iiab/roles/network/tasks/squid.yml

- name: "Install 2 packages: {{ proxy }}, cadaver"
  package:
    name:
      - "{{ proxy }}"
      - cadaver
    state: present
  tags:
    - download

- name: "Bigger hammer for Ubuntu, run: /etc/init.d/squid stop"
  command: /etc/init.d/squid stop
  when: is_ubuntu

- name: Stop Squid
  service:
    name: "{{ proxy }}"
    state: stopped
  when: not installing

- name: "Create the Squid user: {{ proxy_user }}"
  user:
    name: "{{ proxy_user }}"
    createhome: False
    shell: /bin/false

- name: "Install from template: /usr/bin/iiab-httpcache, /etc/sysconfig/squid, /etc/{{ proxy }}/sites.whitelist.txt and 3 .rules files"
  template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
    owner: "{{ item.owner }}"
    group: "{{ item.group }}"
    mode: "{{ item.mode }}"
  with_items:
    - src: 'roles/network/templates/squid/squid.sysconfig'
      dest: '/etc/sysconfig/squid'
      owner: 'root'
      group: 'root'
      mode: '0755'
    - src: 'roles/network/templates/squid/sites.whitelist.txt'
      dest: '/etc/{{ proxy }}/sites.whitelist.txt'
      owner: '{{ proxy_user }}'
      group: '{{ proxy_user }}'
      mode: '0644'
    - src: 'roles/network/templates/squid/allowregex.rules'
      dest: '/etc/{{ proxy }}/allowregex.rules'
      owner: '{{ proxy_user }}'
      group: '{{ proxy_user }}'
      mode: '0644'
    - src: 'roles/network/templates/squid/denyregex.rules'
      dest: '/etc/{{ proxy }}/denyregex.rules'
      owner: '{{ proxy_user }}'
      group: '{{ proxy_user }}'
      mode: '0644'
    - src: 'roles/network/templates/squid/dstaddress.rules'
      dest: '/etc/{{ proxy }}/dstaddress.rules'
      owner: '{{ proxy_user }}'
      group: '{{ proxy_user }}'
      mode: '0644'
    - src: 'roles/network/templates/squid/iiab-httpcache.j2'
      dest: '/usr/bin/iiab-httpcache'
      owner: 'root'
      group: 'root'
      mode: '0755'

- name: Create Squid directory /library/cache
  file:
    path: /library/cache
    owner: "{{ proxy_user }}"
    group: "{{ proxy_user }}"
    mode: 0750
    state: directory

- name: Create Squid directory /var/log/{{ proxy }}
  file:
    path: "/var/log/{{ proxy }}"
    owner: "{{ proxy_user }}"
    group: "{{ proxy_user }}"
    mode: 0750
    state: directory

- include_tasks: roles/network/tasks/dansguardian.yml
  when: dansguardian_install

# {{ proxy }} is normally "squid", but is "squid3" on raspbian-8 & debian-8
- name: Add '{{ proxy }}' variable values to {{ iiab_ini_file }}
  ini_file:
    dest: "{{ iiab_ini_file }}"
    section: "{{ proxy }}"
    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
    - option: name
      value: Squid
    - option: description
      value: '"Squid caches web pages the first time they are accessed, and pulls them from the cache thereafter."'
    - option: enabled
      value: "{{ squid_enabled }}"

- name: Add 'dansguardian' variable values to {{ iiab_ini_file }}
  ini_file:
    dest: "{{ iiab_ini_file }}"
    section: dansguardian
    option: "{{ item.option }}"
    value: "{{ item.value }}"
  with_items:
    - option: name
      value: DansGuardian
    - option: description
      value: '"DansGuardian searches web content for objectionable references and denies access when found."'
    - option: enabled
      value: "{{ dansguardian_enabled }}"
Update squid.yml 2018-10-31 17:51:10 +00:00			`- name: "Install 2 packages: {{ proxy }}, cadaver"`
Update squid.yml 2017-12-08 10:47:21 +00:00			`package:`
Update squid.yml 2018-10-28 16:09:55 +00:00			`name:`
			`- "{{ proxy }}"`
			`- cadaver`
Update squid.yml 2017-12-08 10:47:21 +00:00			`state: present`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`tags:`
			`- download`

Update squid.yml 2018-10-31 17:51:10 +00:00			`- name: "Bigger hammer for Ubuntu, run: /etc/init.d/squid stop"`
Ubuntu - bigger hammer to stop squid on ubuntu with DG enabled 2017-11-03 00:33:33 +00:00			`command: /etc/init.d/squid stop`
			`when: is_ubuntu`

Ubuntu - stop squid before replacing the stock config files otherwise stock service does not stop with replacement files already in place 2017-11-02 21:56:31 +00:00			`- name: Stop Squid`
Update squid.yml 2017-12-08 10:47:21 +00:00			`service:`
			`name: "{{ proxy }}"`
			`state: stopped`
Ubuntu - stop squid before replacing the stock config files otherwise stock service does not stop with replacement files already in place 2017-11-02 21:56:31 +00:00			`when: not installing`

