mirror of
https://github.com/b4tman/docker-squid.git
synced 2024-10-22 14:05:07 +00:00
Compare commits
57 Commits
3895aba33e
...
750d725031
| Author | SHA1 | Date | |
|---|---|---|---|
750d725031
|
|||
| 494e411d43 | |||
|
d91a5600a9 | ||
|
|
8781714110 | ||
|
|
083adc0c03 | ||
| a1580af18a | |||
|
244937d517 | ||
|
4af565e3ae
|
|||
|
e4ff285091
|
|||
|
00f78a3728
|
|||
|
f8b9da006c
|
|||
|
0db0d2b19d
|
|||
|
|
23eacf4e57 | ||
| 0eeb0d164a | |||
|
|
729ca2fafa | ||
| 62546a8254 | |||
|
|
ae76d1174d | ||
|
|
9433d48c4f | ||
|
|
9e91e64ef6 | ||
|
|
1cc9b312f0 | ||
|
|
d54e44e377 | ||
| 9740438244 | |||
|
|
b57acfb9a4 | ||
|
|
bec4084981 | ||
|
|
c2e70b044d | ||
|
|
fcfa3b1c54 | ||
|
|
711d7a9857 | ||
|
|
68366aee74 | ||
| 12bcc8b563 | |||
| 551440b10b | |||
| 363e8fc3b3 | |||
|
|
70328d9317 | ||
|
|
4f4a317dd1 | ||
|
|
1a73d68725 | ||
|
|
3c252eeefc | ||
|
|
adaca5c8f6 | ||
|
|
7c96578aba | ||
|
|
18a19cf903 | ||
|
|
e80cef4c10 | ||
|
|
028f616481 | ||
| cdc5ff74b5 | |||
| d745475ec5 | |||
|
|
330ade1664 | ||
|
|
19a48fb8cb | ||
|
|
ae6037f2d7 | ||
|
2f0d4d2f76
|
|||
| 0fd6d1f258 | |||
| 178974b0df | |||
| 2eea5bc28f | |||
| 2ba626f10a | |||
|
|
f9e3532674 | ||
|
|
79c4b13210 | ||
| b1a8f65fe3 | |||
| 02094e50e2 | |||
| 411b922800 | |||
|
|
92cf56c414 | ||
| 029f8e55aa |
69
.github/workflows/dockerimage.yml
vendored
69
.github/workflows/dockerimage.yml
vendored
@ -5,6 +5,7 @@ on:
|
||||
# Publish `master` as Docker `latest` image.
|
||||
branches:
|
||||
- master
|
||||
- v5
|
||||
|
||||
# Publish `v1.2.3` tags as releases.
|
||||
tags:
|
||||
@ -15,27 +16,30 @@ on:
|
||||
branches:
|
||||
- "master"
|
||||
|
||||
env:
|
||||
TEST_TAG: b4tman/squid:test
|
||||
|
||||
jobs:
|
||||
test:
|
||||
runs-on: ubuntu-20.04
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v1
|
||||
uses: docker/setup-qemu-action@v2
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v1
|
||||
uses: docker/setup-buildx-action@v2
|
||||
|
||||
- name: Login to DockerHub
|
||||
if: github.event_name != 'pull_request'
|
||||
uses: docker/login-action@v1
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: b4tman
|
||||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||
|
||||
- name: Cache Docker layers
|
||||
uses: actions/cache@v2
|
||||
uses: actions/cache@v3.3.1
|
||||
with:
|
||||
path: /tmp/.buildx-cache
|
||||
key: ${{ runner.os }}-buildx-${{ github.sha }}
|
||||
@ -43,14 +47,14 @@ jobs:
|
||||
${{ runner.os }}-buildx-
|
||||
|
||||
- name: Build squid image
|
||||
uses: docker/build-push-action@v2
|
||||
uses: docker/build-push-action@v4
|
||||
with:
|
||||
context: .
|
||||
push: false
|
||||
tags: b4tman/squid
|
||||
load: true # automatically load the single-platform build result to docker images
|
||||
tags: ${{ env.TEST_TAG }}
|
||||
cache-from: type=local,src=/tmp/.buildx-cache
|
||||
cache-to: type=local,dest=/tmp/.buildx-cache-new
|
||||
outputs: type=image,name=b4tman/squid,push=false
|
||||
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
|
||||
|
||||
# Temp fix
|
||||
# https://github.com/docker/build-push-action/issues/252
|
||||
@ -61,36 +65,23 @@ jobs:
|
||||
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
|
||||
|
||||
- name: Test image
|
||||
run: docker-compose -f docker-compose.test.yml up sut
|
||||
run: docker compose -f docker-compose.test.yml up --pull never sut
|
||||
|
||||
- name: Build 'ssl-bump' image
|
||||
uses: docker/build-push-action@v2
|
||||
with:
|
||||
context: ssl-bump
|
||||
push: false
|
||||
file: ssl-bump/Dockerfile
|
||||
tags: b4tman/squid:ssl-bump
|
||||
cache-from: type=local,src=/tmp/.buildx-cache
|
||||
cache-to: type=local,dest=/tmp/.buildx-cache-new
|
||||
|
||||
# Temp fix
|
||||
# https://github.com/docker/build-push-action/issues/252
|
||||
# https://github.com/moby/buildkit/issues/1896
|
||||
- name: Move cache
|
||||
run: |
|
||||
rm -rf /tmp/.buildx-cache
|
||||
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
|
||||
sed -i "s%FROM b4tman/squid%FROM $TEST_TAG%" ssl-bump/Dockerfile
|
||||
docker build ssl-bump
|
||||
|
||||
push:
|
||||
needs: test
|
||||
runs-on: ubuntu-20.04
|
||||
if: github.event_name != 'pull_request'
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v3
|
||||
|
||||
- name: Docker meta
|
||||
id: meta
|
||||
uses: docker/metadata-action@v3
|
||||
uses: docker/metadata-action@v4
|
||||
with:
|
||||
images: |
|
||||
b4tman/squid
|
||||
@ -104,7 +95,7 @@ jobs:
|
||||
|
||||
- name: Docker meta (ssl-bump)
|
||||
id: meta_ssl_bump
|
||||
uses: docker/metadata-action@v3
|
||||
uses: docker/metadata-action@v4
|
||||
with:
|
||||
images: |
|
||||
b4tman/squid
|
||||
@ -119,7 +110,7 @@ jobs:
|
||||
|
||||
- name: Docker meta (ssl-bump ghcr)
|
||||
id: meta_ssl_bump_ghcr
|
||||
uses: docker/metadata-action@v3
|
||||
uses: docker/metadata-action@v4
|
||||
with:
|
||||
images: |
|
||||
ghcr.io/b4tman/squid-ssl-bump
|
||||
@ -131,13 +122,13 @@ jobs:
|
||||
type=semver,pattern={{major}}.{{minor}}
|
||||
|
||||
- name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v1
|
||||
uses: docker/setup-qemu-action@v2
|
||||
|
||||
- name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v1
|
||||
uses: docker/setup-buildx-action@v2
|
||||
|
||||
- name: Cache Docker layers
|
||||
uses: actions/cache@v2
|
||||
uses: actions/cache@v3.3.1
|
||||
with:
|
||||
path: /tmp/.buildx-cache
|
||||
key: ${{ runner.os }}-buildx-${{ github.sha }}
|
||||
@ -145,20 +136,20 @@ jobs:
|
||||
${{ runner.os }}-buildx-
|
||||
|
||||
- name: Login to DockerHub
|
||||
uses: docker/login-action@v1
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
username: b4tman
|
||||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||
|
||||
- name: Login to GHCR
|
||||
uses: docker/login-action@v1
|
||||
uses: docker/login-action@v2
|
||||
with:
|
||||
registry: ghcr.io
|
||||
username: ${{ github.repository_owner }}
|
||||
password: ${{ secrets.CR_PAT }}
|
||||
|
||||
- name: Build squid image
|
||||
uses: docker/build-push-action@v2
|
||||
uses: docker/build-push-action@v4
|
||||
with:
|
||||
context: .
