Hi Everybody,
Recently I needed to setup a Squid (forward) proxy so I can access some resources that I can’t access directly from my home / work IP. I deployed Squid in a container on my VPS, setup authentication and I added it into Firefox and everything works great. I can access the resources.
The only problem is that the default port 3128 will not be accessible from some Wi-Fi that I often connect from since these network have firewalled outbound connections to a very limited range like 80, 443…
I already have HAProxy running in another container that listens on 80 and 443, terminates SSL and sends traffic based on domain names (hdr(host) -i ...) to different containers that run different websites and therefore I cannot use ports 80/443 for the Squid proxy.
I was thinking, can anyone please tell me is it possible to use Squid as a backend when using mode http? I’m sure I can use it with mode tcp but I need to use mode http for everything else to work.
I tried to add Squid as a backend like I would do with any other website without SSL termination:
...
acl serv-squidproxy hdr(host) -i subdomain.mydomain.com
...
use_backend myhttp-serv-squidproxy if serv-squidproxy
...
backend myhttp-serv-squidproxy
mode http
# squidproxy is in /etc/hosts
server squidproxy squidproxy:3128
But when I try to run curl from a different server:
curl --proxy 'subdomain.mydomain.com:80' --proxy-user 'user123:password123' 'http://www.google.com/'
I get
<html><body><h1>503 Service Unavailable</h1>
No server is available to handle this request.
</body></html>
Which mean it does not work (it would work just fine if squidproxy was a container with Nginx).
Could you please tell me, is it possible to make this work?
Thank you.
Kind regards,
Ben H.