voxpupuli · alexjfisher · Jun 28, 2017 · Jun 26, 2017
diff --git a/README.md b/README.md
@@ -57,6 +57,7 @@ Parameters to the squid class almost map 1 to 1 to squid.conf parameters themsel
 * `http_ports` defaults to undef. If you pass in a hash of http_port entries, they will be defined automatically. [http_port entries](http://www.squid-cache.org/Doc/config/http_port/).
 * `https_ports` defaults to undef. If you pass in a hash of https_port entries, they will be defined automatically. [https_port entries](http://www.squid-cache.org/Doc/config/https_port/).
 * `icp_access` defaults to undef. If you pass in a hash of icp_access entries, they will be defined automatically. [icp_access entries](http://www.squid-cache.org/Doc/config/icp_access/).
+* `refresh_patterns` defaults to undef.  If you pass a hash of refresh_pattern entires, they will be defined automatically. [refresh_pattern entries](http://www.squid-cache.org/Doc/config/refresh_pattern/).
 * `snmp_ports` defaults to undef. If you pass in a hash of snmp_port entries, they will be defined automatically. [snmp_port entries](http://www.squid-cache.org/Doc/config/snmp_port/).
 * `cache_dirs` defaults to undef. If you pass in a hash of cache_dir entries, they will be defined automatically. [cache_dir entries](http://www.squid-cache.org/Doc/config/cache_dir/).
 * `ssl_bump` defaults to undef. If you pass in a hash of ssl_bump entries, they will be defined automatically. [ssl_bump entries](http://www.squid-cache.org/Doc/config/ssl_bump/).
@@ -237,6 +238,74 @@ As an alternative to using the Squid::Http\_port defined type with `ssl` set to
 * `port` defaults to the namevar and is the port number.
 * `options` A string to specify any options to add to the https_port line.  Defaults to an empty string.
 
+
+### Defined Type squid::refresh_pattern
+Defines [refresh_pattern entries](http://www.squid-cache.org/Doc/config/refresh_pattern/) for a squid server.
+
+```puppet
+squid::refresh_pattern{'^ftp':
+   min     => 1440,
+   max     => 10080,
+   percent => 20,
+   order   => 60,
+}
+
+squid::refresh_pattern{'(/cgi-bin/|\?)':
+   case_sensitive => falke,
+   min            => 0,
+   max            => 0,
+   percent        => 0,
+   order          => 61,
+}
+```
+
+would result in the following squid refresh patterns
+
+```
+# refresh_pattern fragment for ^ftp
+refresh_pattern ^ftp: 1440 20% 10080
+# refresh_pattern fragment for (/cgi-bin/|\?)
+refresh_pattern (/cgi-bin/|\?): -i 0 0% 0
+```
+
+These may be defined as a hash passed to ::squid
+
+YAML example:
+```
+squid::refresh_patterns:
+  '^ftp':
+    max:     10080
+    min:     1440
+    percent: 20
+    order:   '60'
+  '^gopher':
+    max:     1440
+    min:     1440
+    percent: 0
+    order:   '61'
+  '(/cgi-bin/|\?)':
+    case_sensitive: false
+    max:            0
+    min:            0
+    percent:        0
+    order:          '62'
+  '.':
+    max:     4320
+    min:     0
+    percent: 20
+    order:   '63'
+```
+
+#### Parameters for Type squid::refresh_pattern
+* `case_sensitive` Boolean value, if true (default) the regex is case sensitive, when false the case insensitive flag '-i' is added to the pattern
+* `comment` Comment added before refresh rule, defaults to refresh_pattern fragment for `title`
+* `min` Must be defined, the time (in minutes) an object without an explicit expiry time should be considered fresh.
+* `max` Must be defined, the upper limit (in minutes) on how long objects without an explicit expiry time will be considered fresh.
+* `percent` Must be defined, is a percentage of the objects age (time since last modification age)
+* `options` See squid documentation for available options.
+* `order` Each refresh_pattern has an order `05` by default this can be specified if order of refresh_pattern definition matters.
+
+
 ### Defined Type Squid::Snmp\_port
 Defines [snmp_port entries](http://www.squid-cache.org/Doc/config/snmp_port/) for a squid server.
 

diff --git a/manifests/config.pp b/manifests/config.pp
@@ -15,6 +15,7 @@
   $auth_params                   = $::squid::auth_params,
   $http_ports                    = $::squid::http_ports,
   $https_ports                   = $::squid::https_ports,
+  $refresh_patterns              = $::squid::refresh_patterns,
   $snmp_ports                    = $::squid::snmp_ports,
   $ssl_bump                      = $::squid::ssl_bump,
   $sslproxy_cert_error           = $::squid::sslproxy_cert_error,
@@ -59,6 +60,9 @@
   if $cache_dirs {
     create_resources('squid::cache_dir', $cache_dirs)
   }
+  if $refresh_patterns {
+    create_resources('squid::refresh_pattern', $refresh_patterns)
+  }
   if $ssl_bump {
     create_resources('squid::ssl_bump', $ssl_bump)
   }

diff --git a/manifests/init.pp b/manifests/init.pp
@@ -1,91 +1,36 @@
 class squid (
-  $ensure_service                = $squid::params::ensure_service,
-  $enable_service                = $squid::params::enable_service,
-  $service_name                  = $squid::params::service_name,
-  $config                        = $squid::params::config,
-  $config_user                   = $squid::params::config_user,
-  $config_group                  = $squid::params::config_group,
-  $package_name                  = $squid::params::package_name,
-  $cache_mem                     = $squid::params::cache_mem,
-  $memory_cache_shared           = $squid::params::memory_cache_shared,
-  $maximum_object_size_in_memory = $squid::params::maximum_object_size_in_memory,
-  $logformat                     = $squid::params::logformat,
-  $access_log                    = $squid::params::access_log,
-  $coredump_dir                  = $squid::params::coredump_dir,
-  $max_filedescriptors           = $squid::params::max_filedescriptors,
-  $workers                       = $squid::params::workers,
-  $acls                          = $squid::params::acls,
-  $http_access                   = $squid::params::http_access,
-  $icp_access                    = $squid::params::icp_access,
-  $auth_params                   = $squid::params::auth_params,
-  $http_ports                    = $squid::params::http_ports,
-  $https_ports                   = $squid::params::https_ports,
-  $snmp_ports                    = $squid::params::snmp_ports,
-  $cache_dirs                    = $squid::params::cache_dirs,
-  $daemon_user                   = $squid::params::daemon_user,
-  $daemon_group                  = $squid::params::daemon_group,
-  $ssl_bump                      = $squid::params::ssl_bump,
-  $sslproxy_cert_error           = $squid::params::sslproxy_cert_error,
-  $extra_config_sections         = {},
+  String            $access_log                    = $squid::params::access_log,
+  Pattern[/\d+ MB/] $cache_mem                     = $squid::params::cache_mem,
+  String            $config                        = $squid::params::config,
+  String            $config_group                  = $squid::params::config_group,
+  String            $config_user                   = $squid::params::config_user,
+  String            $daemon_group                  = $squid::params::daemon_group,
+  String            $daemon_user                   = $squid::params::daemon_user,
+  Boolean           $enable_service                = $squid::params::enable_service,
+  String            $ensure_service                = $squid::params::ensure_service,
+  Pattern[/\d+ KB/] $maximum_object_size_in_memory = $squid::params::maximum_object_size_in_memory,
+  String            $package_name                  = $squid::params::package_name,
+  String            $service_name                  = $squid::params::service_name,
+  Optional[Hash]    $acls                          = $squid::params::acls,
+  Optional[Hash]    $auth_params                   = $squid::params::auth_params,
+  Optional[Hash]    $cache_dirs                    = $squid::params::cache_dirs,
+  Optional[String]  $coredump_dir                  = $squid::params::coredump_dir,
+  Optional[Hash]    $extra_config_sections         = {},
+  Optional[Hash]    $http_access                   = $squid::params::http_access,
+  Optional[Hash]    $http_ports                    = $squid::params::http_ports,
+  Optional[Hash]    $https_ports                   = $squid::params::https_ports,
+  Optional[Hash]    $icp_access                    = $squid::params::icp_access,
+  Optional[String]  $logformat                     = $squid::params::logformat,
+  Optional[Integer] $max_filedescriptors           = $squid::params::max_filedescriptors,
+  Optional[Variant[Enum['on', 'off'], Boolean]]
+                    $memory_cache_shared           = $squid::params::memory_cache_shared,
+  Optional[Hash]    $refresh_patterns              = $squid::params::refresh_patterns,
+  Optional[Hash]    $snmp_ports                    = $squid::params::snmp_ports,
+  Optional[Hash]    $ssl_bump                      = $squid::params::ssl_bump,
+  Optional[Hash]    $sslproxy_cert_error           = $squid::params::sslproxy_cert_error,
+  Optional[Integer] $workers                       = $squid::params::workers,
 ) inherits ::squid::params {
 
