{"id":15227839,"url":"https://github.com/voxpupuli/puppet-squid","last_synced_at":"2025-04-06T04:16:03.556Z","repository":{"id":7073393,"uuid":"56130873","full_name":"voxpupuli/puppet-squid","owner":"voxpupuli","description":"Puppet module for configuration of squid caching proxy.","archived":false,"fork":false,"pushed_at":"2024-09-16T19:05:26.000Z","size":497,"stargazers_count":12,"open_issues_count":3,"forks_count":55,"subscribers_count":38,"default_branch":"master","last_synced_at":"2024-10-29T14:22:42.787Z","etag":null,"topics":["bsd-puppet-module","centos-puppet-module","debian-puppet-module","freebsd-puppet-module","hacktoberfest","linux-puppet-module","oraclelinux-puppet-module","puppet","redhat-puppet-module","scientific-puppet-module","ubuntu-puppet-module"],"latest_commit_sha":null,"homepage":"https://forge.puppet.com/puppet/squid","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/voxpupuli.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":".github/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"open_collective":"vox-pupuli","github":"voxpupuli"}},"created_at":"2016-04-13T07:33:31.000Z","updated_at":"2024-08-26T08:11:53.000Z","dependencies_parsed_at":"2024-01-07T06:08:21.651Z","dependency_job_id":"82173e4a-7054-472c-bd43-3269e9104ea3","html_url":"https://github.com/voxpupuli/puppet-squid","commit_stats":{"total_commits":280,"total_committers":49,"mean_commits":5.714285714285714,"dds":0.7285714285714286,"last_synced_commit":"2f28e60b45f8eb41905c4954a761271e83279bfc"},"previous_names":[],"tags_count":20,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/voxpupuli%2Fpuppet-squid","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/voxpupuli%2Fpuppet-squid/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/voxpupuli%2Fpuppet-squid/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/voxpupuli%2Fpuppet-squid/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/voxpupuli","download_url":"https://codeload.github.com/voxpupuli/puppet-squid/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247399844,"owners_count":20932875,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bsd-puppet-module","centos-puppet-module","debian-puppet-module","freebsd-puppet-module","hacktoberfest","linux-puppet-module","oraclelinux-puppet-module","puppet","redhat-puppet-module","scientific-puppet-module","ubuntu-puppet-module"],"created_at":"2024-09-28T23:06:22.470Z","updated_at":"2025-04-06T04:16:03.380Z","avatar_url":"https://github.com/voxpupuli.png","language":"Ruby","funding_links":["https://opencollective.com/vox-pupuli","https://github.com/sponsors/voxpupuli"],"categories":[],"sub_categories":[],"readme":"Puppet module for Squid\n=======================\n\n[![Build Status](https://travis-ci.org/voxpupuli/puppet-squid.png?branch=master)](https://travis-ci.org/voxpupuli/puppet-squid)\n[![Code Coverage](https://coveralls.io/repos/github/voxpupuli/puppet-squid/badge.svg?branch=master)](https://coveralls.io/github/voxpupuli/puppet-squid)\n[![Puppet Forge](https://img.shields.io/puppetforge/v/puppet/squid.svg)](https://forge.puppetlabs.com/puppet/squid)\n[![Puppet Forge - downloads](https://img.shields.io/puppetforge/dt/puppet/squid.svg)](https://forge.puppetlabs.com/puppet/squid)\n[![Puppet Forge - endorsement](https://img.shields.io/puppetforge/e/puppet/squid.svg)](https://forge.puppetlabs.com/puppet/squid)\n[![Puppet Forge - scores](https://img.shields.io/puppetforge/f/puppet/squid.svg)](https://forge.puppetlabs.com/puppet/squid)\n\nDescription\n-----------\n\nPuppet module for configuring the squid caching service.\n\nUsage\n-----\n\nThe set up a simple squid server with a cache to forward\nhttp port 80 requests.\n\n```puppet\nclass { 'squid': }\nsquid::acl { 'Safe_ports':\n  type    =\u003e port,\n  entries =\u003e ['80'],\n}\nsquid::http_access { 'Safe_ports':\n  action =\u003e allow,\n}\nsquid::http_access{ '!Safe_ports':\n  action =\u003e deny,\n}\n```\nThis module will set the SELINUX-context for the cache_dir and/or port, requires [puppet-selinux](https://github.com/voxpupuli/puppet-selinux)\n\n### Parameters for squid Class\nParameters to the squid class almost map 1 to 1 to squid.conf parameters themselves.\n\n* `ensure_service` The ensure value of the squid service, defaults to `running`.\n* `enable_service` The enable value of the squid service, defaults to `true`.\n* `config` Location of squid.conf file, defaults to `/etc/squid/squid.conf`.\n* `config_user` user which owns the config file, default depends on `$operatingsystem`\n* `config_group` group which owns the config file, default depends on `$operatingsystem`\n* `daemon_user` user which runs the squid daemon, this is used for ownership of the cache directory, default depends on `$operatingsystem`\n* `daemon_group` group which runs the squid daemon, this is used for ownership of the cache directory, default depends on `$operatingsystem`\n* `cache_mem` defaults to `256 MB`. [cache_mem docs](http://www.squid-cache.org/Doc/config/cache_mem/).\n* `cache_replacement_policy` defaults to undef. [cache_replacement_policy docs](http://www.squid-cache.org/Doc/config/cache_replacement_policy/).\n* `memory_replacement_policy` defaults to undef. [memory_replacement_policy docs](http://www.squid-cache.org/Doc/config/memory_replacement_policy/).\n* `memory_cache_shared` defaults to undef. [memory_cache_shared docs](http://www.squid-cache.org/Doc/config/memory_cache_shared/).\n* `maximum_object_size_in_memory` defaults to `512 KB`. [maximum_object_size_in_memory docs](http://www.squid-cache.org/Doc/config/maximum_object_size_in_memory/)\n\n* `url_rewrite_program` defaults to undef [url_rewrite_program_docs](http://www.squid-cache.org/Doc/config/url_rewrite_program/)\n* `url_rewrite_children` defaults to undef [url_rewrite_children_docs](http://www.squid-cache.org/Doc/config/url_rewrite_children/)\n* `url_rewrite_child_options` defaults to undef [url_rewrite_child_options_docs](http://www.squid-cache.org/Doc/config/url_rewrite_children/)\n* `access_log` defaults to `daemon:/var/logs/squid/access.log squid`. [access_log docs](http://www.squid-cache.org/Doc/config/access_log/)\n* `coredump_dir` defaults to undef. [coredump_dir docs](http://www.squid-cache.org/Doc/config/coredump_dir/).\n* `error_directory` defaults to undef. [error_directory](http://www.squid-cache.org/Doc/config/error_directory/).\n* `err_page_stylesheet` defaults to undef. [err_page_stylesheet](http://www.squid-cache.org/Doc/config/err_page_stylesheet/).\n* `package_name` name of the squid package to manage, default depends on `$operatingsystem`\n* `package_ensure` package status and/or version, default to present\n* `service_name` name of the squid service to manage, default depends on `$operatingsystem`\n* `max_filedescriptors` defaults to undef. [max_filedescriptors docs](http://www.squid-cache.org/Doc/config/max_filedescriptors/).\n* `workers` defaults to undef. [workers docs](http://www.squid-cache.org/Doc/config/workers/).\n* `snmp_incoming_address` defaults to undef. Can be set to an IP address to only listen for snmp requests on an individual interface. [snmp_incoming_address](http://www.squid-cache.org/Doc/config/snmp_incoming_address/).\n* `buffered_logs` defaults to undef. [buffered_logs docs](http://www.squid-cache.org/Doc/config/buffered_logs/).\n* `acls` defaults to undef. If you pass in a hash of acl entries, they will be defined automatically. [acl entries](http://www.squid-cache.org/Doc/config/acl/).