Apache as forward proxy server on CentOS 8 to block youtube

1 Create a new config file /etc/httpd/conf.d/00-proxy.conf

$ cat /etc/httpd/conf.d/00-proxy.conf

Listen 8087

<VirtualHost *:8087>

        ProxyRequests On

        ProxyVia On

        ProxyBlock "youtube"

        <Proxy *>

                Require ip 192.168

        </Proxy>

</VirtualHost>

2 SELinux settings

# semanage port --add -t http_port_t -p tcp 8087

# semanage boolean --modify --on httpd_can_network_connect

3 Firewalld settings

# firewall-cmd --permanent --add-port=8087/tcp

# firewall-cmd --reload

4 Restart httpd

# systemctl restart httpd

5 playbook

$ cat proxy.yml

---

- name: set host as a proxy server

  hosts: localhost

  become: yes

  tasks:

      - name: make sure apache installed

        yum:

            name: httpd

            state: present

      - name: make sure a proper conf file exists

        copy:

            src: 00-proxy.conf

            dest: /etc/httpd/conf.d/00-proxy.conf

            owner: root

            group: root

            mode: 0644

        notify: restart httpd

      - name: SELinux allows httpd to connect outside

        seboolean:

            name: httpd_can_network_connect

            state: yes

            persistent: yes

      - name: SELinux allows httpd to listen on 8087

        seport:

            ports: 8087

            proto: tcp

            setype: http_port_t

            state: present

        notify: restart httpd

      - name: Firewalld allows TCP:8087

        firewalld:

            port: 8087/tcp

            permanent: yes

            immediate: yes

            state: enabled

  handlers:

      - name: restart httpd

        service:

            name: httpd

            state: restarted

...