From bcd94bd15b2139651bb1c7cf34ca0cc1aec14348 Mon Sep 17 00:00:00 2001
From: Klas Arvidsson <klas.arvidsson@liu.se>
Date: Mon, 16 Dec 2019 21:09:01 +0100
Subject: [PATCH] fix ssl_db creation and opendsa url-rewirte hostname

---
 files/squid/helpers/squid-url-rewrite.py | 4 +++-
 files/squid/squid.conf                   | 2 +-
 manifests/squid_filter.pp                | 6 +++---
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/files/squid/helpers/squid-url-rewrite.py b/files/squid/helpers/squid-url-rewrite.py
index e6ac941..88f9788 100755
--- a/files/squid/helpers/squid-url-rewrite.py
+++ b/files/squid/helpers/squid-url-rewrite.py
@@ -3,9 +3,11 @@
 import sys
 import re
 import datetime
+import socket
 
 errorpage = "http://www.ida.liu.se/~examadm/empty"
 basedir = "/usr/libexec/squid/helpers"
+hostname = socket.gethostname()
 
 def modify_url(line, ruleset):
 ### [channel-ID <SP>] URL <SP> client_ip "/" fqdn <SP> user <SP> method [<SP> kv-pairs]<NL>
@@ -25,7 +27,7 @@ def modify_url(line, ruleset):
         
     r = re.match('https://www\.ida\.liu\.se/~opendsa/(.*)', url)
     if r != None:
-        return "OK rewrite-url=\"http://exam.ida.liu.se:12000/" + r.group(1) + "\""
+        return 'OK rewrite-url="http://{}:12000/{}"'.format(hostname, r.group(1))
 
     for i in ruleset:
         
diff --git a/files/squid/squid.conf b/files/squid/squid.conf
index f5098c7..23e1064 100644
--- a/files/squid/squid.conf
+++ b/files/squid/squid.conf
@@ -121,7 +121,7 @@ ssl_bump server-first all
 
 # Inititate with:
 # /usr/lib64/squid/ssl_crtd -c -s /var/lib/ssl_db
-sslcrtd_program /usr/lib64/squid/ssl_crtd -s /var/lib/ssl_db -M 4MB
+sslcrtd_program /usr/lib64/squid/ssl_crtd -s /var/lib/squid/ssl_db -M 4MB
 sslcrtd_children 32 startup=5 idle=1
 
 # the following two options are unsafe and not always necessary:
diff --git a/manifests/squid_filter.pp b/manifests/squid_filter.pp
index 6c83559..fe52da2 100644
--- a/manifests/squid_filter.pp
+++ b/manifests/squid_filter.pp
@@ -45,17 +45,17 @@ class aes::squid_filter {
     group  => squid,
   }
 
-  file { '/var/lib/ssl_db' :
+  file { '/var/lib/squid' :
     ensure => directory,
     mode   => '0750',
     owner  => squid,
     group  => squid,
   }
 
-  exec { '/usr/lib64/squid/ssl_crtd -c -s /var/lib/ssl_db' : 
+  exec { '/usr/lib64/squid/ssl_crtd -c -s /var/lib/squid/ssl_db' : 
     user => "squid",
     group => "squid",
-    creates => '/var/lib/ssl_db/certs',
+    creates => '/var/lib/squid/ssl_db',
   }
 
   service { "squid" : 
-- 
GitLab