docker-claude/proxy/squid.conf

# ─────────────────────────────────────────────────────────────────────────────
# Squid forward-proxy sidecar — allowlist-only egress for Claude Code
# ─────────────────────────────────────────────────────────────────────────────

http_port 3128

# PID must be writable by the non-root proxy user
pid_filename /tmp/squid.pid

# ─── Logging (container-friendly: stdout/stderr) ──────────────────────────────
access_log  stdio:/dev/stdout combined
cache_log   stdio:/dev/stderr
cache_store_log none

# ─── No disk cache ────────────────────────────────────────────────────────────
cache deny all
coredump_dir /var/cache/squid

# ─── ACL Definitions ──────────────────────────────────────────────────────────
acl SSL_ports  port 443
acl SSL_ports  port 6443  # Kubernetes API server
acl Safe_ports port 80
acl Safe_ports port 443
acl Safe_ports port 6443  # Kubernetes API server
acl CONNECT    method CONNECT

# ─── Egress allowlist ─────────────────────────────────────────────────────────
# Add domains here as needed. Leading dot matches all subdomains.
acl allowed_sites dstdomain api.anthropic.com
acl allowed_sites dstdomain statsig.anthropic.com
acl allowed_sites dstdomain platform.claude.com
# MCP servers
acl allowed_sites dstdomain api.github.com
acl allowed_sites dstdomain .gitlab.com
acl allowed_sites dstdomain .atlassian.net
# Kubernetes API server — add your cluster's hostname here when using --kube
# acl allowed_sites dstdomain k8s.example.com

# ─── Access rules ─────────────────────────────────────────────────────────────
# Block requests to non-standard ports
http_access deny !Safe_ports

# Block CONNECT to non-SSL ports
http_access deny CONNECT !SSL_ports

# Allow HTTPS tunnels only to allowlisted destinations
http_access allow CONNECT allowed_sites

# Allow plain HTTP only to allowlisted destinations
http_access allow allowed_sites

# Deny everything else — default deny
http_access deny all