|
||||
push: true
|
||||
@ -166,7 +157,7 @@ jobs:
|
||||
tags: ${{ steps.meta.outputs.tags }}
|
||||
labels: ${{ steps.meta.outputs.labels }}
|
||||
cache-from: type=local,src=/tmp/.buildx-cache
|
||||
cache-to: type=local,dest=/tmp/.buildx-cache-new
|
||||
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
|
||||
|
||||
# Temp fix
|
||||
# https://github.com/docker/build-push-action/issues/252
|
||||
@ -177,7 +168,7 @@ jobs:
|
||||
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
|
||||
|
||||
- name: Build 'ssl-bump' image
|
||||
uses: docker/build-push-action@v2
|
||||
uses: docker/build-push-action@v4
|
||||
with:
|
||||
context: ssl-bump
|
||||
push: true
|
||||
@ -197,7 +188,7 @@ jobs:
|
||||
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
|
||||
|
||||
- name: Build 'ssl-bump' image for ghcr
|
||||
uses: docker/build-push-action@v2
|
||||
uses: docker/build-push-action@v4
|
||||
with:
|
||||
context: ssl-bump
|
||||
push: true
|
||||
@ -206,7 +197,7 @@ jobs:
|
||||
tags: ${{ steps.meta_ssl_bump_ghcr.outputs.tags }}
|
||||
labels: ${{ steps.meta_ssl_bump_ghcr.outputs.labels }}
|
||||
cache-from: type=local,src=/tmp/.buildx-cache
|
||||
cache-to: type=local,dest=/tmp/.buildx-cache-new
|
||||
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
|
||||
|
||||
# Temp fix
|
||||
# https://github.com/docker/build-push-action/issues/252
|
||||
|
||||
28
.github/workflows/stale.yml
vendored
Normal file
28
.github/workflows/stale.yml
vendored
Normal file
@ -0,0 +1,28 @@
|
||||
# This workflow warns and then closes issues and PRs that have had no activity for a specified amount of time.
|
||||
#
|
||||
# You can adjust the behavior by modifying this file.
|
||||
# For more information, see:
|
||||
# https://github.com/actions/stale
|
||||
name: Mark stale issues and pull requests
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: '0 1 * * *'
|
||||
|
||||
jobs:
|
||||
stale:
|
||||
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
issues: write
|
||||
pull-requests: write
|
||||
|
||||
steps:
|
||||
- uses: actions/stale@v8
|
||||
with:
|
||||
days-before-stale: 182
|
||||
days-before-close: 7
|
||||
stale-issue-message: 'Marking stale due to inactivity. Remove stale label or comment or this will be closed in 7 days.'
|
||||
close-issue-message: 'Closing due to inactivity.'
|
||||
stale-pr-message: 'Marking stale due to inactivity. Remove stale label or comment or this will be closed in 7 days.'
|
||||
close-pr-message: 'Closing due to inactivity.'
|
||||
73
Dockerfile
73
Dockerfile
@ -1,11 +1,6 @@
|
||||
FROM alpine:3.14.0 as build
|
||||
FROM alpine:3.17.3 as build
|
||||
|
||||
ENV SQUID_VER 5.1
|
||||
|
||||
# fix conflict with libretls and libressl
|
||||
RUN set -x && \
|
||||
apk add --no-cache libretls && \
|
||||
apk upgrade --no-cache libretls
|
||||
ARG SQUID_VER=5.9
|
||||
|
||||
RUN set -x && \
|
||||
apk add --no-cache \
|
||||
@ -14,7 +9,8 @@ RUN set -x && \
|
||||
libc-dev \
|
||||
curl \
|
||||
gnupg \
|
||||
libressl-dev \
|
||||
openssl-dev \
|
||||
openssl-libs-static \
|
||||
perl-dev \
|
||||
autoconf \
|
||||
automake \
|
||||
@ -25,32 +21,33 @@ RUN set -x && \
|
||||
libcap-dev \
|
||||
linux-headers
|
||||
|
||||
WORKDIR /tmp/build
|
||||
|
||||
RUN set -x && \
|
||||
mkdir -p /tmp/build && \
|
||||
cd /tmp/build && \
|
||||
curl -SsL http://www.squid-cache.org/Versions/v${SQUID_VER%%.*}/squid-${SQUID_VER}.tar.gz -o squid-${SQUID_VER}.tar.gz && \
|
||||
curl -SsL http://www.squid-cache.org/Versions/v${SQUID_VER%%.*}/squid-${SQUID_VER}.tar.gz.asc -o squid-${SQUID_VER}.tar.gz.asc
|
||||
|
||||
COPY squid-keys.asc /tmp
|
||||
COPY squid-keys.asc /tmp/build
|
||||
|
||||
RUN set -x && \
|
||||
cd /tmp/build && \
|
||||
export GNUPGHOME="$(mktemp -d)" && \
|
||||
gpg --import /tmp/squid-keys.asc && \
|
||||
GNUPGHOME="$(mktemp -d)" && \
|
||||
export GNUPGHOME && \
|
||||
gpg --import squid-keys.asc && \
|
||||
gpg --batch --verify squid-${SQUID_VER}.tar.gz.asc squid-${SQUID_VER}.tar.gz && \
|
||||
rm -rf "$GNUPGHOME"
|
||||
|
||||
RUN set -x && \
|
||||
cd /tmp/build && \
|
||||
tar --strip 1 -xzf squid-${SQUID_VER}.tar.gz && \
|
||||
\
|
||||
MACHINE=$(uname -m) && \
|
||||
\
|
||||
CFLAGS="-g0 -O2" \
|
||||
CXXFLAGS="-g0 -O2" \
|
||||
LDFLAGS="-s" \
|
||||
\
|
||||
./configure \
|
||||
--build="$(uname -m)" \
|
||||
--host="$(uname -m)" \
|
||||
--build="$MACHINE" \
|
||||
--host="$MACHINE" \
|
||||
--prefix=/usr \
|
||||
--datadir=/usr/share/squid \
|
||||
--sysconfdir=/etc/squid \
|
||||
@ -61,7 +58,8 @@ RUN set -x && \
|
||||
--disable-arch-native \
|
||||
--enable-removal-policies="lru,heap" \
|
||||
--enable-auth-digest \
|
||||
--enable-auth-basic="getpwnam,NCSA" \
|
||||
--enable-auth-basic="getpwnam,NCSA,DB" \
|
||||
--enable-basic-auth-helpers="DB" \
|
||||
--enable-epoll \
|
||||
--enable-external-acl-helpers="file_userip,unix_group,wbinfo_group" \
|
||||
--enable-auth-ntlm="fake" \
|
||||
@ -95,22 +93,20 @@ RUN set -x && \
|
||||
--with-openssl \
|
||||
--with-pidfile=/var/run/squid/squid.pid
|
||||
|
||||
# fix build
|
||||
RUN set -x && \
|
||||
mkdir -p /tmp/build/tools/squidclient/tests && \
|
||||
mkdir -p /tmp/build/tools/tests
|
||||
|
||||
RUN set -x && \
|
||||
cd /tmp/build && \
|
||||
nproc=$(n=$(nproc) ; max_n=6 ; [ $n -le $max_n ] && echo $n || echo $max_n) && \
|
||||
nproc=$(n=$(nproc) ; max_n=6 ; echo $(( n <= max_n ? n : max_n )) ) && \
|
||||
make -j $nproc && \
|
||||
make install && \
|
