(* Squid module for Augeas
Author: Free Ekanayaka <free@64studio.com>
Reference: the self-documented default squid.conf file
*)
module Squid =
autoload xfm
(************************************************************************
* USEFUL PRIMITIVES
*************************************************************************)
let eol = Util.eol
let spc = Util.del_ws_spc
let indent = Util.indent
let word = /[A-Za-z0-9!_.-]+(\[[0-9]+\])?/
let sto_to_spc = store /[^# \t\n]+/
let sto_to_eol = store /([^# \t\n][^#\n]*[^# \t\n])|[^# \t\n]/
let comment = Util.comment
let empty = Util.empty
let comment_or_eol = Util.comment_or_eol
let value (kw:string)
= [ spc . label kw . sto_to_spc ]
let value_space_in (kw:string)
= [ spc . label kw . sto_to_eol ]
let parameters = [ label "parameters"
. counter "parameters"
. [ spc . seq "parameters" . sto_to_spc ]+ ]
(************************************************************************
* SPACEVARS SETTINGS
*************************************************************************)
let entry_re = "accept_filter"
| "access_log"
| "acl_uses_indirect_client"
| "adaptation_access"
| "adaptation_service_set"
| "allow_underscore"
| "always_direct"
| "announce_file"
| "announce_host"
| "announce_period"
| "announce_port"
| "append_domain"
| "as_whois_server"
| "authenticate_cache_garbage_interval"
| "authenticate_ip_shortcircuit_access"
| "authenticate_ip_shortcircuit_ttl"
| "authenticate_ip_ttl"
| "authenticate_ttl"
| "background_ping_rate"
| "balance_on_multiple_ip"
| "broken_posts"
| "buffered_logs"
| "cache"
| "cache_dir"
| "cache_dns_program"
| "cache_effective_group"
| "cache_effective_user"
| "cache_log"
| "cache_mem"
| "cache_mgr"
| "cachemgr_passwd"
| "cache_peer"
| "cache_peer_access"
| "cache_peer_domain"
| "cache_replacement_policy"
| "cache_store_log"
| "cache_swap_high"
| "cache_swap_low"
| "cache_swap_state"
| "cache_vary"
| "check_hostnames"
| "chroot"
| "client_db"
| "client_lifetime"
| "client_netmask"
| "client_persistent_connections"
| "clientside_tos"
| "collapsed_forwarding"
| "connect_timeout"
| "coredump_dir"
| "dead_peer_timeout"
| "debug_options"
| "delay_access"
| "delay_class"
| "delay_initial_bucket_level"
| "delay_parameters"
| "delay_pools"
| "delay_pool_uses_indirect_client"
| "deny_info"
| "detect_broken_pconn"
| "digest_bits_per_entry"
| "digest_generation"
| "digest_rebuild_chunk_percentage"
| "digest_rebuild_period"
| "digest_rewrite_period"
| "digest_swapout_chunk_size"
| "diskd_program"
| "dns_children"
| "dns_defnames"
| "dns_nameservers"
| "dns_retransmit_interval"
| "dns_testnames"
| "dns_timeout"
| "dns_v4_fallback"
| "ecap_enable"
| "ecap_service"
| "email_err_data"
| "emulate_httpd_log"
| "err_html_text"
| "error_default_language"
| "error_directory"
| "error_log_languages"
| "error_map"
| "err_page_stylesheet"
| "esi_parser"
| "external_acl_type"
| "external_refresh_check"
| "follow_x_forwarded_for"
| "forwarded_for"
| "forward_log"
| "forward_timeout"
| "fqdncache_size"
| "ftp_epsv_all"
| "ftp_list_width"
| "ftp_passive"
| "ftp_sanitycheck"
| "ftp_telnet_protocol"
| "ftp_user"
| "global_internal_static"
| "half_closed_clients"
| "header_access"
| "header_replace"
| "hierarchy_stoplist"
| "high_memory_warning"
| "high_page_fault_warning"
| "high_response_time_warning"
| "hostname_aliases"
| "hosts_file"
| "htcp_access"
| "htcp_clr_access"
| "htcp_port"
| "http_accel_surrogate_remote"
