From 560f50d3cde25f5ae7c0e69a8b5dcc85bb7e4639 Mon Sep 17 00:00:00 2001 From: MarkusTeufelberger Date: Thu, 2 May 2019 21:28:22 +0200 Subject: [PATCH] Add support for http(s)_proxy to CoreOS, Fedora and OpenSUSE (#4669) * Add support for http(s)_proxy to CoreOS and Fedora * fix opensuse proxy support * Fix CoreOS proxy support * update documentation --- roles/bootstrap-os/README.md | 1 - roles/bootstrap-os/tasks/bootstrap-coreos.yml | 3 +++ roles/bootstrap-os/tasks/bootstrap-fedora.yml | 20 ++++++++++++++ .../bootstrap-os/tasks/bootstrap-opensuse.yml | 27 +++++++++++++++++++ 4 files changed, 50 insertions(+), 1 deletion(-) diff --git a/roles/bootstrap-os/README.md b/roles/bootstrap-os/README.md index c01611dfd..e3400fba5 100644 --- a/roles/bootstrap-os/README.md +++ b/roles/bootstrap-os/README.md @@ -23,7 +23,6 @@ Variables are listed with their default values, if applicable. * `http_proxy`/`https_proxy` The role will configure the package manager (if applicable) to download packages via a proxy. - This is currently implemented for CentOS/RHEL (`http_proxy` only) as well as Debian and Ubuntu (both `http_proxy` and `https_proxy` are respected) * `override_system_hostname: true` The role will set the hostname of the machine to the name it has according to Ansible's inventory (the variable `{{ inventory_hostname }}`). diff --git a/roles/bootstrap-os/tasks/bootstrap-coreos.yml b/roles/bootstrap-os/tasks/bootstrap-coreos.yml index 48371555d..7347f8432 100644 --- a/roles/bootstrap-os/tasks/bootstrap-coreos.yml +++ b/roles/bootstrap-os/tasks/bootstrap-coreos.yml @@ -19,6 +19,9 @@ - name: Run bootstrap.sh script: bootstrap.sh become: true + environment: + http_proxy: "{{ http_proxy | default('') }}" + https_proxy: "{{ https_proxy | default('') }}" when: - need_bootstrap.rc != 0 diff --git a/roles/bootstrap-os/tasks/bootstrap-fedora.yml b/roles/bootstrap-os/tasks/bootstrap-fedora.yml index f25d2f0ff..2eb1fe477 100644 --- a/roles/bootstrap-os/tasks/bootstrap-fedora.yml +++ b/roles/bootstrap-os/tasks/bootstrap-fedora.yml @@ -25,6 +25,26 @@ tags: - facts +- name: Check if a proxy is set in /etc/dnf/dnf.conf + raw: grep -qs 'proxy=' /etc/dnf/dnf.conf + register: need_http_proxy + failed_when: false + changed_when: false + # This command should always run, even in check mode + check_mode: false + environment: {} + when: + - http_proxy is defined + +- name: Add http_proxy to /etc/dnf/dnf.conf if http_proxy is defined + raw: echo 'proxy={{ http_proxy }}' >> /etc/dnf/dnf.conf + become: true + environment: {} + when: + - http_proxy is defined + - need_http_proxy.rc != 0 + - not is_atomic + # Fedora's policy as of Fedora 30 is to still install python2 as /usr/bin/python # See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3 for the current status - name: Install python on fedora diff --git a/roles/bootstrap-os/tasks/bootstrap-opensuse.yml b/roles/bootstrap-os/tasks/bootstrap-opensuse.yml index a38f36684..4f2d415d6 100644 --- a/roles/bootstrap-os/tasks/bootstrap-opensuse.yml +++ b/roles/bootstrap-os/tasks/bootstrap-opensuse.yml @@ -1,6 +1,33 @@ --- # OpenSUSE ships with Python installed +- name: Set the http_proxy in /etc/sysconfig/proxy + lineinfile: + path: /etc/sysconfig/proxy + regexp: '^HTTP_PROXY=' + line: 'HTTP_PROXY="{{ http_proxy }}"' + become: true + when: + - http_proxy is defined + +- name: Set the https_proxy in /etc/sysconfig/proxy + lineinfile: + path: /etc/sysconfig/proxy + regexp: '^HTTPS_PROXY=' + line: 'HTTPS_PROXY="{{ https_proxy }}"' + become: true + when: + - https_proxy is defined + +- name: Enable proxies + lineinfile: + path: /etc/sysconfig/proxy + regexp: '^PROXY_ENABLED=' + line: 'PROXY_ENABLED="yes"' + become: true + when: + - http_proxy is defined or https_proxy is defined + # Without this package, the get_url module fails when trying to handle https - name: Install python-cryptography zypper: