En:HOWTO use transparent Squid in front of for YaCy
Aus YaCyWiki
This Squid configuration makes Squid listen for connections on port 80 or 443.
Inhaltsverzeichnis
The idea
You need root access to run YaCy on lower ports. There are good reasons not to run YaCy as root. A simple solution may be to use Squid in front of it. The requests go to Squid and is then handed on to YaCy.
Requirements
A SSL certificate. You'll need one of those.
And Squid 2.5. This configuration is for 2.5. Squid 2.6 has a configuration which is completely differnet (Fedora Core 6 and 7 use 2.6, most "stable" distributions like Debian, RHEL and CentOS have 2.5).
The configuration
# From the default config hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 2 hours auth_param basic casesensitive off refresh_pattern . 0 20% 4320 coredump_dir /var/spool/squid # Where Squid listens https_port 66.199.236.140:443 cert=/etc/squid/ssl-key.txt # Some standard ACLs acl localhost src 127.0.0.1/255.255.255.255 acl all src 0.0.0.0/0.0.0.0 # You don't really need to send YaCy a host, but... httpd_accel_host yacysearch.com httpd_accel_uses_host_header on # You really do need to provide the port for it. httpd_accel_port 8090 httpd_accel_with_proxy on # We'd like people to connect to 127.0.0.1, and port 8090, # but they really don't need anymore access to your box. acl HTTP protocol HTTP acl port8090 port 8090 acl myservers dst 127.0.0.1 http_access allow HTTP port8090 myservers http_access allow port8090 myservers http_access allow port8090 http_access allow myservers http_access deny all acl manager proto cache_object http_access allow manager localhost http_access deny manager # Allow purge, perhaps YaCy'll support it someday acl purge method PURGE http_access allow purge localhost http_access deny purge # Memory control. You really don't need more # than 8 MB RAM for squid and maby 32 MB disc-cache. # YaCy does all this anyway. cache_mem 8 MB cache_dir ufs /var/spool/squid 32 16 128
Port 80
It must be noted that you can just change:
https_port 22.33.44.55:443 cert=/etc/squid/ssl-key.txt
..to..:
http_port 22.33.44.55:80
Just SSL
YaCy has support for SSL. See En:HOWTO make YaCy allow SSL connections to learn how you can make YaCy accept SSL at port 8090 (or any other port it grabs).