diff --git a/content/nginx-one/connect-instances/connect-using-squid.md b/content/nginx-one/connect-instances/connect-using-forward-proxy.md similarity index 60% rename from content/nginx-one/connect-instances/connect-using-squid.md rename to content/nginx-one/connect-instances/connect-using-forward-proxy.md index c82a1914c..3e83e38d4 100644 --- a/content/nginx-one/connect-instances/connect-using-squid.md +++ b/content/nginx-one/connect-instances/connect-using-forward-proxy.md @@ -1,67 +1,27 @@ --- -title: Prepare - Set up Squid as a proxy +title: Prepare - Set up an explicit forward proxy toc: true weight: 250 nd-docs: DOCS-000 --- -NGINX Agent can be configured to connect to NGINX One using a [Squid proxy](https://www.squid-cache.org/). This is useful in environments where direct internet access is restricted or monitored. +NGINX Agent can be configured to connect to NGINX One using an explicit forward +proxy. This is useful in environments where direct internet access is restricted or monitored. ## Before you start Ensure you have the following: -- [Squid proxy server set up and running](https://wiki.squid-cache.org/SquidFaq/InstallingSquid) +- An explicit forward proxy server installed and configured in your network. - [NGINX Agent is installed]({{< ref "nginx-one/agent/install-upgrade/" >}}) - Access to the [NGINX One console]({{< ref "/nginx-one/getting-started.md#before-you-begin" >}}). -## Configure Squid -Follow the steps below to configure Squid with basic authentication. - -1. Open the Squid configuration file with your favorite text editor (you might need superuser privileges): - - ```sh - vi /etc/squid/squid.conf - ``` - -1. Add the following lines to configure the proxy settings: - - ```conf - # Standard HTTP port for the proxy. - http_port myproxy.example.com:3128 - - # Define an ACL for allowing access from the agent's IP address - acl agent_ip src - - # Allow the agent to connect to NGINX One Console - acl mgmt_server dstdomain agent.connect.nginx.com - - # Allow HTTPS traffic (port 443 is default for HTTPS) - acl ssl_ports port 443 - - # HTTP access rules (allow the agent to access the destination server through the proxy) - http_access allow agent_ip mgmt_server ssl_ports - - # Deny all other traffic by default (best practice) - http_access deny all - ``` - - -1. Save the changes and exit the text editor. -1. Restart the Squid service to apply the changes: - - ```sh - sudo systemctl reload squid - ``` - ---- - -## NGINX Agent Proxy configuration +## NGINX Agent configuration for proxy usage 1. Open a secure connection to your instance using SSH and log in. 1. Open the NGINX Agent configuration file (/etc/nginx-agent/nginx-agent.conf) with a text editor. To edit this file you need superuser privileges. -1. Add or modify the `proxy` section to include the Squid proxy URL and timeout settings: +1. Add or modify the `proxy` section to include the proxy URL and timeout settings: ```conf server: @@ -99,7 +59,7 @@ To configure NGINX Agent in a containerized environment: ## NGINX Agent proxy authentication -If your Squid proxy requires authentication, you can specify the username and password in the `proxy` section of the `agent.conf` file: +If your forward proxy requires authentication, you can specify the username and password in the `proxy` section of the `agent.conf` file: 1. Open a secure connection to your instance using SSH and log in. 1. Add or modify the `proxy` section of the NGINX Agent configuration file (/etc/nginx-agent/nginx-agent.conf) to include the authentication details: @@ -141,9 +101,9 @@ To set proxy authentication in a containerized environment: -d private-registry.nginx.com/nginx-plus/agentv3:latest ``` -## Validate connectivity between NGINX Agent, Squid, and NGINX One Console +## Validate connectivity between the components -To test the connectivity between NGINX Agent, Squid, and NGINX One Console, you can use the `curl` command with the proxy settings. +To test the connectivity between NGINX Agent, your proxy, and NGINX One Console, you can use the `curl` command with the proxy settings. 1. Open a secure connection to your instance using SSH and log in. 1. Run the following `curl` command to test the connection: @@ -151,8 +111,8 @@ To test the connectivity between NGINX Agent, Squid, and NGINX One Console, you curl -x http://proxy.example.com:3128 -U your_user:your_password https://agent.connect.nginx.com/api/v1/agents ``` - - Replace `proxy.example.com:3128` with your Squid proxy address and port. - - Replace `your_user` and `your_password` with the credentials you set up for Squid in the previous steps. + - Replace `proxy.example.com:3128` with your proxy address and port. + - Replace `your_user` and `your_password` with the credentials you set up for proxy in the previous steps. To test the configuration from a containerized environment, run the following command from within the container: @@ -160,13 +120,5 @@ To test the configuration from a containerized environment, run the following co curl -x http://host.docker.internal:3128 -U your_user:your_password https://agent.connect.nginx.com/api/v1/agents ``` - - Replace `your_user` and `your_password` with the credentials you set up for Squid in the previous steps. - -## Troubleshooting - -1. Find the configuration and log files: - - - Run `squid -v | grep "configure options"` - - Configuration directory should look like `--sysconfdir=/etc/squid'` - - Log directory should look like `--sysconfdir=/var/log'` + - Replace `your_user` and `your_password` with the credentials you set up for proxy in the previous steps.