||||
cd tools/squidclient && make && make install-strip
|
||||
make install
|
||||
|
||||
RUN sed -i '1s;^;include /etc/squid/conf.d/*.conf\n;' /etc/squid/squid.conf
|
||||
RUN echo 'include /etc/squid/conf.d.tail/*.conf' >> /etc/squid/squid.conf
|
||||
WORKDIR /tmp/build/tools/squidclient
|
||||
RUN make && make install-strip
|
||||
|
||||
FROM alpine:3.14.0
|
||||
RUN sed -i '1s;^;include /etc/squid/conf.d/*.conf\n;' /etc/squid/squid.conf && \
|
||||
echo 'include /etc/squid/conf.d.tail/*.conf' >> /etc/squid/squid.conf
|
||||
|
||||
# --- --- --- --- --- --- --- --- ---
|
||||
|
||||
FROM alpine:3.17.3
|
||||
|
||||
ENV SQUID_CONFIG_FILE /etc/squid/squid.conf
|
||||
ENV TZ Europe/Moscow
|
||||
@ -119,17 +115,10 @@ RUN set -x && \
|
||||
deluser squid 2>/dev/null; delgroup squid 2>/dev/null; \
|
||||
addgroup -S squid -g 3128 && adduser -S -u 3128 -G squid -g squid -H -D -s /bin/false -h /var/cache/squid squid
|
||||
|
||||
# fix conflict with libretls and libressl
|
||||
RUN set -x && \
|
||||
apk add --no-cache libretls && \
|
||||
apk upgrade --no-cache libretls
|
||||
|
||||
RUN apk add --no-cache \
|
||||
libstdc++ \
|
||||
heimdal-libs \
|
||||
libcap \
|
||||
libressl3.3-libcrypto \
|
||||
libressl3.3-libssl \
|
||||
libltdl
|
||||
|
||||
COPY --from=build /etc/squid/ /etc/squid/
|
||||
@ -138,17 +127,15 @@ COPY --from=build /usr/share/squid/ /usr/share/squid/
|
||||
COPY --from=build /usr/sbin/squid /usr/sbin/squid
|
||||
COPY --from=build /usr/bin/squidclient /usr/bin/squidclient
|
||||
|
||||
|
||||
RUN install -d -o squid -g squid \
|
||||
/var/cache/squid \
|
||||
/var/log/squid \
|
||||
/var/run/squid && \
|
||||
chmod +x /usr/lib/squid/*
|
||||
|
||||
RUN install -d -m 755 -o squid -g squid \
|
||||
chmod +x /usr/lib/squid/* && \
|
||||
install -d -m 755 -o squid -g squid \
|
||||
/etc/squid/conf.d \
|
||||
/etc/squid/conf.d.tail
|
||||
RUN touch /etc/squid/conf.d/placeholder.conf
|
||||
/etc/squid/conf.d.tail && \
|
||||
touch /etc/squid/conf.d/placeholder.conf
|
||||
COPY squid-log.conf /etc/squid/conf.d.tail/
|
||||
|
||||
RUN set -x && \
|
||||
|
||||
@ -1,5 +1,3 @@
|
||||
[](https://cloud.drone.io/b4tman/docker-squid)
|
||||
|
||||
|
||||
|
||||
# docker-squid
|
||||
|
||||
@ -1,10 +1,7 @@
|
||||
version: '2.3'
|
||||
services:
|
||||
proxy:
|
||||
image: squidproxy
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile
|
||||
image: "${TEST_TAG}"
|
||||
healthcheck:
|
||||
test: ["CMD", "sh", "-exc", "squidclient -T 3 mgr:info 2> /dev/null | grep -qF '200 OK'"]
|
||||
interval: 5s
|
||||
@ -12,9 +9,10 @@ services:
|
||||
retries: 5
|
||||
start_period: 1s
|
||||
sut:
|
||||
image: squidproxy
|
||||
image: "${TEST_TAG}"
|
||||
links:
|
||||
- proxy
|
||||
depends_on:
|
||||
- proxy
|
||||
command: sh -exc "sleep 10 && squidclient -h proxy -T 3 'https://postman-echo.com/get?squidtest=ok' 2> /dev/null | grep -qF '200 OK'"
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user