { '1000' => { process_number => 3, }},
  cache_dirs                => { '/data/' => { type => 'ufs', options => '15000 32 256 min-size=32769', process_number => 2 }},
  url_rewrite_program       => '/usr/bin/squidguard -c /etc/squidguard/squidguard.conf',
  url_rewrite_children      => 12,
  url_rewrite_child_options => startup=1,
}

Parameters

The following parameters are available in the squid class:

ensure_service

Data type: String

The ensure value of the squid service, defaults to running.

Default value: $squid::params::ensure_service

enable_service

Data type: Boolean

The enable value of the squid service, defaults to true.

Default value: $squid::params::enable_service

config

Data type: String

Location of squid.conf file, defaults to /etc/squid/squid.conf.

Default value: $squid::params::config

config_user

Data type: String

User which owns the config file, default depends on $operatingsystem

Default value: $squid::params::config_user

config_group

Data type: String

Group which owns the config file, default depends on $operatingsystem

Default value: $squid::params::config_group

daemon_user

Data type: String

User which runs the squid daemon, this is used for ownership of the cache directory, default depends on $operatingsystem

Default value: $squid::params::daemon_user

daemon_group

Data type: String

Group which runs the squid daemon, this is used for ownership of the cache directory, default depends on $operatingsystem

Default value: $squid::params::daemon_group

cache_mem

Data type: Squid::Size

Defaults to 256 MB. http://www.squid-cache.org/Doc/config/cache_mem/

Default value: $squid::params::cache_mem

cache_replacement_policy

Data type: Optional[String]

Defaults to undef. http://www.squid-cache.org/Doc/config/cache_replacement_policy/

Default value: $squid::params::cache_replacement_policy

memory_replacement_policy

Data type: Optional[String]

Defaults to undef. http://www.squid-cache.org/Doc/config/memory_replacement_policy/

Default value: $squid::params::memory_replacement_policy

memory_cache_shared

Data type: Optional[Variant[Enum['on', 'off'], Boolean]]

Defaults to undef. http://www.squid-cache.org/Doc/config/memory_cache_shared/.

Default value: $squid::params::memory_cache_shared

maximum_object_size_in_memory

Data type: Squid::Size

Defaults to 512 KB. http://www.squid-cache.org/Doc/config/maximum_object_size_in_memory/

Default value: $squid::params::maximum_object_size_in_memory

url_rewrite_program

Data type: Optional[String]

Defaults to undef http://www.squid-cache.org/Doc/config/url_rewrite_program/

Default value: $squid::params::url_rewrite_program

url_rewrite_children

Data type: Optional[Integer]

Defaults to undef http://www.squid-cache.org/Doc/config/url_rewrite_children/

Default value: $squid::params::url_rewrite_children

url_rewrite_child_options

Data type: Optional[String]

Defaults to undef http://www.squid-cache.org/Doc/config/url_rewrite_children/

Default value: $squid::params::url_rewrite_child_options

access_log

Data type: Variant[String, Array[String]]

Defaults to daemon:/var/logs/squid/access.log squid. May be passed an Array. http://www.squid-cache.org/Doc/config/access_log/

Default value: $squid::params::access_log

coredump_dir

Data type: Optional[String]

Defaults to undef. http://www.squid-cache.org/Doc/config/coredump_dir/

Default value: $squid::params::coredump_dir

error_directory

Data type: Optional[Stdlib::Absolutepath]

Defaults to undef. http://www.squid-cache.org/Doc/config/error_directory/

Default value: $squid::params::error_directory

err_page_stylesheet

Data type: Optional[Stdlib::Absolutepath]

Defaults to undef. http://www.squid-cache.org/Doc/config/err_page_stylesheet/

Default value: $squid::params::err_page_stylesheet

package_name

Data type: String

Name of the squid package to manage, default depends on $operatingsystem

Default value: $squid::params::package_name

package_ensure

Data type: Squid::PkgEnsure

Package status and/or version, default to present

Default value: $squid::params::package_ensure

service_name

Data type: String

Name of the squid service to manage, default depends on $operatingsystem

Default value: $squid::params::service_name

max_filedescriptors

Data type: Optional[Integer]

Defaults to undef. http://www.squid-cache.org/Doc/config/max_filedescriptors/

Default value: $squid::params::max_filedescriptors

workers

Data type: Optional[Integer]

Defaults to undef. http://www.squid-cache.org/Doc/config/workers/

Default value: $squid::params::workers

snmp_incoming_address

Data type: Optional[Stdlib::Compat::Ip_address]

Defaults to undef. Can be set to an IP address to only listen for snmp requests on an individual interface. http://www.squid-cache.org/Doc/config/snmp_incoming_address/

Default value: $squid::params::snmp_incoming_address

buffered_logs

Data type: Optional[Boolean]

Defaults to undef. http://www.squid-cache.org/Doc/config/buffered_logs/

Default value: $squid::params::buffered_logs

acls

Data type: Optional[Hash]

Defaults to undef. If you pass in a hash of acl entries, they will be defined automatically. http://www.squid-cache.org/Doc/config/acl/

Default value: $squid::params::acls

visible_hostname

Data type: Optional[String]

Defaults to undef. http://www.squid-cache.org/Doc/config/visible_hostname/

Default value: $squid::params::visible_hostname

via

Data type: Optional[Boolean]

Defaults to undef. http://www.squid-cache.org/Doc/config/via/

Default value: $squid::params::via

httpd_suppress_version_string

Data type: Optional[Boolean]

Defaults to undef. http://www.squid-cache.org/Doc/config/httpd_suppress_version_string/

Default value: $squid::params::httpd_suppress_version_string

forwarded_for

Data type: Optional[Variant[Enum['on', 'off', 'transparent', 'delete', 'truncate'], Boolean]]

Defaults to undef. supported values are "on", "off", "transparent", "delete", "truncate". http://www.squid-cache.org/Doc/config/forwarded_for/

Default value: $squid::params::forwarded_for

http_access

Data type: Optional[Hash]

Defaults to undef. If you pass in a hash of http_access entries, they will be defined automatically. http://www.squid-cache.org/Doc/config/http_access/

Default value: $squid::params::http_access

http_ports

Data type: Optional[Hash]

Defaults to undef. If you pass in a hash of http_port entries, they will be defined automatically. http://www.squid-cache.org/Doc/config/http_port/

Default value: $squid::params::http_ports

https_ports

Data type: Optional[Hash]

Defaults to undef. If you pass in a hash of https_port entries, they will be defined automatically. http://www.squid-cache.org/Doc/config/https_port/

Default value: $squid::params::https_ports

icp_access

Data type: Optional[Hash]

Defaults to undef. If you pass in a hash of icp_access entries, they will be defined automatically. http://www.squid-cache.org/Doc/config/icp_access/

Default value: $squid::params::icp_access

logformat

Data type: Optional[Variant[String, Array[String]]]

Defaults to undef. If you pass in a logformat String, it will be defined automatically. May be passed an Array. http://www.squid-cache.org/Doc/config/logformat/

Default value: $squid::params::logformat

refresh_patterns

Data type: Optional[Hash]

Defaults to undef. If you pass a hash of refresh_pattern entires, they will be defined automatically. http://www.squid-cache.org/Doc/config/refresh_pattern/

Default value: $squid::params::refresh_patterns

snmp_ports

Data type: Optional[Hash]

Defaults to undef. If you pass in a hash of snmp_port entries, they will be defined automatically. http://www.squid-cache.org/Doc/config/snmp_port/

Default value: $squid::params::snmp_ports

send_hit

Data type: Optional[Hash]

Defaults to undef. If you pass in a hash of send_hit entries, they will be defined automatically. http://www.squid-cache.org/Doc/config/send_hit/

Default value: $squid::params::send_hit

cache_dirs

Data type: Optional[Hash]

Defaults to undef. If you pass in a hash of cache_dir entries, they will be defined automatically. http://www.squid-cache.org/Doc/config/cache_dir/

Default value: $squid::params::cache_dirs

ssl_bump

Data type: Optional[Hash]

Defaults to undef. If you pass in a hash of ssl_bump entries, they will be defined automatically. http://www.squid-cache.org/Doc/config/ssl_bump/

Default value: $squid::params::ssl_bump

sslproxy_cert_error

Data type: Optional[Hash]

Defaults to undef. If you pass in a hash of sslproxy_cert_error entries, they will be defined automatically. http://www.squid-cache.org/Doc/config/sslproxy_cert_error/

Default value: $squid::params::sslproxy_cert_error

extra_config_sections

Data type: Hash

Defaults to empty hash. If you pass in a hash of extra_config_section resources, they will be defined automatically.

