Recently I needed to setup a Squid (forward) proxy so I can access some resources that I can’t access directly from my home / work IP. I deployed Squid in a container on my VPS, setup authentication and I added it into Firefox and everything works great. I can access the resources.
The only problem is that the default port 3128 will not be accessible from some Wi-Fi that I often connect from since these network have firewalled outbound connections to a very limited range like 80, 443…
I already have HAProxy running in another container that listens on 80 and 443, terminates SSL and sends traffic based on domain names (
hdr(host) -i ...) to different containers that run different websites and therefore I cannot use ports 80/443 for the Squid proxy.
I was thinking, can anyone please tell me is it possible to use Squid as a backend when using
mode http? I’m sure I can use it with
mode tcp but I need to use
mode http for everything else to work.
I tried to add Squid as a backend like I would do with any other website without SSL termination:
... acl serv-squidproxy hdr(host) -i subdomain.mydomain.com ... use_backend myhttp-serv-squidproxy if serv-squidproxy ... backend myhttp-serv-squidproxy mode http # squidproxy is in /etc/hosts server squidproxy squidproxy:3128
But when I try to run
curl from a different server:
curl --proxy 'subdomain.mydomain.com:80' --proxy-user 'user123:password123' 'http://www.google.com/'
<html><body><h1>503 Service Unavailable</h1> No server is available to handle this request. </body></html>
Which mean it does not work (it would work just fine if
squidproxy was a container with Nginx).
Could you please tell me, is it possible to make this work?