Some updates

Dockerfile

@@ -1,18 +1,12 @@
-FROM ubuntu:14.10
-MAINTAINER Rob Haswell <[email protected]>
-
-RUN apt-get -qqy update
-RUN apt-get -qqy upgrade
-RUN apt-get -qqy install apache2-utils squid3
-
-# If you are prone to gouging your eyes out, do not read the following 2 lines
-RUN sed -i 's@#\tauth_param basic program /usr/lib/squid3/basic_ncsa_auth /usr/etc/passwd@auth_param basic program /usr/lib/squid3/basic_ncsa_auth /usr/etc/passwd\nacl ncsa_users proxy_auth REQUIRED@' /etc/squid3/squid.conf
-RUN sed -i 's@^http_access allow localhost$@\0\nhttp_access allow ncsa_users@' /etc/squid3/squid.conf
-
-RUN mkdir /usr/etc
-
+FROM ubuntu:18.04
+LABEL maintainer="Rob Haswell <[email protected]>"
+
+RUN apt-get -y update && \
+    apt-get -y upgrade &&\
+    apt-get install -y apache2-utils squid && \
+    rm -rf /var/lib/apt/lists/*
+COPY squid.conf /etc/squid/squid.conf
+COPY init.sh /
 EXPOSE 3128
-VOLUME /var/log/squid3
 
-ADD init /init
-CMD ["/init"]
+CMD ["/bin/bash", "/init.sh"]

README.md

@@ -1,43 +1,32 @@
-squid-docker-simple-auth
-========================
+# squid-docker-simple-auth
 
 A simple (and fragile) Dockerfile for launching an authenticated squid proxy.
 
 The user must specify authentication credentials via the following environment variables:
 
-```
+```bash
 SQUID_USERNAME=foo
 SQUID_PASSWORD=bar
 ```
 
 An example invocation would be:
 
-```
+```bash
 docker run -e SQUID_USERNAME=foo -e SQUID_PASSWORD=bar -p 3128:3128 robhaswell/squid-authenticated
 ```
 
-Details
-=======
+## Details
 
-Environment variables
----------------------
+### Environment variables
 
 * SQUID_USERNAME
 * SQUID_PASSWORD
 
-Ports
------
+### Ports
 
 * 3128
 
-Volumes
--------
-
-* `/var/log/squid3`
-
-Ideas for Improvement
-=====================
+## Ideas for Improvement
 
-* Output logs to stdout.
 * The range of authentication options could be expanded through more configuration options.
 * Supply a full configuration file that has been well considered instead of hacking up Ubuntu's defaults.

init.sh

@@ -0,0 +1,4 @@
+#!/bin/sh
+htpasswd -bc /etc/squid/squid_passwd "${SQUID_USERNAME}" "${SQUID_PASSWORD}"
+chown proxy /proc/self/fd/1
+exec squid3 -N $*

squid.conf

@@ -0,0 +1,27 @@
+cache_log stdio:/dev/stdout
+access_log stdio:/dev/stdout
+cache_store_log stdio:/dev/stdout
+
+auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/squid_passwd
+acl all src all
+acl ncsa_users proxy_auth REQUIRED
+acl SSL_ports port 443          # SSL
+acl Safe_ports port 80          # http
+acl Safe_ports port 21          # ftp
+acl Safe_ports port 443         # https
+acl Safe_ports port 70          # gopher
+acl Safe_ports port 210         # wais
+acl Safe_ports port 1025-65535  # unregistered ports
+acl Safe_ports port 280         # http-mgmt
+acl Safe_ports port 488         # gss-http
+acl Safe_ports port 591         # filemaker
+acl Safe_ports port 777         # multiling http
+acl Safe_ports port 5190        # ICQ
+acl CONNECT method CONNECT
+
+http_access allow ncsa_users
+http_access allow !Safe_ports
+http_access allow !SSL_ports
+http_access deny all
+http_port 3128
+dns_v4_first on