Ask Your Question
0

puppet vcsrepo behind http_proxy

asked 2015-12-09 03:39:11 -0500

teleivo gravatar image

updated 2015-12-09 04:58:45 -0500

Dear all,

I want to clone a git repo using the puppetlabs vcsrepo module. Unfortunately I am behind an http proxy.

I am running foreman/puppet master --> agent setup with puppet 3.8 on Ubuntu server 14.04.

I have set the environment variables http_proxy, HTTP_PROXY, https_proxy, HTTPS_PROXY, no_proxy, NO_PROXY on all nodes via

  1. /etc/profile.d/proxy.sh
  2. /etc/environment

If a manifest like this:

vcsrepo { '/home/sam/.dotfiles':
    ensure      => latest,
    provider    => git,
    source      => 'https://github.com/teleivo/dotfiles.git',
    user        => 'sam',
}

is applied via the puppet master, the git clone done through vcsrepo fails with error 128.

To debug the issue I did a git clone using the puppet execresource which tells me 'fatal: unable to access 'https://github.com/teleivo/dotfiles.git/': Failed to connect to github.com port 443: Connection refused'. If I add the http_proxy environment variables to the exec's resource attribute environment, git clone works fine.

If I simply run

sudo puppet agent --test

on the node itself, the manifest applies fine as well! My guess is that in this case the http_proxy environment variables which I have exported are picked up by the puppet command.

Now the trouble is vscrepo has no environment attribute where I could set the environment variables.

And if I add httpproxyhost/port in puppet agents puppet.conf under [main] see https://docs.puppetlabs.com/reference...

then I get "Warning: unable to fetch my node definition, but the agent run will continue: Warning: 403 "Forbidden"" I am guessing the agent cannot reach the puppet master because he goes through the http proxy which he should not. There is no no_proxy config see https://projects.puppetlabs.com/issue....

How should I configure the http_proxy so that puppet master/agent use this environment variable on any exec/vcsrepo resource?

Hope there is somebody out there who can help me fight this damn proxy once and for all :) Thank you!!!

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2015-12-09 13:48:44 -0500

teleivo gravatar image

easiest fix I now found was to define the http_proxy for git in the system wide git config at

/etc/gitconfig

like this:

[http]
proxy = http[s]:@PROXYIP:PROXYPORT

see https://git-scm.com/book/en/v2/Custom...

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2015-12-09 03:39:11 -0500

Seen: 471 times

Last updated: Dec 09 '15