-
Notifications
You must be signed in to change notification settings - Fork 1
/
squid.conf
65 lines (50 loc) · 2.11 KB
/
squid.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# user
cache_effective_user proxy
cache_effective_group proxy
# listening port
http_port 18080
# user visible name
visible_hostname packages-manager-cache-proxy
# we need a big cache, some debs/rpms are huge
maximum_object_size 2 GB
# use a different dir than stock squid and default to 40G
cache_dir aufs /var/cache/squid 40000 16 256
# log files
cache_log /var/log/squid/cache.log
access_log daemon:/var/log/squid/access.log squid
cache_store_log daemon:/var/log/squid/store.log
# tweaks to speed things up
cache_mem 256 MB
maximum_object_size_in_memory 10240 KB
# pid
pid_filename /var/run/squid.pid
# refresh pattern for debs and udebs
refresh_pattern deb$ 129600 100% 129600
refresh_pattern udeb$ 129600 100% 129600
refresh_pattern tar.gz$ 129600 100% 129600
refresh_pattern tar.xz$ 129600 100% 129600
refresh_pattern tar.bz2$ 129600 100% 129600
# always refresh Packages and Release files
refresh_pattern \/(Packages|Sources)(|\.bz2|\.gz|\.xz)$ 0 100% 1440 refresh-ims
refresh_pattern \/Release(|\.gpg)$ 0 100% 1440 refresh-ims
refresh_pattern \/InRelease$ 0 100% 1440 refresh-ims
refresh_pattern \/(Translation-.*)(|\.bz2|\.gz|\.xz)$ 0 100% 1440 refresh-ims
# refresh pattern for RPMs
refresh_pattern \.rpm$ 129600 100% 129600
refresh_pattern \.srpm$ 129600 100% 129600
refresh_pattern \.drpm$ 129600 100% 129600
# always refresh Packages and Release files
refresh_pattern \/x86_64\/.*\.xml$ 0 100% 1440 refresh-ims
refresh_pattern \/x86_64\/.*\.sqlite\.bz2$ 0 100% 1440 refresh-ims
refresh_pattern \/x86_64\/.*\.xml\.gz$ 0 100% 1440 refresh-ims
# only allow connects to specific ports
acl Safe_ports port 80 # HTTP server
acl Safe_ports port 443 # HTTPS server
acl Safe_ports port 11371 # OpenPGP HTTP Keyserver
# only allow ports we trust
http_access deny !Safe_ports
# we don't want to clash with the squid3 netdb state file
netdb_filename stdio:/var/log/squid/netdb.state
# StoreID helper to avoid cache missies when hit multiple repository mirrors
store_id_program /etc/squid/storeid-wrapper
store_id_children 40 startup=10 idle=5 concurrency=0