====== Squid Setup ======
  - Create a user for Squid
  - Set password for the user account
<xterm2 root>
[root@grow-prod ~]# useradd -c "Frontier Squid" -n dbfrontier -s /bin/bash
[root@grow-prod ~]# passwd dbfrontier
</xterm2>

Sync user and config with cluster.
<xterm2 root>
[root@grow-prod ~]# sudo ssh-agent $SHELL
[root@grow-prod ~]# sudo ssh-add
[root@grow-prod ~]# sudo rocks sync config
[root@grow-prod ~]# sudo rocks sync users
</xterm2>

Create a directory for Squid and change ownership to the new Squid user account.
<xterm2 root>
[root@grow-prod ~]# mkdir /export/squid
[root@grow-prod ~]# chown dbfrontier:users /export/squid
</xterm2>

  - Download Squid.
  - Unpack tar file.
  - Change directory into newly unpacked directory.
  - Call the configuration script.Provide the script with the answers below.
<xterm2 root>
[root@grow-prod ~]# wget "http://frontier.cern.ch/dist/frontier-squid-2.7.STABLE9-5.tar.gz"
[root@grow-prod ~]# tar -xvzf frontier-squid-2.7.STABLE9-5.tar.gz
[root@grow-prod ~]# cd frontier-squid-2.7.STABLE9-5
[root@grow-prod frontier-squid-2.7.STABLE9-5]# ./configure
<fc #008000>Installation directory: /export/squid
Network & netmask: 128.255.0.0/254.255.0.0 10.1.0.0/255.255.0.0
Cache RAM (MB): 128
Cache disk (MB): 40000</fc>
</xterm2>

Install Squid by executing:
<xterm2 root>
[root@grow-prod frontier-squid-2.7.STABLE9-5]# make
[root@grow-prod frontier-squid-2.7.STABLE9-5]# make install
</xterm2>

Start the Squid server:
<xterm2 root>
[root@grow-prod frontier-squid-2.7.STABLE9-5]# /export/squid/frontier-cache/utils/bin/fn-local-squid.sh start
</xterm2>

You can start the Squid server at boot time. As root (logout from dbfrontier back to root):
<xterm2 root>
[root@grow-prod frontier-squid-2.7.STABLE9-5]# cp /export/squid/frontier-cache/utils/init.d/frontier-squid.sh /etc/init.d/.
[root@grow-prod frontier-squid-2.7.STABLE9-5]# sudo /sbin/chkconfig --add frontier-squid.sh
</xterm2>

Create a cron job to rotate the logs:
<xterm2 root>
[root@grow-prod frontier-squid-2.7.STABLE9-5]# crontab /export/squid/frontier-cache/utils/cron/crontab.dat
</xterm2>

We choose to restrict Squid access to CMS Frontier queries, since the IPs allowed by Squid include addresses not in our cluster. Edit customize.sh and add the lines inside the {}:
<xterm2 root>
[root@grow-prod frontier-squid-2.7.STABLE9-5]# sudo vi /export/squid/frontier-cache/squid/etc/customize.sh
</xterm2>

Uncomment these lines:
<file bash /export/squid/frontier-cache/squid/etc/customize.sh>
acl RESTRICT_DEST
http_access deny !RESTRICT_DEST
</file>

Then tell Squid to use the new configuration:
<xterm2 root>
[root@grow-prod frontier-squid-2.7.STABLE9-5]# /export/squid/frontier-cache/utils/bin/fn-local-squid.sh reload
</xterm2>

Test Squid by clicking [[https://twiki.cern.ch/twiki/bin/view/CMS/SquidForCMS#Testing_Your_Installation| here.]]\\
Register Squid by clicking  [[https://twiki.cern.ch/twiki/bin/view/CMS/SquidForCMS#Register_Your_Server| here ]]

To provide new configuration options, get a fresh install execute:
<xterm2 root>
[root@grow-prod frontier-squid-2.7.STABLE9-5]# /export/squid/frontier-cache/utils/bin/fn-local-squid.sh stop
[root@grow-prod frontier-squid-2.7.STABLE9-5]# make clean
[root@grow-prod frontier-squid-2.7.STABLE9-5]# make
</xterm2>
====== Contact Info ======
This Dokuwiki page is maintained by:\\
Daniel Squires\\
University of Iowa\\
Department of Computer Science\\
Email: <daniel-squires@uiowa.edu>