[squid-users] sharing a tidbit
Brendan Kearney
bpk678 at gmail.com
Tue Apr 28 21:18:22 UTC 2015
i have 2 squid instances behind HAProxy, balanced using leastconn. each
proxy server has a NFS mount under /etc/squid/acls/ where external acls
are kept. because the NFS mount is common to both instances, i only
need to make an update in one place and both proxies will get the
update. when i put this together, i wanted a means of reconfiguring
squid in some sort of automated fashion, based on if the acl files (or
their contents) were changed.
below is the script i came up with for that. i call the script from
root's crontab once every 5 minutes (mind the wrap):
*/5 * * * * /root/bin/SquidReconfigure #reconfigure squid if ACL files
have been updated
the script will create a temp file and write the time of last
modification in seconds since Epoch to the temp file for tracking. if
the value changes, the temp file is updated and a flag is set to
indicate that a reconfigure is warranted. when the reconfigure is
performed, it logs via logger/syslog that a refresh was performed.
the logic is tested and running on my boxes and works nicely for my
needs. because i am a small environment and can deal with the fact the
proxies are performing these actions at the same time, i don't need to
stagger the offset for each server. if your reconfigure action takes a
long time, you may want to consider what options you have in order to
continue providing functionally available services.
#!/bin/bash
aclDir=/etc/squid/acl
statFile=/tmp/squidStats
reconfigure=0
for aclFile in $(ls $aclDir)
do
previous=$(grep ^$aclFile\ $statFile |awk '{print $2}')
current=$(stat -t $aclDir/$aclFile -c %Y)
if [ $current != $previous ]
then
#echo -e $aclFile' \t'"change found"
# mind the wrap on the below line
sed -i -e "s/$aclFile\ $previous/$aclFile\ $current/" $statFile
#echo -e $aclFile' \t'"settting marker"
reconfigure=1
fi
done
if [ $reconfigure = 1 ]
then
#echo "reconfiguring squid"
squid -k reconfigure
logger -t '(squid-1)' -p 'local4.notice' Squid ACL Refresh
fi
More information about the squid-users
mailing list