Handy to speedup your CI builds.
# create a directory for files cache
mkdir -p /var/yourproject/squid/spool
mkdir -p /etc/yourproject/squid/
# put config files here (attached below)
mkdir -p /etc/yourproject/squid/ssl_cert
cd /etc/yourproject/squid/ssl_cert
openssl req -new -newkey rsa:2048 -sha256 -days 365 -nodes \
-x509 -keyout privkey.pem -out ca.pem \
-subj '/CN=docker-proxy/O=NULL/C=AU'
chown proxy.proxy privkey.pem
chmod 600 privkey.pem
openssl x509 -in ca.pem -outform DER -out ca.der
docker run \
-d --restart=always \
--name caching_proxy \
-p 3128:3128 -p 3129:3129 \
--log-driver=syslog --log-opt syslog-facility=local5 -v /dev/log:/dev/log \
-v /etc/yourproject/squid/squid.conf:/etc/squid3/squid.user.conf:ro \
-v /etc/yourproject/squid/mime.conf:/etc/squid3/mime.user.conf:ro \
-v /etc/yourproject/squid/ssl_cert:/etc/squid3/ssl_cert \
-v /var/yourproject/squid/spool:/var/spool/squid3 \
--entrypoint=bash \
sameersbn/squid \
-c 'mkdir -p /usr/local/share/squid3 \
&& cat /usr/share/squid3/mime.conf > /usr/local/share/squid3/mime.conf \
&& cat /etc/squid3/mime.user.conf >> /usr/local/share/squid3/mime.conf \
&& cp /etc/squid3/ssl_cert/ca.* /usr/share/squid3/icons \
&& /sbin/entrypoint.sh'
Please note that you will end up with squid ports exposed! Though squid's ACL will prevent any non-localnet user, you must be sure that you want this. Better use all the fancy docker networks stuff - it will work perfectly here.
You should now be able to
http_proxy=http://localhost:3129 https_proxy=http://localhost:3129 wget --no-check-certificate -O- https://google.com 1>/dev/null
In order to make ssl happy again, download CA certificate from http://localhost:3128/squid-internal-static/icons/ca.pem
and add it to your trusted CAs chain.