| "http_access2"
| "httpd_accel_no_pmtu_disc"
| "httpd_accel_surrogate_id"
| "httpd_suppress_version_string"
| "http_port"
| "http_reply_access"
| "https_port"
| "icap_access"
| "icap_class"
| "icap_client_username_encode"
| "icap_client_username_header"
| "icap_connect_timeout"
| "icap_default_options_ttl"
| "icap_enable"
| "icap_io_timeout"
| "icap_persistent_connections"
| "icap_preview_enable"
| "icap_preview_size"
| "icap_send_client_ip"
| "icap_send_client_username"
| "icap_service"
| "icap_service_failure_limit"
| "icap_service_revival_delay"
| "icon_directory"
| "icp_access"
| "icp_hit_stale"
| "icp_port"
| "icp_query_timeout"
| "ident_lookup_access"
| "ident_timeout"
| "ie_refresh"
| "ignore_expect_100"
| "ignore_ims_on_miss"
| "ignore_unknown_nameservers"
| "incoming_dns_average"
| "incoming_http_average"
| "incoming_icp_average"
| "incoming_rate"
| "ipcache_high"
| "ipcache_low"
| "ipcache_size"
| "loadable_modules"
| "location_rewrite_access"
| "location_rewrite_children"
| "location_rewrite_concurrency"
| "location_rewrite_program"
| "log_access"
| "logfile_daemon"
| "logfile_rotate"
| "logformat"
| "log_fqdn"
| "log_icp_queries"
| "log_ip_on_direct"
| "log_mime_hdrs"
| "log_uses_indirect_client"
| "mail_from"
| "mail_program"
| "max_filedescriptors"
| "maximum_icp_query_timeout"
| "maximum_object_size"
| "maximum_object_size_in_memory"
| "maximum_single_addr_tries"
| "max_open_disk_fds"
| "max_stale"
| "mcast_groups"
| "mcast_icp_query_timeout"
| "mcast_miss_addr"
| "mcast_miss_encode_key"
| "mcast_miss_port"
| "mcast_miss_ttl"
| "memory_pools"
| "memory_pools_limit"
| "memory_replacement_policy"
| "mime_table"
| "min_dns_poll_cnt"
| "min_http_poll_cnt"
| "min_icp_poll_cnt"
| "minimum_direct_hops"
| "minimum_direct_rtt"
| "minimum_expiry_time"
| "minimum_icp_query_timeout"
| "minimum_object_size"
| "miss_access"
| "negative_dns_ttl"
| "negative_ttl"
| "neighbor_type_domain"
| "netdb_filename"
| "netdb_high"
| "netdb_low"
| "netdb_ping_period"
| "never_direct"
| "no_cache"
| "nonhierarchical_direct"
| "offline_mode"
| "pconn_timeout"
| "peer_connect_timeout"
| "persistent_connection_after_error"
| "persistent_request_timeout"
| "pid_filename"
| "pinger_enable"
| "pinger_program"
| "pipeline_prefetch"
| "positive_dns_ttl"
| "prefer_direct"
| "qos_flows"
| "query_icmp"
| "quick_abort_max"
| "quick_abort_min"
| "quick_abort_pct"
| "range_offset_limit"
| "read_ahead_gap"
| "read_timeout"
| "redirector_bypass"
| "referer_log"
| "refresh_all_ims"
| "refresh_stale_hit"
| "relaxed_header_parser"
| "reload_into_ims"
| "reply_body_max_size"
| "reply_header_access"
| "reply_header_max_size"
| "request_body_max_size"
| "request_entities"
| "request_header_access"
| "request_header_max_size"
| "request_timeout"
| "retry_on_error"
| "server_http11"
| "server_persistent_connections"
| "short_icon_urls"
| "shutdown_lifetime"
| "sleep_after_fork"
| "snmp_access"
| "snmp_incoming_address"
| "snmp_outgoing_address"
| "snmp_port"
| "ssl_bump"
| "ssl_engine"
| "sslpassword_program"
| "sslproxy_cafile"
| "sslproxy_capath"
| "sslproxy_cert_error"
| "sslproxy_cipher"
| "sslproxy_client_certificate"
| "sslproxy_client_key"
| "sslproxy_flags"
| "sslproxy_options"
| "sslproxy_version"
| "ssl_unclean_shutdown"
| "store_avg_object_size"
| "store_dir_select_algorithm"
| "store_objects_per_bucket"
| "storeurl_access"
| "storeurl_rewrite_children"
