[squid-users] sharing a tidbit

Brendan Kearney bpk678 at gmail.com
Tue Apr 28 21:18:22 UTC 2015


i have 2 squid instances behind HAProxy, balanced using leastconn.  each 
proxy server has a NFS mount under /etc/squid/acls/ where external acls 
are kept.  because the NFS mount is common to both instances, i only 
need to make an update in one place and both proxies will get the 
update.  when i put this together, i wanted a means of reconfiguring 
squid in some sort of automated fashion, based on if the acl files (or 
their contents) were changed.

below is the script i came up with for that.  i call the script from 
root's crontab once every 5 minutes (mind the wrap):

*/5 * * * * /root/bin/SquidReconfigure #reconfigure squid if ACL files 
have been updated

the script will create a temp file and write the time of last 
modification in seconds since Epoch to the temp file for tracking.  if 
the value changes, the temp file is updated and a flag is set to 
indicate that a reconfigure is warranted.  when the reconfigure is 
performed, it logs via logger/syslog that a refresh was performed.

the logic is tested and running on my boxes and works nicely for my 
needs.  because i am a small environment and can deal with the fact the 
proxies are performing these actions at the same time, i don't need to 
stagger the offset for each server.  if your reconfigure action takes a 
long time, you may want to consider what options you have in order to 
continue providing functionally available services.

#!/bin/bash

aclDir=/etc/squid/acl
statFile=/tmp/squidStats
reconfigure=0

for aclFile in $(ls $aclDir)
do
	previous=$(grep ^$aclFile\  $statFile |awk '{print $2}')
	current=$(stat -t $aclDir/$aclFile -c %Y)

	if [ $current != $previous ]
	then
		#echo -e $aclFile' \t'"change found"
		# mind the wrap on the below line
		sed -i -e "s/$aclFile\ $previous/$aclFile\ $current/" $statFile
		#echo -e $aclFile' \t'"settting marker"
		reconfigure=1
	fi
done

if [ $reconfigure = 1 ]
then
	#echo "reconfiguring squid"
	squid -k reconfigure
	logger -t '(squid-1)' -p 'local4.notice' Squid ACL Refresh
fi


More information about the squid-users mailing list