Now We’re Talking Squid!!

Victory is mine!!!

I’ve been running the Squid proxy server in the house for the past two+ years. In our house if you want to get to the Internet, you have to point your browser to the Squid proxy. Otherwise, no dice on the Internet access. I set this up so that I could keep a liberal policy on computer usage in our house while at the same time keeping an eye on the kids. On top of Squid I’ve been using MySAR for the reporting and it has been doing a very nice job, although the MySAR interface is getting old.

For the Blog, I had the router forward all the port 80 inbound web traffic to the web server. As long as I could run everything off a common Apache server, this setup worked just fine. For this blog I’ve been running  WordPress. I’ve been very happy with WordPress so far.

Lately I’ve been help my good friend, Dave, with some web site work. Eventually the websites will be hosted at a still undetermined hosting provider. But for now I needed to bring them up on my home server. At first I just needed to resolve the domains to the single Apache server. No problem. The home network can easily handle this.

Then things got a little more complicated, I also needed to bring up a wiki. For the wiki I wanted to stay with Confluence. I like the Confluence wiki. Its easy to setup and maintain. Even in large installations it is quick and runs on minimal hardware.

We wanted to have the primary domain, www.agsaurora.com resolve to the Apache web server. But we wanted wiki.agsaurora.com to resolve to the Confluence server. Home routers, while they provide a lot of functionality that 98% of the people don’t even know exists, they can’t perform layer 7 content switching. Initially to get the wiki up and running I had the home router forward port 8080 to the server running Confluence. If you typed www or wiki.agsaurora.com:8080, it would redirect to the wiki. Problem with that is the URL’s are ugly. Who wants to see “:8080” in the URL. Second issue was that any sub-domain under “*.agsaurora.com:8080” would resolve to the wiki. Not clean and not elegant.

I looked on ebay for something that could provide the functionality that I needed, but the hardware was way to expensive. So I started to look for an Open Source software solution. The load balancing software solutions were complicated to setup and maintain. I was looking for a simple solution. Then I rediscovered Squid! The reverse proxy acceleration was exactly what we were looking for. All the traffic would be forwarded to the Squid server and I had to only open the single port 80 to the Internet. Squid would then proxy the requests to the correct backend server:port. This setup gave me an added bonus! It gave me positive control over the sub-domains and where they landed. It was relatively easy to get wiki.agsaurora.com to resolve to the Confluence server on port 8080 and all the other web traffic, like www.agsaurora.com or download.agsaurora.com, to resolve on the Apache web server on port 80.

Here is the snipet of the Squid Config that performs the magic:

# Squid normally listens to port 3128
http_port 80 accel vhost

acl myhost dstdomain .petersens.ws
acl myhost dstdomain .agsaurora.net .agsaurora.com
acl mywiki dstdomain wiki.agsaurora.net wiki.agsaurora.com

#setup cache peers for accelration
cache_peer 10.10.1.4 parent 80 0 no-query originserver name=xenweb login=PROXYPASS
cache_peer 10.10.1.5 parent 8080 0 no-query originserver name=xenshare

cache_peer_access xenweb deny mywiki
cache_peer_access xenweb allow myhost
cache_peer_access xenshare allow mywiki
always_direct deny myhost
always_direct deny mywiki

Eleven lines of configuration. It took the better part of three hours to get this config just right so that I can still use the Squid proxy to capture all the Internet bound traffic while at the same time perform the reverse proxy acceleration. The cache_peer and cache_peer_access lines setup the reverse proxy. The two last lines, always_direct, allows all the internally generated traffic to pass through the proxy to the outside world. I double checked the MySAR application after setting everything up and it was still processing all the logs just fine! So I can still monitor what the kids are up to on the Internet!!! VICTORY!!!

Wordbook and Lifestream

Just installed the Wordbook and Lifestream plugins on the blog. If all goes well when I publish this post to the blog, my facebook wall will also receive the update. I’m using the Lifestream plugin to display any of my facebook posts back to the blog. I like the idea of integrating my blog and facebook to make both sites more “fresh” with content. Let’s see if this works.

Petersen’s went Mobile

This blog site is now mobile! That’s right, for those who couldn’t wait to get to a desktop, you can now read my blog posts from a PDA, Blackberry, iPhone or most any other type of mobile device! Just use your mobile device and browse to this website!

I can even post entries to this blog from a PDA!  Sweet!!

Granted, blogging from a PDA is a bit cumbersome. I don’t see myself trying to upload pictures or files from a PDA. But to post a quick text update to the blog – Its fits the bill very nicely.

Its Awesome!

Spell Checker – Whoopie!

I got the spell checker plug-in working for this blog. Hopefully it will minimize my spelling errors! For fun I ran it against a few of my earlier posts.

Ouch – I have bad spelling. Fortunately for me, I’m no longer graded on my spelling. It also helps that the vast majority of the applications today have a spell checker built in. (God bless the ‘F7’ key stroke)

Setting up this Site

I finally got this site running close to where I wanted to get it. I managed to get wordpress 2.2 with gallery2 v2.2.2. I’ve settled on the K2 theme that is optimized with the WPG2 plug-in. This theme nicely displays the photos from gallery2. I also have tagging working using the Ultimate Tag Warrior plugin.

Before installing Gallery2, I tried several different themes to get tagging to work correctly. With varying degrees of success, I found that K2 really was one of the few themes to work with UTW and not require modifications. The fact that there is a Gallery2 optimized version of K2 was icing on the cake.

I think I have all the major components working for this site. Though I doubt I’m done with tweaking it. For now I’m going to try to be content with it and focus on organizing the photos database. I’m sure everyone can relate to the fact that with having a digital camera, we typically have more photos that we can print. Hopefully I can setup this online photo album in some sort of organized way.