Skip to content

Instantly share code, notes, and snippets.

@paraita
Last active January 11, 2019 17:24
Show Gist options
  • Save paraita/82a9c1dd1c8a0d589e5ee5c0be6745bf to your computer and use it in GitHub Desktop.
Save paraita/82a9c1dd1c8a0d589e5ee5c0be6745bf to your computer and use it in GitHub Desktop.
Minimal squid config for http and https basic auth (considering minimum2scp/squid's dockerfile)
# #### pre-requisites ####
# I use the following Dockerfile for Squid:
# https://hub.docker.com/r/minimum2scp/squid/~/dockerfile/ to deploy the proxy
# Replace the existing /etc/squid/squid.conf with this file
# Create the users credentials with htpasswd (apt-get install apache2-utils)
# htpasswd [-c] /etc/squid/squidusers username
# -с is to create a new file, not to change the existing file
# Use the following command to test the user/pass:
# /usr/lib/squid3/basic_ncsa_auth /etc/squid/squidusers
# provide <user> <password> at the prompt, for example:
# paraita wrong_password
# ERR Wrong password
# paraita good_password
# OK
# Ctrl-D
# Make sure squid can read the credentials file:
# chmod o+r /etc/squid/squidusers
# tell Squid what tool to validate user provided credentials
auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/squidusers
# http/https proxy port
http_port 3128
# auth rule
acl onzelist proxy_auth REQUIRED
http_access allow onzelist
# deny https so it falls back to the auth rule
acl SSL_ports port 443
acl SSL_ports port 832
acl CONNECT method CONNECT
http_access deny CONNECT !SSL_ports
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment