source "squid.conf.erb"
owner "root"
group "root"
- mode 0644
+ mode 0o644
end
template "/etc/default/squid" do
source "squid.erb"
owner "root"
group "root"
- mode 0644
+ mode 0o644
end
directory "/etc/squid/squid.conf.d" do
owner "root"
group "root"
- mode 0755
+ mode 0o755
+end
+
+systemd_service "squid" do
+ description "Squid caching proxy"
+ after ["network.target", "nss-lookup.target"]
+ limit_nofile 65536
+ environment "SQUID_ARGS" => "-D"
+ environment_file "/etc/default/squid"
+ exec_start_pre "/usr/sbin/squid $SQUID_ARGS -z"
+ exec_start "/usr/sbin/squid -N $SQUID_ARGS"
+ exec_reload "/usr/sbin/squid -k reconfigure"
+ exec_stop "/usr/sbin/squid -k shutdown"
+ private_tmp true
+ private_devices true
+ protect_system "full"
+ protect_home true
+ no_new_privileges true
+ restart "on-failure"
+ timeout_sec 0
end
service "squid" do
- if node[:lsb][:release].to_f >= 14.04
- provider Chef::Provider::Service::Upstart
- end
- action [ :enable, :start ]
- supports :status => true, :restart => true, :reload => true
+ action [:enable, :start]
+ subscribes :restart, "systemd_service[squid]"
subscribes :reload, "template[/etc/squid/squid.conf]"
subscribes :restart, "template[/etc/default/squid]"
subscribes :reload, "template[/etc/resolv.conf]"
end
+log "squid-restart" do
+ message "Restarting squid due to counter wraparound"
+ notifies :restart, "service[squid]"
+ only_if do
+ IO.popen(["squidclient", "--host=127.0.0.1", "--port=80", "mgr:counters"]) do |io|
+ io.each.grep(/^[a-z][a-z_.]+ = -[0-9]+$/).count > 0
+ end
+ end
+end
+
munin_plugin "squid_cache"
munin_plugin "squid_delay_pools"
+munin_plugin "squid_delay_pools_noreferer"
munin_plugin "squid_times"
munin_plugin "squid_icp"
munin_plugin "squid_objectsize"