Update squid.yml 2018-10-31 17:51:10 +00:00			`- name: "Create the Squid user: {{ proxy_user }}"`
Update squid.yml 2017-12-08 10:47:21 +00:00			`user:`
			`name: "{{ proxy_user }}"`
			`createhome: False`
			`shell: /bin/false`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
Update squid.yml 2018-10-31 17:51:10 +00:00			`- name: "Install from template: /usr/bin/iiab-httpcache, /etc/sysconfig/squid, /etc/{{ proxy }}/sites.whitelist.txt and 3 .rules files"`
Update squid.yml 2017-12-08 10:47:21 +00:00			`template:`
			`src: "{{ item.src }}"`
			`dest: "{{ item.dest }}"`
			`owner: "{{ item.owner }}"`
			`group: "{{ item.group }}"`
			`mode: "{{ item.mode }}"`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`with_items:`
Update squid.yml 2017-12-08 11:18:55 +00:00			`- src: 'roles/network/templates/squid/squid.sysconfig'`
			`dest: '/etc/sysconfig/squid'`
			`owner: 'root'`
			`group: 'root'`
			`mode: '0755'`
			`- src: 'roles/network/templates/squid/sites.whitelist.txt'`
			`dest: '/etc/{{ proxy }}/sites.whitelist.txt'`
			`owner: '{{ proxy_user }}'`
			`group: '{{ proxy_user }}'`
			`mode: '0644'`
			`- src: 'roles/network/templates/squid/allowregex.rules'`
			`dest: '/etc/{{ proxy }}/allowregex.rules'`
			`owner: '{{ proxy_user }}'`
			`group: '{{ proxy_user }}'`
			`mode: '0644'`
			`- src: 'roles/network/templates/squid/denyregex.rules'`
			`dest: '/etc/{{ proxy }}/denyregex.rules'`
			`owner: '{{ proxy_user }}'`
			`group: '{{ proxy_user }}'`
			`mode: '0644'`
			`- src: 'roles/network/templates/squid/dstaddress.rules'`
			`dest: '/etc/{{ proxy }}/dstaddress.rules'`
			`owner: '{{ proxy_user }}'`
			`group: '{{ proxy_user }}'`
			`mode: '0644'`
			`- src: 'roles/network/templates/squid/iiab-httpcache.j2'`
			`dest: '/usr/bin/iiab-httpcache'`
			`owner: 'root'`
			`group: 'root'`
			`mode: '0755'`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
Update squid.yml 2018-10-31 00:51:21 +00:00			`- name: Create Squid directory /library/cache`
Update squid.yml 2017-12-08 10:47:21 +00:00			`file:`
			`path: /library/cache`
			`owner: "{{ proxy_user }}"`
			`group: "{{ proxy_user }}"`
			`mode: 0750`
			`state: directory`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
Update squid.yml 2018-10-31 00:51:21 +00:00			`- name: Create Squid directory /var/log/{{ proxy }}`
Update squid.yml 2017-12-08 10:47:21 +00:00			`file:`
			`path: "/var/log/{{ proxy }}"`
			`owner: "{{ proxy_user }}"`
			`group: "{{ proxy_user }}"`
			`mode: 0750`
			`state: directory`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
move network package install - double check after rebase 2017-10-31 09:10:46 +00:00			`- include_tasks: roles/network/tasks/dansguardian.yml`
make DG and squid respect *_install and default dansguardian_install to False 2017-08-09 05:29:40 +00:00			`when: dansguardian_install`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00
Update squid.yml 2017-12-08 11:08:14 +00:00			`# {{ proxy }} is normally "squid", but is "squid3" on raspbian-8 & debian-8`
Update squid.yml 2018-10-31 00:51:21 +00:00			`- name: Add '{{ proxy }}' variable values to {{ iiab_ini_file }}`
Update squid.yml 2017-12-08 10:47:21 +00:00			`ini_file:`
service_filelist -> iiab_ini_file 2018-10-15 10:13:57 +00:00			`dest: "{{ iiab_ini_file }}"`
Update squid.yml 2017-12-08 11:08:14 +00:00			`section: "{{ proxy }}"`
Update squid.yml 2017-12-08 10:47:21 +00:00			`option: "{{ item.option }}"`
			`value: "{{ item.value }}"`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`with_items:`
			`- option: name`
Update squid.yml 2017-12-08 10:47:21 +00:00			`value: Squid`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`- option: description`
bringing all pkg descriptions into same format 2017-11-13 19:25:06 +00:00			`value: '"Squid caches web pages the first time they are accessed, and pulls them from the cache thereafter."'`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`- option: enabled`
			`value: "{{ squid_enabled }}"`

/etc/iiab/iiab.ini -> {{ iiab_ini_file }} 2018-10-15 11:01:09 +00:00			`- name: Add 'dansguardian' variable values to {{ iiab_ini_file }}`
Update squid.yml 2017-12-08 10:47:21 +00:00			`ini_file:`
service_filelist -> iiab_ini_file 2018-10-15 10:13:57 +00:00			`dest: "{{ iiab_ini_file }}"`
Update squid.yml 2017-12-08 10:47:21 +00:00			`section: dansguardian`
			`option: "{{ item.option }}"`
			`value: "{{ item.value }}"`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`with_items:`
			`- option: name`
Update squid.yml 2017-12-08 10:47:21 +00:00			`value: DansGuardian`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`- option: description`
obectionable -> objectionable 2017-11-02 05:20:13 +00:00			`value: '"DansGuardian searches web content for objectionable references and denies access when found."'`
initial checkin -- May 27, 2017 2017-05-27 18:09:50 +00:00			`- option: enabled`
			`value: "{{ dansguardian_enabled }}"`