diff --git a/bridgehead b/bridgehead index b937635..8db9735 100755 --- a/bridgehead +++ b/bridgehead @@ -65,6 +65,7 @@ loadVars() { fi detectCompose setHostname + setupProxy } case "$ACTION" in diff --git a/lib/functions.sh b/lib/functions.sh index 82a501d..4d2bb2f 100644 --- a/lib/functions.sh +++ b/lib/functions.sh @@ -9,6 +9,33 @@ detectCompose() { fi } +setupProxy() { + ### Note: As the current data protection concepts do not allow communication via HTTP, + ### we are not setting a proxy for HTTP requests. + + local http="no" + local https="no" + if [ $HTTPS_PROXY_URL ]; then + local proto="$(echo $HTTPS_PROXY_URL | grep :// | sed -e 's,^\(.*://\).*,\1,g')" + local fqdn="$(echo ${HTTPS_PROXY_URL/$proto/})" + local hostport=$(echo $HTTPS_PROXY_URL | sed -e "s,$proto,,g" | cut -d/ -f1) + HTTPS_PROXY_HOST="$(echo $hostport | sed -e 's,:.*,,g')" + HTTPS_PROXY_PORT="$(echo $hostport | sed -e 's,^.*:,:,g' -e 's,.*:\([0-9]*\).*,\1,g' -e 's,[^0-9],,g')" + if [[ ! -z "$HTTPS_PROXY_USERNAME" && ! -z "$HTTPS_PROXY_PASSWORD" ]]; then + local proto="$(echo $HTTPS_PROXY_URL | grep :// | sed -e 's,^\(.*://\).*,\1,g')" + local fqdn="$(echo ${HTTPS_PROXY_URL/$proto/})" + HTTPS_PROXY_FULL_URL="$(echo $proto$HTTPS_PROXY_USERNAME:$HTTPS_PROXY_PASSWORD@$fqdn)" + https="authenticated" + else + HTTPS_PROXY_FULL_URL=$HTTPS_PROXY_URL + https="unauthenticated" + fi + fi + + log INFO "Configuring proxy servers: $http http proxy (we're not supporting unencrypted comms), $https https proxy" + export HTTPS_PROXY_HOST HTTPS_PROXY_PORT HTTPS_PROXY_FULL_URL +} + exitIfNotRoot() { if [ "$EUID" -ne 0 ]; then log "ERROR" "Please run as root" diff --git a/lib/monitoring.sh b/lib/monitoring.sh index c3eb9fc..b5466a5 100755 --- a/lib/monitoring.sh +++ b/lib/monitoring.sh @@ -47,8 +47,8 @@ function hc_send(){ if [ -n "$2" ]; then MSG="$2\n\nDocker stats:\n$UPTIME" - echo -e "$MSG" | https_proxy=$HTTPS_PROXY_URL curl --max-time 5 -A "$USER_AGENT" -s -o /dev/null -X POST --data-binary @- "$HCURL"/"$1" || log WARN "Monitoring failed: Unable to send data to $HCURL/$1" + echo -e "$MSG" | https_proxy=$HTTPS_PROXY_FULL_URL curl --max-time 5 -A "$USER_AGENT" -s -o /dev/null -X POST --data-binary @- "$HCURL"/"$1" || log WARN "Monitoring failed: Unable to send data to $HCURL/$1" else - https_proxy=$HTTPS_PROXY_URL curl --max-time 5 -A "$USER_AGENT" -s -o /dev/null "$HCURL"/"$1" || log WARN "Monitoring failed: Unable to send data to $HCURL/$1" + https_proxy=$HTTPS_PROXY_FULL_URL curl --max-time 5 -A "$USER_AGENT" -s -o /dev/null "$HCURL"/"$1" || log WARN "Monitoring failed: Unable to send data to $HCURL/$1" fi } diff --git a/lib/prerequisites.sh b/lib/prerequisites.sh index 2665b95..10166e0 100755 --- a/lib/prerequisites.sh +++ b/lib/prerequisites.sh @@ -68,7 +68,7 @@ source /etc/bridgehead/${PROJECT}.conf source ${PROJECT}/vars set +e -SERVERTIME="$(https_proxy=$HTTPS_PROXY_URL curl -m 5 -s -I $BROKER_URL_FOR_PREREQ 2>&1 | grep -i -e '^Date: ' | sed -e 's/^Date: //i')" +SERVERTIME="$(https_proxy=$HTTPS_PROXY_FULL_URL curl -m 5 -s -I $BROKER_URL_FOR_PREREQ 2>&1 | grep -i -e '^Date: ' | sed -e 's/^Date: //i')" RET=$? set -e if [ $RET -ne 0 ]; then diff --git a/lib/update-bridgehead.sh b/lib/update-bridgehead.sh index 9958eb5..bc6a5f6 100755 --- a/lib/update-bridgehead.sh +++ b/lib/update-bridgehead.sh @@ -50,12 +50,12 @@ for DIR in /etc/bridgehead $(pwd); do git -C $DIR config credential.helper "$CREDHELPER" fi old_git_hash="$(git -C $DIR rev-parse --verify HEAD)" - if [ -z "$HTTP_PROXY_URL" ]; then + if [ -z "$HTTPS_PROXY_FULL_URL" ]; then log "INFO" "Git is using no proxy!" OUT=$(retry 5 git -C $DIR fetch 2>&1 && retry 5 git -C $DIR pull 2>&1) else - log "INFO" "Git is using proxy ${HTTP_PROXY_URL} from ${CONFFILE}" - OUT=$(retry 5 git -c http.proxy=$HTTP_PROXY_URL -c https.proxy=$HTTPS_PROXY_URL -C $DIR fetch 2>&1 && retry 5 git -c http.proxy=$HTTP_PROXY_URL -c https.proxy=$HTTPS_PROXY_URL -C $DIR pull 2>&1) + log "INFO" "Git is using proxy ${HTTPS_PROXY_URL} from ${CONFFILE}" + OUT=$(retry 5 git -c https.proxy=$HTTPS_PROXY_FULL_URL -C $DIR fetch 2>&1 && retry 5 git -c https.proxy=$HTTPS_PROXY_FULL_URL -C $DIR pull 2>&1) fi if [ $? -ne 0 ]; then report_error log "Unable to update git $DIR: $OUT"