-  validate_string($ensure_service)
-  validate_bool($enable_service)
-  validate_re($cache_mem,'\d+ MB')
-  validate_string($config)
-  validate_string($config_user)
-  validate_string($config_group)
-  validate_string($daemon_user)
-  validate_string($daemon_group)
-  if $memory_cache_shared {
-    validate_re($memory_cache_shared,['^on$','^off$'])
-  }
-  validate_re($maximum_object_size_in_memory,'\d+ KB')
-  validate_string($logformat)
-  validate_string($access_log)
-  if $coredump_dir {
-    validate_string($coredump_dir)
-  }
-  if $max_filedescriptors {
-    validate_integer($max_filedescriptors)
-  }
-  if $workers {
-    validate_integer($workers)
-  }
-
-  if $acls {
-    validate_hash($acls)
-  }
-  if $http_access {
-    validate_hash($http_access)
-  }
-  if $icp_access {
-    validate_hash($icp_access)
-  }
-  if $auth_params {
-    validate_hash($auth_params)
-  }
-  if $http_ports {
-    validate_hash($http_ports)
-  }
-  if $https_ports {
-    validate_hash($https_ports)
-  }
-  if $snmp_ports {
-    validate_hash($snmp_ports)
-  }
-  if $cache_dirs {
-    validate_hash($cache_dirs)
-  }
-  if $ssl_bump {
-    validate_hash($ssl_bump)
-  }
-  if $sslproxy_cert_error {
-    validate_hash($sslproxy_cert_error)
-  }
-
-  validate_hash($extra_config_sections)
-
   anchor{'squid::begin':}
   -> class{'::squid::install':}
   -> class{'::squid::config':}

diff --git a/manifests/params.pp b/manifests/params.pp
@@ -18,6 +18,7 @@
   $auth_params                   = undef
   $http_ports                    = undef
   $https_ports                   = undef
+  $refresh_patterns              = undef
   $snmp_ports                    = undef
   $ssl_bump                      = undef
   $sslproxy_cert_error           = undef

diff --git a/manifests/refresh_pattern.pp b/manifests/refresh_pattern.pp
@@ -0,0 +1,17 @@
+define squid::refresh_pattern (
+  Integer $max,
+  Integer $min,
+  Integer $percent,
+  Boolean $case_sensitive = true,
+  String  $options        = '',
+  String  $order          = '05',
+  String  $pattern        = $title,
+  String  $comment        = "refresh_pattern fragment for ${pattern}",
+) {
+
+  concat::fragment{"squid_refresh_pattern_${pattern}":
+    target  => $::squid::config,
+    content => template('squid/squid.conf.refresh_pattern.erb'),
+    order   => "45-${order}",
+  }
+}
diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb
@@ -93,6 +93,50 @@
         it { is_expected.to contain_concat_fragment('squid_header').with_content(%r{^workers\s+8$}) }
       end
 
