1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
|
# Overview
Squid is a high-performance proxy caching server for web clients, supporting
FTP, gopher, and HTTP data objects.
Squid version 3 is a major rewrite of Squid in C++ and introduces a number of
new features including ICAP and ESI support.
http://www.squid-cache.org/
# Usage
## General
This charm provides squid in a reverse proxy setup.
http://en.wikipedia.org/wiki/Reverse_proxy
The most common scenario is to accelerate a web service:
You run squid on your outside edge, forwarding queries to
one or multiple internal web application servers.
The charm can be deployed in a single or multi-unit setup.
To deploy a single unit:
juju deploy squid-reverseproxy
To add more units:
juju add-unit squid-reverseproxy
Example with apache:
juju deploy apache2
juju deploy squid-reverseproxy
juju add-relation apache2:website-cache squid-reverseproxy:cached-website
This will put squid in front of apache2.
Once deployed, you can ssh into the deployed service:
juju ssh <unit>
To list running units:
juju status
To start monitoring Squid using Nagios:
juju deploy nrpe-external-master
juju add-relation squid-reverseproxy nrpe-external-master
This charm requires the following relation settings from clients:
ip: service ip address
port: service port
sitenames: space-delimited list of virtual hosts to whitelist
The options that can be configured in config.yaml should be self-explanatory.
If not, please file a bug against this charm.
## HTTPS Reverse Proxying
Assuming you have a squid3 deb compiled with --enable-ssl, you can setup a
single https reverse proxy.
An example of this would be:
juju set squid-reverseproxy enable_https=true ssl_key="$(base64 < /path/to/cert.key)" ssl_cert="$(base64 < /path/to/cert.crt)"
This should enable https access to the default website.
A current implementation limitation is that it doesn't support multiple https vhosts.
## Monitoring
This charm provides relations that support monitoring via Nagios using
nrpe_external_master as a subordinate charm.
## Caveats
The example above is just for reference. In order to make it usable, you
will have to supply a proper virtual host configuration for apache2.
|