Default value: {}

service_restart

Data type: Optional[String]

Defaults to undef. Overrides service resource restart command to be executed. It can be used to perform a soft reload of the squid service.

Default value: $squid::params::service_restart

squid_bin_path

Data type: Stdlib::Absolutepath

Path to the squid binary, default depends on $operatingsystem

Default value: $squid::params::squid_bin_path

auth_params

Data type: Optional[Hash]

Default value: $squid::params::auth_params

cache

Data type: Optional[Hash]

Default value: $squid::params::cache

snmp_access

Data type: Optional[Hash]

Default value: $squid::params::snmp_access

Defined types

squid::acl

Defines acl entries for a squid server.

Examples

create an ACL 'remote_urls' containing two entries
squid::acl { 'remote_urls':
   type    => 'url_regex',
   entries => ['http://example.org/path',
               'http://example.com/anotherpath'],
}

Parameters

The following parameters are available in the squid::acl defined type:

type

Data type: String

The acltype of the acl, must be defined, e.g url_regex, urlpath_regex, port, ..

aclname

Data type: String

The name of acl, defaults to the title.

Default value: $title

entries

Data type: Array

An array of acl entries, multiple members results in multiple lines in squid.conf.

Default value: []

order

Data type: String

Each ACL has an order 05 by default this can be specified if order of ACL definition matters.

Default value: '05'

comment

Data type: String

Default value: "acl fragment for ${aclname}"

squid::auth_param

Defines auth_param entries for a squid server.

Examples

squid::auth_param { 'basic auth_param':
  scheme  => 'basic',
  entries => [
    'program /usr/lib64/squid/basic_ncsa_auth /etc/squid/.htpasswd',
    'children 5',
    'realm Squid Basic Authentication',
    'credentialsttl 5 hours',
  ],
}
would result in multi entry squid auth_param:
auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/.htpasswd
auth_param basic children 5
auth_param basic realm Squid Basic Authentication
auth_param basic credentialsttl 5 hours

Parameters

The following parameters are available in the squid::auth_param defined type:

scheme

Data type: Enum['basic', 'digest', 'negotiate', 'ntlm']

The scheme used for authentication must be defined. Valid values are 'basic', 'digest', 'negotiate' and 'ntlm'.

entries

Data type: Array

An array of entries, multiple members results in multiple lines in squid.conf

order

Data type: String

Order can be used to configure where in squid.confthis configuration section should occur.

Default value: '40'

auth_param_name

Data type: String

Default value: $title

squid::cache

Defines cache entries for a squid server.

Examples

squid::cache { 'our_network_hosts_acl':
  action    => 'deny',
  comment   => 'Our networks hosts are denied for caching',
}

Adds a squid.conf line:
#Our networks hosts denied for caching
cache deny our_network_hosts_acl

Parameters

The following parameters are available in the squid::cache defined type:

action

Data type: Enum['allow', 'deny']

Allow/deny caching for $title

Default value: 'allow'

comment

Data type: String

Cache entry's preceding comment

Default value: "cache fragment for ${value}"

order

Data type: String

Order can be used to configure where in squid.confthis configuration section should occur.

Default value: '05'

value

Data type: String

Default value: $title

squid::cache_dir

Defines cache_dir entries for a squid server.

Examples

squid::cache_dir { '/data':
  type           => 'ufs',
  options        => '15000 32 256 min-size=32769',
  process_number => 2,
}
Results in the squid configuration of

if ${processor} = 2
cache_dir ufs 15000 32 256 min-size=32769
endif

Parameters

The following parameters are available in the squid::cache_dir defined type:

type

Data type: String

The type of cache, e.g ufs. defaults to ufs.

