Skip to content

Enable auth to be configured for squid #718

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

Enable auth to be configured for squid #718

wants to merge 1 commit into from

Conversation

sjpb
Copy link
Collaborator

@sjpb sjpb commented Jun 24, 2025

  • Fixes an issue where http_access did not depend on defined ACLs for squid
  • Adds squid_auth_param to allow setting auth parameter configuration for squid

This allows configuration squid auth, e.g. for basic auth:

# environments/$ENV/inventory/group_vars/all/squid.yml:
squid_acls:
    - acl ncsa_users proxy_auth REQUIRED
squid_auth_param: |
    auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwords
    auth_param basic children 5
    auth_param basic credentialsttl 1 minute

See the squid docs for more information.

sjpb added a commit that referenced this pull request Jun 24, 2025
no-checks: true

# Please enter the commit message for your changes. Lines starting
# with '#' will be kept; you may remove them yourself if you want to.
# An empty message aborts the commit.
#
# Date:      Tue Jun 24 15:30:50 2025 +0000
#
# On branch feat/isolated-env-2
# Your branch is ahead of 'origin/feat/isolated-env-2' by 1 commit.
#   (use "git push" to publish your local commits)
#
# Changes to be committed:
#	modified:   ansible/roles/squid/README.md
#	modified:   ansible/roles/squid/defaults/main.yml
#	modified:   ansible/roles/squid/templates/squid.conf.j2
#
# Changes not staged for commit:
#	modified:   ansible/slurm.yml
#	modified:   environments/.stackhpc/hooks/pre.yml
#	modified:   environments/.stackhpc/inventory/group_vars/all/bastion.yml
#	modified:   environments/.stackhpc/tofu/SMS.tfvars
#	modified:   environments/.stackhpc/tofu/cluster_image.auto.tfvars.json
#	modified:   environments/.stackhpc/tofu/main.tf
#
# Untracked files:
#	NOTES-feat-isolated-env.md
#	NOTES.md
#	activate
#	ansible/image-pull.yml
#	ansible/roles/basic_users/filter_plugins/__pycache__/
#	environments/.stackhpc/SMS-steveb.pkrvars.hcl
#	environments/.stackhpc/inventory/group_vars/all/squid.yml.orig
#	environments/.stackhpc/inventory/group_vars/all/steveb_ark.yml
#	environments/.stackhpc/inventory/hosts.yml
#	environments/.stackhpc/inventory/network_groups
#	environments/.stackhpc/tofu/SMS-NO-GATEWAY.tfvars
#	environments/.stackhpc/tofu/cluster_name.auto.tfvars
#	packer/sms-build.sh
#
@sjpb sjpb changed the title Allow squid to be configured for squid Enable auth to be configured for squid Jun 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant