squid-cache/Reverse Proxyについて、ここに記述してください。
/refresh_pattern /終了 /起動 /起動/https |
テスト: http://moin.qmail.jp:8080 https://moin.qmail.jp:8080
https://wiki.squid-cache.org/SquidFaq/ReverseProxy
https://wiki.squid-cache.org/ConfigExamples#Reverse_Proxy_.28Acceleration.29
1. Reverse Proxy Mode
https://wiki.squid-cache.org/SquidFaq/ReverseProxy
Running the web server on the same server
http_port the.public.ip.address:80 accel defaultsite=your.main.website cache_peer 127.0.0.1 parent 80 0 no-query originserver
http_port 80 accel ignore-cc
Access to password protected content fails via the reverse proxy
cache_peer ip.of.server parent 80 0 no-query originserver login=PASS
2. Veriy configuration
To verify your configuration file you can use the -k parse option
% /usr/local/squid/sbin/squid -k parse
WARNING: Cannot write log file: /usr/local/squid/var/logs/cache.log /usr/local/squid/var/logs/cache.log: Permission denied messages will be sent to 'stderr'.
- owner を nobodyに変更した。 (以下にあるように、cache directoryも同様)
3. swap directories
First, you must create the swap directories. Do this by running Squid with the -z option:
% /usr/local/squid/sbin/squid -z
If you run Squid as root then you may need to first create /usr/local/squid/var/logs and your cache_dir directories and assign ownership of these to the cache_effective_user configured in your squid.conf
4. start squid
/起動 https://wiki.squid-cache.org/SquidFaq/InstallingSquid#How_do_I_start_Squid.3F
5. https
https://wiki.squid-cache.org/ConfigExamples/Reverse/SslWithWildcardCertifiate
https_port 443 accel defaultsite=mywebsite.mydomain.com \ cert=/path/to/wildcardPublicKeyCert.pem \ key=/path/to/wildcardPrivateKeyCert.pem
https://www.ovirt.org/documentation/security/squid-reverse-proxy/
https://wiki.alpinelinux.org/wiki/Setting_up_Explicit_Squid_Proxy#SSL_interception_or_SSL_bumping
6. 参考
http://squid.robata.org/ReverseProxy_top.html