Default value: ufs

path

Data type: String

Defaults to the namevar, file path to cache.

Default value: $title

options

Data type: Optional[String[1]]

String of options for the cache.

Default value: undef

process_number

Data type: Optional[Integer]

If specfied as an integer the cache will be wrapped in a if $proceess_number statement so the cache will be used by only one process. Default is undef.

Default value: undef

manage_dir

Data type: Boolean

If true puppet will attempt to create the directory, if false you will have to create it yourself. Make sure the directory has the correct owner, group and mode. Defaults to true.

Default value: true

order

Data type: String

Order can be used to configure where in squid.confthis configuration section should occur.

Default value: '05'

squid::extra_config_section

The extra_config_section defiend type can be used for configuration directives that have not been exposed individually in this module.

Examples

Using a hash of config_entries:
squid::extra_config_section { 'mail settings':
  order          => '60',
  config_entries => {
    'mail_from'    => '[email protected]',
    'mail_program' => 'mail',
  },
}

Results in a squid configuration of
# mail settings
mail_from [email protected]
mail_program mail
Using an array of config_entries:
squid::extra_config_section { 'ssl_bump settings':
  order          => '60',
  config_entries => {
    'ssl_bump'         => ['server-first', 'all'],
    'sslcrtd_program'  => ['/usr/lib64/squid/ssl_crtd', '-s', '/var/lib/ssl_db', '-M', '4MB'],
    'sslcrtd_children' => ['8', 'startup=1', 'idle=1'],
  }
}

Results in a squid configuration of:
# ssl_bump settings
ssl_bump server-first all
sslcrtd_program /usr/lib64/squid/ssl_crtd -s /var/lib/ssl_db -M 4MB
sslcrtd_children 8 startup=1 idle=1
Using an array of hashes of config_entries:
squid::extra_config_section { 'always_directs':
  order          => '60',
  config_entries => [{
    'always_direct' => ['deny    www.reallyreallybadplace.com',
                        'allow   my-good-dst',
                        'allow   my-other-good-dst'],
  }],
}

Results in a squid configuration of
# always_directs
always_direct deny    www.reallyreallybadplace.com
always_direct allow   my-good-dst
always_direct allow   my-other-good-dst

Parameters

The following parameters are available in the squid::extra_config_section defined type:

comment

Data type: String

Defaults to the namevar and is used as a section comment in squid.conf.

Default value: $title

config_entries

Data type: Variant[Array,Hash]

A hash of configuration entries to create in this section. The hash key is the name of the configuration directive. The value is either a string, or an array of strings to use as the configuration directive options.

Default value: {}

order

Data type: String

Order can be used to configure where in squid.conf this configuration section should occur.

Default value: '60'

squid::http_access

Defines http_access entries for a squid server.

Examples

squid::http_access { 'our_networks hosts':
  action => 'allow',
}

Adds a squid.conf line
# http_access fragment for out_networks hosts
http_access allow our_networks hosts
squid::http_access { 'our_networks hosts':
  action    => 'allow',
  comment   => 'Our networks hosts are allowed',
}

Adds a squid.conf line
# Our networks hosts are allowed
http_access allow our_networks hosts

Parameters

The following parameters are available in the squid::http_access defined type:

title

The name of the ACL the rule is applied to

action

Data type: Enum['allow', 'deny']

allow or deny access for $title

Default value: 'allow'

order

Data type: String

Order can be used to configure where in squid.confthis configuration section should occur.

Default value: '05'

comment

Data type: String

http_access entry's preceding comment

Default value: "http_access fragment for ${value}"

value

Data type: String

Default value: $title

squid::http_port

Defines http_port entries for a squid server. By setting optional ssl parameter to true will create https_port entries instead.

Examples

squid::http_port { '10000':
  options => 'accel vhost'
}
squid::http_port { '10001':
  ssl     => true,
  options => 'cert=/etc/squid/ssl_cert/server.cert key=/etc/squid/ssl_cert/server.key'
}
squid::http_port { '127.0.0.1:3128':
}

Results in a squid configuration of:
http_port 10000 accel vhost
https_port 10001 cert=/etc/squid/ssl_cert/server.cert key=/etc/squid/ssl_cert/server.key
http_port 127.0.0.1:3128

Parameters

The following parameters are available in the squid::http_port defined type:

title

The title/namevar may be in the form port or host:port to provide the below values. Otherwise, specify port explicitly, and host if desired.

port

Data type: Optional[Stdlib::Port]

Defaults to the port of the namevar and is the port number to listen on.

Default value: undef

host

Data type: Optional[Stdlib::Host]

Defaults to the host part of the namevar and is the interface to listen on. If not specified, Squid listens on all interfaces.

Default value: undef

options

Data type: Optional[String[1]]

A string to specify any options for the default.

Default value: undef

ssl

Data type: Boolean

When set to true creates https_port entries. Defaults to false.

Default value: false

order

Data type: String

Order can be used to configure where in squid.confthis configuration section should occur.

Default value: '05'

squid::https_port

Defines https_port entries for a squid server. Results are the same with http_port and ssl set to true.

Parameters

The following parameters are available in the squid::https_port defined type:

port

Data type: Variant[Pattern[/\d+/], Integer]

defaults to the namevar and is the port number.

Default value: $title

options

Data type: Optional[String[1]]

A string to specify any options to add to the https_port line.

Default value: undef

order

Data type: String

Order can be used to configure where in squid.confthis configuration section should occur.

Default value: '05'

squid::icp_access

Defines icp_access entries for a squid server.

Examples

squid::icp_access { 'our_networks hosts':
  action => 'allow',
}

Adds a squid.conf line
icp_access allow our_networks hosts

Parameters

The following parameters are available in the squid::icp_access defined type:

action

Data type: Enum['allow', 'deny']

Must be deny or allow. By default it is allow. The squid.conf file is ordered so by default all allows appear before all denys. This can be overidden with the order parameter.

Default value: 'allow'

order

Data type: String

Order can be used to configure where in squid.confthis configuration section should occur.

Default value: '05'

value

Data type: String

Default value: $title

squid::refresh_pattern

Defines refresh_pattern entries for a squid server.

Examples

squid::refresh_pattern { '^ftp:':
  min     => 1440,
  max     => 10080,
  percent => 20,
  order   => 60,
}

squid::refresh_pattern { '(/cgi-bin/|\?)':
  case_sensitive => false,
  min            => 0,
  max            => 0,
  percent        => 0,
  order          => 61,
}

would result in the following squid refresh patterns:
# refresh_pattern fragment for ^ftp
refresh_pattern ^ftp: 1440 20% 10080
# refresh_pattern fragment for (/cgi-bin/|\?)
refresh_pattern (/cgi-bin/|\?) -i 0 0% 0
YAML example
squid::refresh_patterns:
  '^ftp':
    max:     10080
    min:     1440
    percent: 20
    order:   '60'
  '^gopher':
    max:     1440
    min:     1440
    percent: 0
    order:   '61'
  '(/cgi-bin/|\?)':
    case_sensitive: false
    max:            0
    min:            0
    percent:        0
    order:          '62'
  '.':
    max:     4320
    min:     0
    percent: 20
    order:   '63'

Parameters

The following parameters are available in the squid::refresh_pattern defined type:

case_sensitive

Data type: Boolean

If true (default) the regex is case sensitive, when false the case insensitive flag '-i' is added to the pattern

Default value: true

comment

Data type: String

Comment added before refresh rule, defaults to refresh_pattern fragment for title

Default value: "refresh_pattern fragment for ${pattern}"

min

Data type: Integer

Must be defined, the time (in minutes) an object without an explicit expiry time should be considered fresh.

max

Data type: Integer

Must be defined, the upper limit (in minutes) on how long objects without an explicit expiry time will be considered fresh.

percent

Data type: Integer

Must be defined, is a percentage of the objects age (time since last modification age)

options

Data type: Optional[String[1]]

See squid documentation for available options.

Default value: undef

order

Data type: String

Each refresh_pattern has an order 05 by default this can be specified if order of refresh_pattern definition matters.

Default value: '05'

pattern

Data type: String

Default value: $title

squid::send_hit

Defines send_hit for a squid server.