\n* `visible_hostname` defaults to undef. [visible_hostname docs](http://www.squid-cache.org/Doc/config/visible_hostname/)\n* `via` defaults to undef. [via docs](http://www.squid-cache.org/Doc/config/via/)\n* `httpd_suppress_version_string` defaults to undef. [httpd_suppress_version_string docs](http://www.squid-cache.org/Doc/config/httpd_suppress_version_string/)\n* `forwarded_for` defaults to undef. supported values are \"on\", \"off\", \"transparent\", \"delete\", \"truncate\". [forwarded_for docs](http://www.squid-cache.org/Doc/config/forwarded_for/)\n* `http_access` defaults to undef. If you pass in a hash of http_access entries, they will be defined automatically. [http_access entries](http://www.squid-cache.org/Doc/config/http_access/).\n* `http_ports` defaults to undef. If you pass in a hash of http_port entries, they will be defined automatically. [http_port entries](http://www.squid-cache.org/Doc/config/http_port/).\n* `https_ports` defaults to undef. If you pass in a hash of https_port entries, they will be defined automatically. [https_port entries](http://www.squid-cache.org/Doc/config/https_port/).\n* `icp_access` defaults to undef. If you pass in a hash of icp_access entries, they will be defined automatically. [icp_access entries](http://www.squid-cache.org/Doc/config/icp_access/).\n* `logformat` defaults to undef. If you pass in a String (or Array of Strings), they will be defined automatically. [logformat entries](http://www.squid-cache.org/Doc/config/logformat/).\n* `refresh_patterns` defaults to undef.  If you pass a hash of refresh_pattern entires, they will be defined automatically. [refresh_pattern entries](http://www.squid-cache.org/Doc/config/refresh_pattern/).\n* `snmp_ports` defaults to undef. If you pass in a hash of snmp_port entries, they will be defined automatically. [snmp_port entries](http://www.squid-cache.org/Doc/config/snmp_port/).\n* `send_hit` defaults to undef. If you pass in a hash of send_hit entries, they will be defined automatically. [send_hit entries](http://www.squid-cache.org/Doc/config/send_hit/).\n* `cache_dirs` defaults to undef. If you pass in a hash of cache_dir entries, they will be defined automatically. [cache_dir entries](http://www.squid-cache.org/Doc/config/cache_dir/).\n* `ssl_bump` defaults to undef. If you pass in a hash of ssl_bump entries, they will be defined automatically. [ssl_bump entries](http://www.squid-cache.org/Doc/config/ssl_bump/).\n* `sslproxy_cert_error` defaults to undef. If you pass in a hash of sslproxy_cert_error entries, they will be defined automatically. [sslproxy_cert_error entries](http://www.squid-cache.org/Doc/config/sslproxy_cert_error/).\n* `extra_config_sections` defaults to empty hash. If you pass in a hash of `extra_config_section` resources, they will be defined automatically.\n* `service_restart` defaults to undef. Overrides service resource restart command to be executed. It can be used to perform a soft reload of the squid service.\n* `squid_bin_path` path to the squid binary, default depends on `$operatingsystem`\n\n```puppet\nclass { 'squid':\n  cache_mem    =\u003e '512 MB',\n  workers      =\u003e 3,\n  coredump_dir =\u003e '/var/spool/squid',\n}\n```\n\n```puppet\nclass { 'squid':\n  cache_mem                 =\u003e '512 MB',\n  workers                   =\u003e 3,\n  coredump_dir              =\u003e '/var/spool/squid',\n  acls                      =\u003e { 'remote_urls' =\u003e {\n                                   type    =\u003e 'url_regex',\n                                   entries =\u003e ['http://example.org/path',\n                                               'http://example.com/anotherpath'],\n                                 },\n                               },\n  http_access               =\u003e { 'our_networks hosts' =\u003e { action =\u003e 'allow', }},\n  http_ports                =\u003e { '10000' =\u003e { options =\u003e 'accel vhost', }},\n  snmp_ports                =\u003e { '1000' =\u003e { process_number =\u003e 3, }},\n  cache_dirs                =\u003e { '/data/' =\u003e { type =\u003e 'ufs', options =\u003e '15000 32 256 min-size=32769', process_number =\u003e 2 }},\n  url_rewrite_program       =\u003e '/usr/bin/squidguard -c /etc/squidguard/squidguard.conf',\n  url_rewrite_children      =\u003e 12,\n  url_rewrite_child_options =\u003e startup=1,\n}\n```\n\nThe acls, http_access, http_ports, snmp_port, cache_dirs lines above are equivalent to their examples below.