docs: add squid config content

JTorreG · JTorreG · commit 11e16b4ddf71 · 2025-08-25T14:42:01.000+01:00
diff --git a/content/nginx-one/agent/configure-instance-reporting/connect-using-squid.md b/content/nginx-one/agent/configure-instance-reporting/connect-using-squid.md
@@ -17,7 +17,147 @@ Ensure you have the following:
 
 ## Configure Squid
 
-TBD
+### Install Squid
+
+{{<tabs name="Install_Squid">}}
+{{%tab name="Mac OS"%}}
+
+1. Open a terminal window.
+1. Install Squid using Homebrew:
+
+   ```sh
+   brew install squid
+   ```
+1. Start the Squid service:
+
+   ```sh
+   brew services start squid
+   ```
+---
+
+{{%/tab%}}
+{{%tab name="Ubuntu (including running it under WSL)"%}}
+
+Run the following commands as a superuser:
+
+1. Open a terminal window.
+1. Update the package list:
+   ```sh
+   sudo apt-get update
+   ```
+1. Install Squid:
+   ```sh
+   sudo apt-get install squid -y
+   ```
+1. Start the Squid service:
+   ```sh
+   sudo systemctl start squid
+   ```
+---
+
+{{%/tab%}}
+{{</tabs>}}
+
+
+### Configure Squid
+
+Follow the steps below to configure Squid with basic authentication.
+
+{{<tabs name="Configure_Squid">}}
+{{%tab name="Mac OS"%}}
+
+1. Set up an HTTP Proxy with Basic Authentication. This setup requires users to provide a username and password. Run the
+   following commands as a superuser:
+
+   ```sh
+   htpasswd -c /usr/local/squid/passwd your_user # Create a user
+   ```
+
+   - You will be prompted to enter and confirm a password for `your_user`.
+
+1. Locate the Squid configuration file:
+   - Run `squid -v` to find the configuration file path. Look for the `--sysconfdir` flag (usually `/usr/local/etc/squid/squid.conf` or `/opt/homebrew/etc/squid.conf` on Mac OS).
+
+1. Find the path to your basic_ncsa_auth program:
+   - On Mac OS, it is usually be located at `/opt/homebrew/Cellar/squid/7.1/libexec/basic_ncsa_auth`. You can get the version number from the `squid -v` command output.
+
+1. Open the Squid configuration file with a text editor (you might need superuser privileges):
+
+   ```sh
+   sudo nano <path to config file>/squid.conf
+   ```
+
+1. Add or modify the following lines (usually at the top of the file) to configure the proxy settings:
+
+   ```conf
+   auth_param basic program <path_to_basic_ncsa_auth>/basic_ncsa_auth /usr/local/etc/squid/passwd auth_param basic realm Squid proxy-caching web server acl authenticated proxy_auth REQUIRED
+   ```
+
+1. In the same configuration file, find the line that starts with `http_access deny all` and add the `http_access allow authenticated` line above it. It should look like this:
+
+   ```conf
+   http_access allow authenticated
+   http_access deny all
+   ```
+
+1. Save the changes and exit the text editor.
+1. Restart the Squid service to apply the changes:
+
+   ```sh
+   brew services restart squid
+   ```
+
+---
+
+{{%/tab%}}
+{{%tab name="Ubuntu"%}}
+
+1. Set up an HTTP Proxy with Basic Authentication. This setup requires users to provide a username and password. Run the
+   following commands as a superuser:
+
+   ```sh
+   apt-get install apache2-utils -y  # Install htpasswd utility
+   htpasswd -c /usr/local/squid/passwd your_user # Create a user
+   ```
+
+   - You will be prompted to enter and confirm a password for `your_user`.
+
+1. Locate the Squid configuration file:
+   - Run `squid -v` to find the configuration file path. Look for the `--sysconfdir` flag (usually `/etc/squid/squid.conf` on Ubuntu).
+
+1. Find the path to your basic_ncsa_auth program:
+   - On Ubuntu, it is usually located at `/usr/lib/squid/basic_ncsa_auth`.
+
+1. Open the Squid configuration file with a text editor (you might need superuser privileges):
+
+   ```sh
+   sudo nano <path to config file>/squid.conf
+   ```
+
+1. Add or modify the following lines (usually at the top of the file) to configure the proxy settings:
+
+   ```conf
+   auth_param basic program <path_to_basic_ncsa_auth>/basic_ncsa_auth /usr/local/etc/squid/passwd auth_param basic realm Squid proxy-caching web server acl authenticated proxy_auth REQUIRED
+   ```
+
+1. In the same configuration file, find the line that starts with `http_access deny all` and add the `http_access allow authenticated` line above it. It should look like this:
+
+   ```conf
+   http_access allow authenticated
+   http_access deny all
+   ```
+
+1. Save the changes and exit the text editor.
+1. Restart the Squid service to apply the changes:
+
+   ```sh
+   sudo systemctl restart squid
+   ```
+
+---
+
+{{%/tab%}}
+{{</tabs>}}
 
 ## NGINX Agent Proxy configuration
 
@@ -97,4 +237,36 @@ To set proxy authentication in a containerized environment:
 
 ## Validate connectivity between NGINX Agent, Squid, and NGINX One Console
 
-TBD
+To test the connectivity between NGINX Agent, Squid, and NGINX One Console, you can use the `curl` command with the proxy settings.
+
+1. Open a secure connection to your instance using SSH and log in.
+1. Run the following `curl` command to test the connection:
+   ```sh
+   curl -x http://proxy.example.com:3128 -U your_user:your_password https://mgmt.example.com/api/v1/agents
+   ```
+
+   - Replace `proxy.example.com:3128` with your Squid proxy address and port.
+   - Replace `your_user` and `your_password` with the credentials you set up for Squid in the previous steps.
+   - Replace `mgmt.example.com` with your NGINX One Console address.
+
+To test the configuration from a containerized environment, run the following command from within the container:
+
+   ```sh
+   curl -x http://host.docker.internal:3128 -U your_user:your_password https://mgmt.example.com/api/v1/agents
+   ```
+
+   - Replace `your_user` and `your_password` with the credentials you set up for Squid in the previous steps.
+   - Replace `mgmt.example.com` with your NGINX One Console address.
+
+## Troubleshooting
+
+1. Find the configuration and log files:
+
+   - Run `squid -v`.
+   - Look for the `--sysconfdir` flag (usually `/usr/local/etc/squid/squid.conf` or `/opt/homebrew/etc/squid.conf` on
+      Mac OS, and `/etc/squid/squid.conf` on Ubuntu) to find the configuration file.
+   - Look for the `--prefix` flag to find the log file path (usually `/usr/local/var/logs/squid` or `/opt/homebrew/var/logs/squid`
+      on Mac OS, and `/var/log/squid` on Ubuntu) to find the log files.
+   - Look for the `--localstatedir` flag to find the cache directory path (usually `/usr/local/var/cache/squid` or `/opt/homebrew/var/cache/squid`
+      on Mac OS, and `/var/spool/squid` on Ubuntu) to find the cache directory.
+
