On Mon, Aug 15, 2016 at 10:30 PM John Meinel wrote:
> ...
>>
>
>
>> +### tuple ### allow any 8000 0.0.0.0/0 any 0.0.0.0/0 in
>> +-A ufw-user-input -p tcp --dport 8000 -j ACCEPT
>> +-A ufw-user-input -p udp --dport 8000 -j ACCEPT
>> +
>>
>>
> If I'm reading this one correctly, it also means that a
I decided it'd be easier & safer to host squid-deb-proxy in a LXD container
rather than the host. My host doesn't route inbound to LXD from other
networks, and all the Juju machines can see it.
On Tue, Aug 16, 2016 at 12:30 AM, John Meinel
wrote:
> ...
>>
>
>
>> +### tuple ### allow any 8000 0.0
>
> ...
>
> +### tuple ### allow any 8000 0.0.0.0/0 any 0.0.0.0/0 in
> +-A ufw-user-input -p tcp --dport 8000 -j ACCEPT
> +-A ufw-user-input -p udp --dport 8000 -j ACCEPT
> +
>
>
If I'm reading this one correctly, it also means that anyone from *any* IP
address (not restricted to your local netwo
My concern about your last configuration is that it appears to change your
squid deb proxy into an open proxy by which anything can make a request to
any website. At least that is my understanding of:
http_access allow all
(Its no longer a 'deb' proxy, its just a plain http proxy.)
That may be wha
Yes thanks for doing the work to share this menn0. It is much appreciated.
I also needed to change the following in squid-deb-proxy (even though I
added a bunch of domains to
/etc/squid-deb-proxy/mirror-dstdomain.acl.d/10-default):
--- a/squid-deb-proxy/squid-deb-proxy.conf
+++ b/squid-deb-proxy/s
Thanks Rafael. Would you mind adding this to the wiki page?
On 16 August 2016 at 02:31, Rafael Gonzalez
wrote:
> Hi Menno,
>
> Thanks for putting this together, great tips. I recently ran into an
> issue which others could see as well.
>
> One may need to adjust the following for large bundle d
Good catch Casey. I've just updated the config in the gist to allow access
to any mirror or PPA (in a cleaner way than in the blog article IMO). It
seems to work well (apt-get download is nice way to test).
On 16 August 2016 at 09:27, Casey Marshall
wrote:
> Menno,
> This is great and thanks fo
Menno,
This is great and thanks for sharing!
In case anyone else runs into this.. charms that install from PPAs will
fail with this squid-deb-proxy setup. You'll need to allow archive mirrors
for this to work. See
https://1337.tips/ubuntu-cache-packages-using-squid-deb-proxy/ for an
example.
On M
Hi Menno,
Thanks for putting this together, great tips. I recently ran into an issue
which others could see as well.
One may need to adjust the following for large bundle deployments on LXD.
A bundle deployment fails with errors about "Too many files open." This
will increase number of max open
Interesting. With the new rework of some of the model config you can
probably set some of those in the cloud definition and set some with "juju
set-model-default" so it doesn't have to be set in every bootstrap and
add-model. I'm not sure if all of it has landed, but it should certainly be
in 2.0.
I've put together a few tips on the wiki for speeding up bootstrap and
provisioning times when using the Juju lxd provider. I find these
techniques helpful when checking my work or investigating bugs - situations
where you end up bootstrapping and deploying many times.
https://github.com/juju/juju
11 matches
Mail list logo