\n\n### Defined Type squid::acl\nDefines [acl entries](http://www.squid-cache.org/Doc/config/acl/) for a squid server.\n\n```puppet\nsquid::acl { 'remote_urls':\n   type    =\u003e 'url_regex',\n   entries =\u003e ['http://example.org/path',\n               'http://example.com/anotherpath'],\n}\n```\n\nwould result in a multi entry squid acl\n\n```\nacl remote_urls url_regex http://example.org/path\nacl remote_urls url_regex http://example.com/anotherpath\n```\n\nThese may be defined as a hash passed to squid\n\n#### Parameters for  Type squid::acl\n* `type` The acltype of the acl, must be defined, e.g url_regex, urlpath_regex, port, ..\n* `aclname` The name of acl, defaults to the `title`.\n* `entries` An array of acl entries, multiple members results in multiple lines in squid.conf.\n* `order` Each ACL has an order `05` by default this can be specified if order of ACL definition matters.\n\n### Defined Type squid::cache\\_dir\nDefines [cache_dir entries](http://www.squid-cache.org/Doc/config/cache_dir/) for a squid server.\n\n```puppet\nsquid::cache_dir { '/data':\n  type           =\u003e 'ufs',\n  options        =\u003e '15000 32 256 min-size=32769',\n  process_number =\u003e 2,\n}\n```\n\nResults in the squid configuration of\n\n```\nif ${processor} = 2\ncache_dir ufs 15000 32 256 min-size=32769\nendif\n```\n\n#### Parameters for Type squid::cache\\_dir\n* `type` the type of cache, e.g ufs. defaults to `ufs`.\n* `path` defaults to the namevar, file path to  cache.\n* `options` String of options for the cache. Defaults to empty string.\n* `process_number` if specfied as an integer the cache will be wrapped\n  in a `if $proceess_number` statement so the cache will be used by only\n  one process. Default is undef.\n* `manage_dir` Boolean value, if true puppet will attempt to create the\n  directory, if false you will have to create it yourself. Make sure the\n  directory has the correct owner, group and mode. Defaults to true.\n\n### Defined Type squid::cache\nDefines [cache entries](http://www.squid-cache.org/Doc/config/cache/) for a squid server.\n\n```puppet\nsquid::cache { 'our_network_hosts_acl':\n  action    =\u003e 'deny',\n  comment   =\u003e 'Our networks hosts are denied for caching',\n}\n```\n\nAdds a squid.conf line\n\n```\n# Our networks hosts denied for caching\ncache deny our_network_hosts_acl\n```\n\n### Defined Type squid::http\\_access\nDefines [http_access entries](http://www.squid-cache.org/Doc/config/http_access/) for a squid server.\n\n```puppet\nsquid::http_access { 'our_networks hosts':\n  action =\u003e 'allow',\n}\n```\n\nAdds a squid.conf line\n\n```\n# http_access fragment for out_networks hosts\nhttp_access allow our_networks hosts\n```\n\n```puppet\nsquid::http_access { 'our_networks hosts':\n  action    =\u003e 'allow',\n  comment   =\u003e 'Our networks hosts are allowed',\n}\n```\n\nAdds a squid.conf line\n\n```\n# Our networks hosts are allowed\nhttp_access allow our_networks hosts\n```\n\n### Define Type squid::send\\_hit\nDefines [send_hit](http://www.squid-cache.org/Doc/config/send_hit/) for a squid server.\n\n```puppet\nsquid:::send_hit{'PragmaNoCache':\n  action =\u003e 'deny',\n}\n```\n\nAdds a squid.conf line\n\n```\nsend_hit deny PragmaNoCache\n```\n\n#### Parameters for Type squid::send\\hit\n`value` defaults to the `namevar`. The rule to allow or deny.