squid ssl proxy with icap without Docker on raspberry pi. Based on justinschw/docker-squid-sslbump-rpi, which was based on syakesaba/docker-sslbump-proxy. The Docker install didn't work on my Pi Zero, so here it is on the "bare metal."
- ✅ Tested on: raspbian/stretch on Pi Zero and Zero W (it works, but it takes a long time to build!)
- ✅ Tested on: Ubuntu 18.04 on x64
- ❗Could not build on: Ubuntu 20.04
- Requires
cryptowhich can be had withapt install libssl-dev - Requires
libssl1.0-devwhich is no longer available. To fix:- add this PPA:
sudo apt-add-repository -y ppa:rael-gc/rvm sudo apt install libssl1.0-dev
- add this PPA:
- Still got errors. Gave up and built on 18.04 and copied output folder to new machine 🤷♂️
- Requires
- Instructions below require git (or you can download the files directly)
sudo apt-get updatesudo apt-get install git
git clone https://github.com/codepoet80/squid-sslbump-rpi.git
cd squid-sslbump-rpi
chmod +x ./install.sh
sudo ./install.sh- If you want, you can delete the
squid-sslbump-rpidirectory after install completes. - Now run:
sudo /usr/local/squid/startsquid.sh
Community member Nomad84 has documented his approach to Dockerizing this service here.
- Set your client's proxy server to the IP address of your Pi , and use port 3128 (for both HTTP and HTTPS)
- Export your fake root-cert from your Pi after installation and import it into your client web browsers.
- (Root-cert path on the Pi after installation:
/usr/local/squid/ssl/localCert.der) - OR, just access some HTTPS webpages from the client via the proxy and choose to "Trust Cert".
- installed in:
/usr/local/squid - to see if its running, list processes:
ps -ef - to kill:
killall squid - to run in background:
/usr/local/squid/startsquid.sh &- the & makes it go background after its startup messages
- This deliberately uses a root-cert with weak encryption to support old devices
- Make sure your is proxy safe.
- To prevent unwanted use, firewalls or some squid-acls should be applied.
MIT License
See: LICENSE