summaryrefslogtreecommitdiff
path: root/data/templates/squid/squid.conf.tmpl
diff options
context:
space:
mode:
Diffstat (limited to 'data/templates/squid/squid.conf.tmpl')
-rw-r--r--data/templates/squid/squid.conf.tmpl111
1 files changed, 0 insertions, 111 deletions
diff --git a/data/templates/squid/squid.conf.tmpl b/data/templates/squid/squid.conf.tmpl
deleted file mode 100644
index e8627b022..000000000
--- a/data/templates/squid/squid.conf.tmpl
+++ /dev/null
@@ -1,111 +0,0 @@
-### generated by service_webproxy.py ###
-
-acl net src all
-acl SSL_ports port 443
-acl Safe_ports port 80 # http
-acl Safe_ports port 21 # ftp
-acl Safe_ports port 443 # https
-acl Safe_ports port 873 # rsync
-acl Safe_ports port 70 # gopher
-acl Safe_ports port 210 # wais
-acl Safe_ports port 1025-65535 # unregistered ports
-acl Safe_ports port 280 # http-mgmt
-acl Safe_ports port 488 # gss-http
-acl Safe_ports port 591 # filemaker
-acl Safe_ports port 777 # multiling http
-acl CONNECT method CONNECT
-
-{% if authentication is vyos_defined %}
-{% if authentication.children is vyos_defined %}
-auth_param basic children {{ authentication.children }}
-{% endif %}
-{% if authentication.credentials_ttl is vyos_defined %}
-auth_param basic credentialsttl {{ authentication.credentials_ttl }} minute
-{% endif %}
-{% if authentication.realm is vyos_defined %}
-auth_param basic realm "{{ authentication.realm }}"
-{% endif %}
-{# LDAP based Authentication #}
-{% if authentication.method is vyos_defined %}
-{% if authentication.ldap is vyos_defined and authentication.method is vyos_defined('ldap') %}
-auth_param basic program /usr/lib/squid/basic_ldap_auth -v {{ authentication.ldap.version }} -b "{{ authentication.ldap.base_dn }}" {{ '-D "' ~ authentication.ldap.bind_dn ~ '"' if authentication.ldap.bind_dn is vyos_defined }} {{ '-w "' ~ authentication.ldap.password ~ '"' if authentication.ldap.password is vyos_defined }} {{ '-f "' ~ authentication.ldap.filter_expression ~ '"' if authentication.ldap.filter_expression is vyos_defined }} {{ '-u "' ~ authentication.ldap.username_attribute ~ '"' if authentication.ldap.username_attribute is vyos_defined }} -p {{ authentication.ldap.port }} {{ '-ZZ' if authentication.ldap.use_ssl is vyos_defined }} -R -h "{{ authentication.ldap.server }}"
-{% endif %}
-acl auth proxy_auth REQUIRED
-http_access allow auth
-{% endif %}
-{% endif %}
-
-http_access allow manager localhost
-http_access deny manager
-http_access deny !Safe_ports
-http_access deny CONNECT !SSL_ports
-http_access allow localhost
-http_access allow net
-http_access deny all
-
-{% if reply_block_mime is vyos_defined %}
-{% for mime_type in reply_block_mime %}
-acl BLOCK_MIME rep_mime_type {{ mime_type }}
-{% endfor %}
-http_reply_access deny BLOCK_MIME
-{% endif %}
-
-{% if cache_size is vyos_defined %}
-{% if cache_size | int > 0 %}
-cache_dir ufs /var/spool/squid {{ cache_size }} 16 256
-{% else %}
-# disabling disk cache
-{% endif %}
-{% endif %}
-{% if mem_cache_size is vyos_defined %}
-cache_mem {{ mem_cache_size }} MB
-{% endif %}
-{% if disable_access_log is vyos_defined %}
-access_log none
-{% else %}
-access_log /var/log/squid/access.log squid
-{% endif %}
-
-{# by default we'll disable the store log #}
-cache_store_log none
-
-{% if append_domain is vyos_defined %}
-append_domain {{ append_domain }}
-{% endif %}
-{% if maximum_object_size is vyos_defined %}
-maximum_object_size {{ maximum_object_size }} KB
-{% endif %}
-{% if minimum_object_size is vyos_defined %}
-minimum_object_size {{ minimum_object_size }} KB
-{% endif %}
-{% if reply_body_max_size is vyos_defined %}
-reply_body_max_size {{ reply_body_max_size }} KB
-{% endif %}
-{% if outgoing_address is vyos_defined %}
-tcp_outgoing_address {{ outgoing_address }}
-{% endif %}
-
-
-{% if listen_address is vyos_defined %}
-{% for address, config in listen_address.items() %}
-http_port {{ address | bracketize_ipv6 }}:{{ config.port if config.port is vyos_defined else default_port }} {{ 'intercept' if config.disable_transparent is not vyos_defined }}
-{% endfor %}
-{% endif %}
-http_port 127.0.0.1:{{ default_port }}
-
-{# NOT insert the client address in X-Forwarded-For header #}
-forwarded_for off
-
-{# SquidGuard #}
-{% if url_filtering.disable is not vyos_defined and url_filtering.squidguard is vyos_defined %}
-url_rewrite_program /usr/bin/squidGuard -c {{ squidguard_conf }}
-url_rewrite_children 8
-url_rewrite_bypass on
-{% endif %}
-
-{% if cache_peer is vyos_defined %}
-{% for peer, config in cache_peer.items() %}
-cache_peer {{ config.address }} {{ config.type }} {{ config.http_port }} {{ config.icp_port }} {{ config.options }}
-{% endfor %}
-never_direct allow all
-{% endif %}