\n`action` must one of `deny` or `allow`\n`order` by default is 05.\n`comment` A comment to add to the configuration file.\n\n### Defined Type squid::snmp\\_access\nDefines [snmp_access entries](http://www.squid-cache.org/Doc/config/snmp_access/) for a squid server.\n\n```puppet\nsquid::snmp_access { 'monitoring hosts':\n  action =\u003e 'allow',\n}\n```\n\nAdds a squid.conf line\n\n```\n# snmp_access fragment for monitoring hosts\nsnmp_access allow monitoring hosts\n```\n\n```puppet\nsquid::snmp_access { 'monitoring hosts':\n  action    =\u003e 'allow',\n  comment   =\u003e 'Our monitoring hosts are allowed',\n}\n```\n\nAdds a squid.conf line\n\n```\n# Our monitoring hosts are allowed\nsnmp_access allow monitoring hosts\n```\n\nThese may be defined as a hash passed to squid\n\n### Defined Type squid::icp\\_access\nDefines [icp_access entries](http://www.squid-cache.org/Doc/config/icp_access/) for a squid server.\n\n```puppet\nsquid::icp_access { 'our_networks hosts':\n  action =\u003e 'allow',\n}\n```\n\nAdds a squid.conf line\n\n```\nicp_access allow our_networks hosts\n```\n\nThese may be defined as a hash passed to squid\n\n#### Parameters for Type squid::http\\_allow\n* `value` defaults to the `namevar` the rule to allow or deny.\n* `action` must be `deny` or `allow`. By default it is allow. The squid.conf file is ordered so by default\n   all allows appear before all denys. This can be overidden with the `order` parameter.\n* `order` by default is `05`\n\n### Defined Type Squid::Http\\_port\nDefines [http_port entries](http://www.squid-cache.org/Doc/config/http_port/) for a squid server.\nBy setting optional `ssl` parameter to `true` will create [https_port entries](http://www.squid-cache.org/Doc/config/https_port/) instead.\n\n```puppet\nsquid::http_port { '10000':\n  options =\u003e 'accel vhost'\n}\nsquid::http_port { '10001':\n  ssl     =\u003e true,\n  options =\u003e 'cert=/etc/squid/ssl_cert/server.cert key=/etc/squid/ssl_cert/server.key'\n}\nsquid::http_port { '127.0.0.1:3128':\n}\n```\n\nResults in a squid configuration of\n\n```\nhttp_port 10000 accel vhost\nhttps_port 10001 cert=/etc/squid/ssl_cert/server.cert key=/etc/squid/ssl_cert/server.key\nhttp_port 127.0.0.1:3128\n```\n\n#### Parameters for Type squid::http\\_port\n* The title/namevar may be in the form `port` or `host:port` to provide the below values. Otherwise,\n  specify `port` explicitly, and `host` if desired.\n* `port` defaults to the port of the namevar and is the port number to listen on.\n* `host` defaults to the host part of the namevar and is the interface to listen on. If not specified,\n  Squid listens on all interfaces.\n* `options` A string to specify any options for the default. By default and empty string.\n* `ssl` A boolean.  When set to `true` creates [https_port entries](http://www.squid-cache.org/Doc/config/https_port/).  Defaults to `false`.\n\n### Defined Type Squid::Https\\_port\nDefines [https_port entries](http://www.squid-cache.org/Doc/config/https_port/) for a squid server.\nAs an alternative to using the Squid::Http\\_port defined type with `ssl` set to `true`, you can use this type instead.  The result is the same. Internally this type uses Squid::Http\\_port to create the configuration entries.\n\n#### Parameters for Type squid::https\\_port\n* `port` defaults to the namevar and is the port number.\n* `options` A string to specify any options to add to the https_port line.  Defaults to an empty string.\n\n### Defined Type squid::url_rewrite_program\nDefines [url_rewrite_program](http://www.squid-cache.org/Doc/config/url_rewrite_program/) for a squid server.