| "storeurl_rewrite_concurrency"
| "storeurl_rewrite_program"
| "strip_query_terms"
| "tcp_outgoing_address"
| "tcp_outgoing_tos"
| "tcp_recv_bufsize"
| "test_reachability"
| "udp_incoming_address"
| "udp_outgoing_address"
| "umask"
| "unique_hostname"
| "unlinkd_program"
| "update_headers"
| "uri_whitespace"
| "url_rewrite_access"
| "url_rewrite_bypass"
| "url_rewrite_children"
| "url_rewrite_concurrency"
| "url_rewrite_host_header"
| "url_rewrite_program"
| "useragent_log"
| "vary_ignore_expire"
| "via"
| "visible_hostname"
| "wccp2_address"
| "wccp2_assignment_method"
| "wccp2_forwarding_method"
| "wccp2_rebuild_wait"
| "wccp2_return_method"
| "wccp2_router"
| "wccp2_service"
| "wccp2_service_info"
| "wccp2_weight"
| "wccp_address"
| "wccp_router"
| "wccp_version"
| "windows_ipaddrchangemonitor"
| "zero_buffers"
| "zph_local"
| "zph_mode"
| "zph_option"
| "zph_parent"
| "zph_sibling"
let entry = indent . (Build.key_ws_value entry_re)
(************************************************************************
* AUTH
*************************************************************************)
let auth_re = "auth_param"
let auth = indent
. [ key "auth_param"
. value "scheme"
. value "parameter"
. (value_space_in "setting") ?
. comment_or_eol ]
(************************************************************************
* ACL
*************************************************************************)
let acl_re = "acl"
let acl = indent
. [ key acl_re . spc
. [ key word
. value "type"
. value "setting"
. parameters?
. comment_or_eol ] ]
(************************************************************************
* HTTP ACCESS
*************************************************************************)
let http_access_re
= "http_access"
| "upgrade_http0.9"
| "broken_vary_encoding"
let http_access
= indent
. [ key http_access_re
. spc
. [ key /allow|deny/
. spc
. sto_to_spc
. parameters? ]
. comment_or_eol ]
(************************************************************************
* REFRESH PATTERN
*************************************************************************)
let refresh_pattern_option_re = "override-expire"
| "override-lastmod"
| "reload-into-ims"
| "ignore-reload"
| "ignore-no-cache"
| "ignore-no-store"
| "ignore-must-revalidate"
| "ignore-private"
| "ignore-auth"
| "refresh-ims"
| "store-stale"
let refresh_pattern = indent . [ key "refresh_pattern" . spc
. [ label "case_insensitive" . Util.del_str "-i" . spc ]?
. store /[^ \t\n]+/ . spc
. [ label "min" . store Rx.integer ] . spc
. [ label "percent" . store Rx.integer . Util.del_str "%" ] . spc
. [ label "max" . store Rx.integer ]
. (spc . Build.opt_list [ label "option" . store refresh_pattern_option_re ] spc)?
. comment_or_eol ]
(************************************************************************
* EXTENSION METHODS
*************************************************************************)
let extension_methods = indent . [ key "extension_methods" . spc
. Build.opt_list [ seq "extension_method" . store Rx.word ] spc
. comment_or_eol ]
(************************************************************************
* LENS
*************************************************************************)
let lns = (comment|empty|entry|auth|acl|http_access|refresh_pattern|extension_methods)*
let filter = incl "/etc/squid/squid.conf"
. incl "/etc/squid3/squid.conf"
let xfm = transform lns filter