Deploy Squid Proxy on RedHat Systems with Ansible

Learn to deploy and configure a Squid proxy server on RedHat-like systems using Ansible. Follow our step-by-step guide with simple Ansible code examples.

How to deploy a proxy server squid on RedHat-like systems with Ansible?

I'm going to show you a live Playbook with some simple Ansible code.

I'm Luca Berton and welcome to today's episode of Ansible Pilot.

Deploy a proxy server squid on RedHat-like

install packages => ansible.builtin.yum

configuration => ansible.builtin.template

start service => ansible.builtin.service

open firewall => ansible.posix.firewalld

Today we're talking about how to deploy a proxy server squid on RedHat-like Linux systems.

The full process requires four steps that you could automate with different Ansible modules.

Firstly you need to install the squid package and dependency using the ansible.builtin.yum Ansible module.

Secondly, you need to create the custom configuration with the ansible.builtin.template Ansible module.

Thirsty you need to start the squid service and enable it on boot and all the dependant using the ansible.builtin.service Ansible module.

Fourthly you need to open the relevant firewall service-related ports using the ansible.posix.firewalld Ansible module.

## Playbook

Deploy a proxy server squid on RedHat-like with Ansible Playbook.

code

proxy_redhat.yml

``yaml


---
name: setup proxy
  hosts: all
  become: true
  vars:
    squid_port: 3128
    localnet: "192.168.0.0/24"
  tasks:
    - name: squid installed
      ansible.builtin.yum:
        name: squid
        state: latest
    - name: squid configuration
      ansible.builtin.template:
        src: "templates/squid.conf.j2"
        dest: "/etc/squid/squid.conf"
    - name: squid service enabled
      ansible.builtin.service:
        name: squid
        enabled: true
        state: started
    - name: open firewall
      ansible.posix.firewalld:
        port: "{{ squid_port }}/tcp"
        state: enabled
        immediate: true
        permanent: true



templates/squid.conf.j2

`txt


acl localnet src {{ localnet }}
acl SSL_ports port 443
acl CONNECT method CONNECT
acl Safe_ports port 21
acl Safe_ports port 80
acl Safe_ports port 443
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access deny all
http_port {{ squid_port }}
coredump_dir /var/spool/squid 10000 16 256
refresh_pattern ^ftp:  1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern .  0 20% 4320



execution

``bash

ansible-pilot $ ansible-playbook -i virtualmachines/proxy/inventory services/proxy_redhat.yml

PLAY [setup proxy]

TASK [Gathering Facts]

ok: [proxy.example.com]

TASK [squid installed]

changed: [proxy.example.com]

TASK [squid configuration] **