From 560f50d3cde25f5ae7c0e69a8b5dcc85bb7e4639 Mon Sep 17 00:00:00 2001
From: MarkusTeufelberger <markusteufelberger@gmail.com>
Date: Thu, 2 May 2019 21:28:22 +0200
Subject: [PATCH] Add support for http(s)_proxy to CoreOS, Fedora and OpenSUSE
(#4669)
* Add support for http(s)_proxy to CoreOS and Fedora
* fix opensuse proxy support
* Fix CoreOS proxy support
* update documentation
---
roles/bootstrap-os/README.md | 1 -
roles/bootstrap-os/tasks/bootstrap-coreos.yml | 3 +++
roles/bootstrap-os/tasks/bootstrap-fedora.yml | 20 ++++++++++++++
.../bootstrap-os/tasks/bootstrap-opensuse.yml | 27 +++++++++++++++++++
4 files changed, 50 insertions(+), 1 deletion(-)
diff --git a/roles/bootstrap-os/README.md b/roles/bootstrap-os/README.md
index c01611dfd..e3400fba5 100644
--- a/roles/bootstrap-os/README.md
+++ b/roles/bootstrap-os/README.md
@@ -23,7 +23,6 @@ Variables are listed with their default values, if applicable.
* `http_proxy`/`https_proxy`
The role will configure the package manager (if applicable) to download packages via a proxy.
- This is currently implemented for CentOS/RHEL (`http_proxy` only) as well as Debian and Ubuntu (both `http_proxy` and `https_proxy` are respected)
* `override_system_hostname: true`
The role will set the hostname of the machine to the name it has according to Ansible's inventory (the variable `{{ inventory_hostname }}`).
diff --git a/roles/bootstrap-os/tasks/bootstrap-coreos.yml b/roles/bootstrap-os/tasks/bootstrap-coreos.yml
index 48371555d..7347f8432 100644
--- a/roles/bootstrap-os/tasks/bootstrap-coreos.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-coreos.yml
@@ -19,6 +19,9 @@
- name: Run bootstrap.sh
script: bootstrap.sh
become: true
+ environment:
+ http_proxy: "{{ http_proxy | default('') }}"
+ https_proxy: "{{ https_proxy | default('') }}"
when:
- need_bootstrap.rc != 0
diff --git a/roles/bootstrap-os/tasks/bootstrap-fedora.yml b/roles/bootstrap-os/tasks/bootstrap-fedora.yml
index f25d2f0ff..2eb1fe477 100644
--- a/roles/bootstrap-os/tasks/bootstrap-fedora.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-fedora.yml
@@ -25,6 +25,26 @@
tags:
- facts
+- name: Check if a proxy is set in /etc/dnf/dnf.conf
+ raw: grep -qs 'proxy=' /etc/dnf/dnf.conf
+ register: need_http_proxy
+ failed_when: false
+ changed_when: false
+ # This command should always run, even in check mode
+ check_mode: false
+ environment: {}
+ when:
+ - http_proxy is defined
+
+- name: Add http_proxy to /etc/dnf/dnf.conf if http_proxy is defined
+ raw: echo 'proxy={{ http_proxy }}' >> /etc/dnf/dnf.conf
+ become: true
+ environment: {}
+ when:
+ - http_proxy is defined
+ - need_http_proxy.rc != 0
+ - not is_atomic
+
# Fedora's policy as of Fedora 30 is to still install python2 as /usr/bin/python
# See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3 for the current status
- name: Install python on fedora
diff --git a/roles/bootstrap-os/tasks/bootstrap-opensuse.yml b/roles/bootstrap-os/tasks/bootstrap-opensuse.yml
index a38f36684..4f2d415d6 100644
--- a/roles/bootstrap-os/tasks/bootstrap-opensuse.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-opensuse.yml
@@ -1,6 +1,33 @@
---
# OpenSUSE ships with Python installed
+- name: Set the http_proxy in /etc/sysconfig/proxy
+ lineinfile:
+ path: /etc/sysconfig/proxy
+ regexp: '^HTTP_PROXY='
+ line: 'HTTP_PROXY="{{ http_proxy }}"'
+ become: true
+ when:
+ - http_proxy is defined
+
+- name: Set the https_proxy in /etc/sysconfig/proxy
+ lineinfile:
+ path: /etc/sysconfig/proxy
+ regexp: '^HTTPS_PROXY='
+ line: 'HTTPS_PROXY="{{ https_proxy }}"'
+ become: true
+ when:
+ - https_proxy is defined
+
+- name: Enable proxies
+ lineinfile:
+ path: /etc/sysconfig/proxy
+ regexp: '^PROXY_ENABLED='
+ line: 'PROXY_ENABLED="yes"'
+ become: true
+ when:
+ - http_proxy is defined or https_proxy is defined
+
# Without this package, the get_url module fails when trying to handle https
- name: Install python-cryptography
zypper:
--
GitLab