mirror of
https://github.com/iiab/iiab.git
synced 2025-02-15 04:32:11 +00:00
111 lines
3 KiB
YAML
111 lines
3 KiB
YAML
- name: Install Squid packages
|
|
package:
|
|
name: "{{ item }}"
|
|
state: present
|
|
with_items:
|
|
- "{{ proxy }}"
|
|
- cadaver
|
|
tags:
|
|
- download
|
|
|
|
- name: Bigger hammer for Ubuntu
|
|
command: /etc/init.d/squid stop
|
|
when: is_ubuntu
|
|
|
|
- name: Stop Squid
|
|
service:
|
|
name: "{{ proxy }}"
|
|
state: stopped
|
|
when: not installing
|
|
|
|
- name: Create the Squid user
|
|
user:
|
|
name: "{{ proxy_user }}"
|
|
createhome: False
|
|
shell: /bin/false
|
|
|
|
- name: Copy init script and config file
|
|
template:
|
|
src: "{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
owner: "{{ item.owner }}"
|
|
group: "{{ item.group }}"
|
|
mode: "{{ item.mode }}"
|
|
with_items:
|
|
- src: roles/network/templates/squid/squid.sysconfig
|
|
dest: /etc/sysconfig/squid
|
|
owner: root
|
|
group: root
|
|
mode: 0755
|
|
- src: roles/network/templates/squid/sites.whitelist.txt
|
|
dest: "/etc/{{ proxy }}/sites.whitelist.txt"
|
|
owner: "{{ proxy_user }}"
|
|
group: "{{ proxy_user }}"
|
|
mode: 0644
|
|
- src: roles/network/templates/squid/allowregex.rules
|
|
dest: "/etc/{{ proxy }}/allowregex.rules"
|
|
owner: "{{ proxy_user }}"
|
|
group: "{{ proxy_user }}"
|
|
mode: 0644
|
|
- src: roles/network/templates/squid/denyregex.rules
|
|
dest: "/etc/{{ proxy }}/denyregex.rules"
|
|
owner: "{{ proxy_user }}"
|
|
group: "{{ proxy_user }}"
|
|
mode: 0644
|
|
- src: roles/network/templates/squid/dstaddress.rules
|
|
dest: "/etc/{{ proxy }}/dstaddress.rules"
|
|
owner: "{{ proxy_user }}"
|
|
group: "{{ proxy_user }}"
|
|
mode: 0644
|
|
- src: roles/network/templates/squid/iiab-httpcache.j2
|
|
dest: /usr/bin/iiab-httpcache
|
|
owner: root
|
|
group: root
|
|
mode: 0755
|
|
|
|
- name: Create Squid cache directory
|
|
file:
|
|
path: /library/cache
|
|
owner: "{{ proxy_user }}"
|
|
group: "{{ proxy_user }}"
|
|
mode: 0750
|
|
state: directory
|
|
|
|
- name: Create Squid log directory
|
|
file:
|
|
path: "/var/log/{{ proxy }}"
|
|
owner: "{{ proxy_user }}"
|
|
group: "{{ proxy_user }}"
|
|
mode: 0750
|
|
state: directory
|
|
|
|
- include_tasks: roles/network/tasks/dansguardian.yml
|
|
when: dansguardian_install
|
|
|
|
- name: Add 'squid' to list of services at /etc/iiab/iiab.ini
|
|
ini_file:
|
|
dest: "{{ service_filelist }}"
|
|
section: squid
|
|
option: "{{ item.option }}"
|
|
value: "{{ item.value }}"
|
|
with_items:
|
|
- option: name
|
|
value: Squid
|
|
- option: description
|
|
value: '"Squid caches web pages the first time they are accessed, and pulls them from the cache thereafter."'
|
|
- option: enabled
|
|
value: "{{ squid_enabled }}"
|
|
|
|
- name: Add 'dansguardian' to list of services at /etc/iiab/iiab.ini
|
|
ini_file:
|
|
dest: "{{ service_filelist }}"
|
|
section: dansguardian
|
|
option: "{{ item.option }}"
|
|
value: "{{ item.value }}"
|
|
with_items:
|
|
- option: name
|
|
value: DansGuardian
|
|
- option: description
|
|
value: '"DansGuardian searches web content for objectionable references and denies access when found."'
|
|
- option: enabled
|
|
value: "{{ dansguardian_enabled }}"
|