You've already forked fedora-repo-proxy-cache
Add current version.
This commit is contained in:
17
docker-compose.yml
Normal file
17
docker-compose.yml
Normal file
@@ -0,0 +1,17 @@
|
|||||||
|
version: '3'
|
||||||
|
services:
|
||||||
|
squid:
|
||||||
|
image: ubuntu/squid:latest
|
||||||
|
environment:
|
||||||
|
- TZ=Asia/Seoul
|
||||||
|
volumes:
|
||||||
|
- ./squid.conf:/etc/squid/squid.conf
|
||||||
|
- squid-logs:/var/log/squid
|
||||||
|
- squid-data:/var/spool/squid
|
||||||
|
ports:
|
||||||
|
- 8888:8888
|
||||||
|
restart: unless-stopped
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
squid-data:
|
||||||
|
squid-logs:
|
||||||
77
squid.conf
Normal file
77
squid.conf
Normal file
@@ -0,0 +1,77 @@
|
|||||||
|
# squid.conf
|
||||||
|
# Cache Proxy for use with Fedora RPM/Yum Mirrors
|
||||||
|
#
|
||||||
|
|
||||||
|
http_port 8888 # This should match the port you're exposing via docker-compose.yml
|
||||||
|
|
||||||
|
announce_host your.domain-or-host-name.tld
|
||||||
|
visible_hostname your.domain-or-host-name.tld
|
||||||
|
|
||||||
|
dns_nameservers 10.0.0.2 # Optional: Only if you want to set a specific DNS server
|
||||||
|
|
||||||
|
cache_mem 400 MB
|
||||||
|
maximum_object_size 200 MB
|
||||||
|
maximum_object_size_in_memory 1024 KB
|
||||||
|
|
||||||
|
access_log stdio:/var/log/squid/access.log squid
|
||||||
|
|
||||||
|
# Configured to use a maximum of 15GB storage space
|
||||||
|
cache_dir ufs /var/spool/squid 15000 16 256
|
||||||
|
|
||||||
|
# Average object size, used to estimate number of objects your
|
||||||
|
# cache can hold. The default is 13 KB.
|
||||||
|
store_avg_object_size 817 KB
|
||||||
|
|
||||||
|
# We want to keep the largest objects around longer, and just download the smaller objects if we can.
|
||||||
|
cache_replacement_policy heap LFUDA
|
||||||
|
memory_replacement_policy heap GDSF
|
||||||
|
|
||||||
|
# Cache repodata at least 30 minutes and then query parent whether it is fresh
|
||||||
|
refresh_pattern \/repodata/.*$ 30 1% 1440 ignore-no-cache ignore-reload reload-into-ims
|
||||||
|
|
||||||
|
# RPMs will hardly ever change, force to cache them for a long time.
|
||||||
|
refresh_pattern \.rpm$ 10080 100% 525960 override-expire override-lastmod ignore-reload reload-into-ims
|
||||||
|
|
||||||
|
# Everything else
|
||||||
|
refresh_pattern . 0 100% 525960
|
||||||
|
|
||||||
|
# Only allow requests from the local network
|
||||||
|
acl localnet src 0.0.0.1-0.255.255.255
|
||||||
|
acl localnet src 172.24.0.0/8 # Make sure you adjust these to whatever your local network IP ranges are
|
||||||
|
acl localnet src 192.168.0.0/8
|
||||||
|
|
||||||
|
# Only allow requests to the ports we specified.
|
||||||
|
acl SSL_ports port 443
|
||||||
|
acl Safe_ports port 80 # http
|
||||||
|
acl Safe_ports port 443 # https
|
||||||
|
acl Safe_ports port 8888 # Custom port you've exposed (see docker-compose.yml)
|
||||||
|
|
||||||
|
# Allow SSL requests to pass through.
|
||||||
|
acl CONNECT method CONNECT
|
||||||
|
|
||||||
|
http_access deny !Safe_ports
|
||||||
|
http_access deny CONNECT !SSL_ports
|
||||||
|
http_access allow localhost manager
|
||||||
|
http_access deny manager
|
||||||
|
http_access allow localhost
|
||||||
|
http_access allow localnet
|
||||||
|
http_access deny all
|
||||||
|
icp_access allow all
|
||||||
|
miss_access allow all
|
||||||
|
|
||||||
|
# if transport is canceled, finish downloading anyway
|
||||||
|
quick_abort_pct -1
|
||||||
|
quick_abort_min -1 KB
|
||||||
|
|
||||||
|
# when range is required, download the whole file anyway
|
||||||
|
# when we request rpm header, we will nearly always get
|
||||||
|
# request for the rest of the file
|
||||||
|
range_offset_limit none
|
||||||
|
|
||||||
|
# we download only from 1 server, default is 1024
|
||||||
|
# which is too much for us
|
||||||
|
fqdncache_size 4
|
||||||
|
|
||||||
|
# Specify the user cache files should be owned by
|
||||||
|
cache_effective_user proxy
|
||||||
|
#cache_effective_group proxy
|
||||||
Reference in New Issue
Block a user