\n\n```puppet\nsquid::url_rewrite_program { '/usr/bin/squidGuard -c /etc/squidguard/squidGuard.conf':\n  children      =\u003e 8,\n  child_options =\u003e 'startup=0 idle=1 concurrency=0',\n}\n```\n\nwould result in the following squid url rewrite program\n\n```\nurl_rewrite_program /usr/bin/squidGuard -c /etc/squidguard/squidGuard.conf\nurl_rewrite_children 8 startup=0 idle=1 concurrency=0\n```\n\n### Defined Type squid::refresh_pattern\nDefines [refresh_pattern entries](http://www.squid-cache.org/Doc/config/refresh_pattern/) for a squid server.\n\n```puppet\nsquid::refresh_pattern { '^ftp:':\n  min     =\u003e 1440,\n  max     =\u003e 10080,\n  percent =\u003e 20,\n  order   =\u003e 60,\n}\n\nsquid::refresh_pattern { '(/cgi-bin/|\\?)':\n  case_sensitive =\u003e false,\n  min            =\u003e 0,\n  max            =\u003e 0,\n  percent        =\u003e 0,\n  order          =\u003e 61,\n}\n```\n\nwould result in the following squid refresh patterns\n\n```\n# refresh_pattern fragment for ^ftp\nrefresh_pattern ^ftp: 1440 20% 10080\n# refresh_pattern fragment for (/cgi-bin/|\\?)\nrefresh_pattern (/cgi-bin/|\\?) -i 0 0% 0\n```\n\nThese may be defined as a hash passed to squid\n\nYAML example:\n```\nsquid::refresh_patterns:\n  '^ftp':\n    max:     10080\n    min:     1440\n    percent: 20\n    order:   '60'\n  '^gopher':\n    max:     1440\n    min:     1440\n    percent: 0\n    order:   '61'\n  '(/cgi-bin/|\\?)':\n    case_sensitive: false\n    max:            0\n    min:            0\n    percent:        0\n    order:          '62'\n  '.':\n    max:     4320\n    min:     0\n    percent: 20\n    order:   '63'\n```\n\n#### Parameters for Type squid::refresh_pattern\n* `case_sensitive` Boolean value, if true (default) the regex is case sensitive, when false the case insensitive flag '-i' is added to the pattern\n* `comment` Comment added before refresh rule, defaults to refresh_pattern fragment for `title`\n* `min` Must be defined, the time (in minutes) an object without an explicit expiry time should be considered fresh.\n* `max` Must be defined, the upper limit (in minutes) on how long objects without an explicit expiry time will be considered fresh.\n* `percent` Must be defined, is a percentage of the objects age (time since last modification age)\n* `options` See squid documentation for available options.\n* `order` Each refresh_pattern has an order `05` by default this can be specified if order of refresh_pattern definition matters.\n\n### Defined Type Squid::Snmp\\_port\nDefines [snmp_port entries](http://www.squid-cache.org/Doc/config/snmp_port/) for a squid server.\n\n```puppet\nsquid::snmp_port { '1000':\n  process_number =\u003e 3\n}\n```\n\nResults in a squid configuration of\n\n```\nif ${process_number} = 3\nsnmp_port 1000\nendif\n```\n\n#### Parameters for Type squid::http\\_port\n* `port` defaults to the namevar and is the port number.\n* `options` A string to specify any options for the default. By default and empty string.\n* `process_number` If set to and integer the snmp\\_port is enabled only for\n   a particular squid thread. Defaults to undef.\n\n### Defined Type squid::auth\\_param\nDefines [auth_param entries](http://www.squid-cache.org/Doc/config/auth_param/) for a squid server.\n\n```puppet\nsquid::auth_param { 'basic auth_param':\n  scheme  =\u003e 'basic',\n  entries =\u003e [\n    'program /usr/lib64/squid/basic_ncsa_auth /etc/squid/.htpasswd',\n    'children 5',\n    'realm Squid Basic Authentication',\n    'credentialsttl 5 hours',\n  ],\n}\n```\n\nwould result in multi entry squid auth_param\n\n```\nauth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/.htpasswd\nauth_param basic children 5\nauth_param basic realm Squid Basic Authentication\nauth_param basic credentialsttl 5 hours\n```\n\nThese may be defined as a hash passed to squid\n\n#### Parameters for  Type squid::auth_param\n* `scheme` the scheme used for authentication must be defined\n* `entries` An array of entries, multiple members results in multiple lines in squid.conf\n* `order` by default is '40'\n\n### Defined Type squid::ssl\\_bump\nDefines [ssl_bump entries](http://www.squid-cache.org/Doc/config/ssl_bump/) for a squid server.