+      context 'with memory_cache_shared parameter set to true' do
+        let :params do
+          {
+            config: '/tmp/squid.conf',
+            memory_cache_shared: true
+          }
+        end
+
+        it { is_expected.to contain_concat_fragment('squid_header').with_content(%r{^memory_cache_shared\s+on$}) }
+      end
+
+      context 'with memory_cache_shared parameter set to on' do
+        let :params do
+          {
+            config: '/tmp/squid.conf',
+            memory_cache_shared: 'on'
+          }
+        end
+
+        it { is_expected.to contain_concat_fragment('squid_header').with_content(%r{^memory_cache_shared\s+on$}) }
+      end
+
+      context 'with memory_cache_shared parameter set to false' do
+        let :params do
+          {
+            config: '/tmp/squid.conf',
+            memory_cache_shared: false
+          }
+        end
+
+        it { is_expected.to contain_concat_fragment('squid_header').with_content(%r{^memory_cache_shared\s+off$}) }
+      end
+
+      context 'with memory_cache_shared parameter set to off' do
+        let :params do
+          {
+            config: '/tmp/squid.conf',
+            memory_cache_shared: 'off'
+          }
+        end
+
+        it { is_expected.to contain_concat_fragment('squid_header').with_content(%r{^memory_cache_shared\s+off$}) }
+      end
+
       context 'with one acl parameter set' do
         let :params do
           {

diff --git a/spec/defines/refresh_pattern_spec.rb b/spec/defines/refresh_pattern_spec.rb
@@ -0,0 +1,54 @@
+require 'spec_helper'
+
+describe 'squid::refresh_pattern' do
+  on_supported_os.each do |os, facts|
+    context "on #{os}" do
+      let(:facts) do
+        facts
+      end
+      let :pre_condition do
+        ' class{"::squid":
+            config => "/tmp/squid.conf"
+          }
+        '
+      end
+
+      context 'when parameters are set' do
+        let(:title) { 'my_pattern' }
+        let(:params) do
+          {
+            order:   '06',
+            max:     10_080,
+            min:     1440,
+            percent: 20,
+            comment: 'Refresh Patterns'
+          }
+        end
+
+        fname = 'squid_refresh_pattern_my_pattern'
+        it { is_expected.to contain_concat_fragment(fname).with_target('/tmp/squid.conf') }
+        it { is_expected.to contain_concat_fragment(fname).with_order('45-06') }
+        it { is_expected.to contain_concat_fragment(fname).with_content(%r{^refresh_pattern\s+my_pattern:\s+1440\s+20%\s+10080$}) }
+      end # context 'when parameters are set'
+
+      context 'when parameters are set and case insensitive' do
+        let(:title) { 'case_insensitive' }
+        let(:params) do
+          {
+            case_sensitive: false,
+            comment:        'Refresh Patterns',
+            max:            0,
+            min:            0,
+            order:          '07',
+            percent:        0
+          }
+        end
+
+        fname = 'squid_refresh_pattern_case_insensitive'
+        it { is_expected.to contain_concat_fragment(fname).with_target('/tmp/squid.conf') }
+        it { is_expected.to contain_concat_fragment(fname).with_order('45-07') }
+        it { is_expected.to contain_concat_fragment(fname).with_content(%r{^refresh_pattern\s+case_insensitive:\s+-i\s+0\s+0%\s+0$}) }
+      end # context 'when parameters are set and case insensitive'
+    end
+  end
+end
diff --git a/templates/squid.conf.header.erb b/templates/squid.conf.header.erb
@@ -4,8 +4,8 @@
 
 cache_mem                     <%= @cache_mem %>
 
-<% if @memory_cache_shared -%>
-memory_cache_shared           <%= @memory_cache_shared %>
+<% unless @memory_cache_shared.nil? -%>
+memory_cache_shared           <%= (@memory_cache_shared == 'on' || @memory_cache_shared == true)?'on':'off' %>
 
 <% end -%>
 maximum_object_size_in_memory <%= @maximum_object_size_in_memory %>

diff --git a/templates/squid.conf.refresh_pattern.erb b/templates/squid.conf.refresh_pattern.erb
@@ -0,0 +1,2 @@
+# <%= @comment %>
+refresh_pattern <%= @pattern %>: <%= @case_sensitive?'':'-i ' %><%= @min %> <%= @percent %>% <%= @max %><%= @options ? @options:'' %>