Examples

squid:::send_hit{'PragmaNoCache':
  action => 'deny',
}

Adds the following squid.conf line:
send_hit deny PragmaNoCache

Parameters

The following parameters are available in the squid::send_hit defined type:

value

Data type: String

Defaults to the namevar. The rule to allow or deny.

Default value: $title

action

Data type: Enum['allow', 'deny']

Must one of deny or allow

Default value: 'allow'

order

Data type: String

Order can be used to configure where in squid.confthis configuration section should occur.

Default value: '05'

comment

Data type: String

A preceeding comment to add to the configuration file.

Default value: "send_hit fragment for ${value}"

squid::snmp_access

Defines snmp_access entries for a squid server.

Examples

squid::snmp_access { 'monitoring hosts':
  action => 'allow',
}

Adds a squid.conf line
# snmp_access fragment for monitoring hosts
snmp_access allow monitoring hosts
squid::snmp_access { 'monitoring hosts':
  action    => 'allow',
  comment   => 'Our monitoring hosts are allowed',
}
Adds a squid.conf line:
# Our monitoring hosts are allowed
snmp_access allow monitoring hosts

Parameters

The following parameters are available in the squid::snmp_access defined type:

action

Data type: Enum['allow', 'deny']

Allow or deny access for $title

Default value: 'allow'

order

Data type: String

Order can be used to configure where in squid.confthis configuration section should occur.

Default value: '05'

comment

Data type: String

snmp_access entry's preceding comment

Default value: "snmp_access fragment for ${value}"

value

Data type: String

Default value: $title

squid::snmp_port

Defines snmp_port entries for a squid server.

Examples

squid::snmp_port { '1000':
  process_number => 3
}

Results in a squid configuration of
if ${process_number} = 3
snmp_port 1000
endif

Parameters

The following parameters are available in the squid::snmp_port defined type:

port

Data type: Variant[Pattern[/\d+/], Stdlib::Port]

Defaults to the namevar and is the port number.

Default value: $title

options

Data type: Optional[String[1]]

A string to specify any options for the default.

Default value: undef

process_number

Data type: Optional[Integer]

If set to and integer the snmp_port is enabled only for a particular squid thread. Defaults to undef.

Default value: undef

order

Data type: String

Order can be used to configure where in squid.confthis configuration section should occur.

Default value: '05'

squid::ssl_bump

Defines ssl_bump entries for a squid server.

Examples

squid::ssl_bump { 'all':
  action => 'bump',
}

Adds a squid.conf line
ssl_bump bump all

Parameters

The following parameters are available in the squid::ssl_bump defined type:

title

The name of acl the ssl_bump rule is applied to

action

Data type: Squid::Action::SslBump

The type of the ssl_bump, must be defined, e.g bump, peek, ..

Default value: 'bump'

order

Data type: String

Order can be used to configure where in squid.confthis configuration section should occur.

Default value: '05'

value

Data type: String

Default value: $title

squid::sslproxy_cert_error

Defines sslproxy_cert_error entries for a squid server.

Examples

squid::sslproxy_cert_error { 'all':
  action => 'allow',
}

Adds a squid.conf line
sslproxy_cert_error allow all

Parameters

The following parameters are available in the squid::sslproxy_cert_error defined type:

value

Data type: String

Defaults to the namevar the rule to allow or deny.

Default value: $title

action

Data type: Enum['allow', 'deny']

Must be deny or allow. By default it is allow. The squid.conf file is ordered so by default all allows appear before all denys. This can be overidden with the order parameter.

Default value: 'allow'

order

Data type: String

Order can be used to configure where in squid.confthis configuration section should occur.

Default value: '05'

Data types

Squid::Action::SslBump

Possible SSLBump options

Alias of Enum['bump', 'client-first', 'none', 'peek', 'peek-and-splice', 'server-first', 'splice', 'stare', 'terminate']

Squid::PkgEnsure

Custom type representing package status and/or version

Alias of Variant[Pattern[/^\d.*/], Enum['present', 'latest', 'absent', 'purged', 'held', 'installed']]

Squid::Size

Custom type containing the numeral value and the unit of messurement (Kilo- or Megabyte)

Alias of Pattern[/^\d+ [KM]B$/]