\n\n```puppet\nsquid::ssl_bump { 'all':\n  action =\u003e 'bump',\n}\n```\n\nAdds a squid.conf line\n\n```\nssl_bump bump all\n```\n\nThese may be defined as a hash passed to squid\n\n#### Parameters for Type squid::ssl\\_bump\n* `value` The type of the ssl_bump, must be defined, e.g bump, peek, ..\n* `action` The name of acl, defaults to `bump`.\n* `order` by default is `05`\n\n### Defined Type squid::sslproxy\\_cert\\_error\nDefines [sslproxy_cert_error entries](http://www.squid-cache.org/Doc/config/sslproxy_cert_error/) for a squid server.\n\n```puppet\nsquid::sslproxy_cert_error { 'all':\n  action =\u003e 'allow',\n}\n```\n\nAdds a squid.conf line\n\n```\nsslproxy_cert_error allow all\n```\n\nThese may be defined as a hash passed to squid\n\n#### Parameters for Type squid::sslproxy\\_cert\\_error\n* `value` defaults to the `namevar` the rule to allow or deny.\n* `action` must be `deny` or `allow`. By default it is allow. The squid.conf file is ordered so by default\n   all allows appear before all denys. This can be overidden with the `order` parameter.\n* `order` by default is `05`\n\n### Defined Type squid::extra\\_config\\_section\nSquid has a large number of configuration directives.  Not all of these have been exposed individually in this module.  For those that haven't, the `extra_config_section` defined type can be used.\n\nUsing a hash of config_entries:\n\n```puppet\nsquid::extra_config_section { 'mail settings':\n  order          =\u003e '60',\n  config_entries =\u003e {\n    'mail_from'    =\u003e 'squid@example.com',\n    'mail_program' =\u003e 'mail',\n  },\n}\n```\n\nResults in a squid configuration of\n\n```\n# mail settings\nmail_from squid@example.com\nmail_program mail\n```\n\nUsing an array of config_entries:\n\n```puppet\nsquid::extra_config_section { 'ssl_bump settings':\n  order          =\u003e '60',\n  config_entries =\u003e {\n    'ssl_bump'         =\u003e ['server-first', 'all'],\n    'sslcrtd_program'  =\u003e ['/usr/lib64/squid/ssl_crtd', '-s', '/var/lib/ssl_db', '-M', '4MB'],\n    'sslcrtd_children' =\u003e ['8', 'startup=1', 'idle=1'],\n  }\n}\n```\n\nResults in a squid configuration of\n\n```\n# ssl_bump settings\nssl_bump server-first all\nsslcrtd_program /usr/lib64/squid/ssl_crtd -s /var/lib/ssl_db -M 4MB\nsslcrtd_children 8 startup=1 idle=1\n```\n\nUsing an array of hashes of config_entries:\n\n```puppet\nsquid::extra_config_section { 'always_directs':\n  order          =\u003e '60',\n  config_entries =\u003e [{\n    'always_direct' =\u003e ['deny    www.reallyreallybadplace.com',\n                        'allow   my-good-dst',\n                        'allow   my-other-good-dst'],\n  }],\n}\n```\n\nResults in a squid configuration of\n\n```\n# always_directs\nalways_direct deny    www.reallyreallybadplace.com\nalways_direct allow   my-good-dst\nalways_direct allow   my-other-good-dst\n```\n\n#### Parameters for Type squid::extra\\_config\\_section\n* `comment` defaults to the namevar and is used as a section comment in `squid.conf`.\n* `config_entries` A hash of configuration entries to create in this section.  The hash key is the name of the configuration directive.  The value is either a string, or an array of strings to use as the configuration directive options.\n* `order` by default is '60'.  It can be used to configure where in `squid.conf` this configuration section should occur.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvoxpupuli%2Fpuppet-squid","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvoxpupuli%2Fpuppet-squid","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvoxpupuli%2Fpuppet-squid/lists"}