170 lines
6.3 KiB
YAML
Executable File
170 lines
6.3 KiB
YAML
Executable File
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
|
|
---
|
|
|
|
- name: "base base_proxy.yml BOX_OS_FLAVOR={{BOX_OS_FLAVOR}}"
|
|
debug:
|
|
# verbosity: 1
|
|
msg: "base base_proxy.yml http_proxy={{http_proxy}} https_proxy={{https_proxy}} socks_proxy={{socks_proxy}}"
|
|
|
|
- name: make sure that we can override pip and keep it from installing things
|
|
set_fact:
|
|
null_proxy_env:
|
|
http_proxy: "http://127.0.0.1:9999"
|
|
https_proxy: "http://127.0.0.1:9999"
|
|
socks_proxy: "socks5://127.0.0.1:9999"
|
|
ftp_proxy: "socks5://127.0.0.1:9999"
|
|
no_proxy: "{{ NO_PROXY|default('127.0.0.1,localhost') }}"
|
|
SSL_CERT_FILE: "{{ SSL_CERT_FILE|default('/usr/local/etc/ssl/cacert-testforge.pem') }}"
|
|
RSYNC_PROXY: "127.0.0.1:9999"
|
|
TERM: linux
|
|
|
|
- block:
|
|
|
|
- debug:
|
|
msg: "INFO: Overriding proxy values with the environment variables - ansible_connection={{ansible_connection}}"
|
|
|
|
- name: These are filled in from the environment in ['local', 'chroot']
|
|
set_fact:
|
|
http_proxy: "{{ lookup('env', 'http_proxy')|default('') }}"
|
|
https_proxy: "{{ lookup('env', 'https_proxy')|default('') }}"
|
|
socks_proxy: "{{ lookup('env', 'socks_proxy')|default('') }}"
|
|
ftp_proxy: "{{ lookup('env', 'ftp_proxy')|default('') }}"
|
|
no_proxy: "{{ lookup('env', 'no_proxy')|default('127.0.0.1,localhost') }}"
|
|
# CORP_NTLM_PROXY usually comes from QeRcUser.yaml because of the need for a username/password and domain
|
|
|
|
- name: make sure that we can override and reset proxy_env from the playbook
|
|
set_fact:
|
|
proxy_env:
|
|
# hostvars[inventory_hostname]['http_proxy']
|
|
http_proxy: "{{ http_proxy }}"
|
|
https_proxy: "{{ https_proxy }}"
|
|
socks_proxy: '{{ socks_proxy }}'
|
|
ftp_proxy: '{{ ftp_proxy }}'
|
|
no_proxy: '{{ no_proxy }}'
|
|
RSYNC_PROXY: "{{ http_proxy|replace('http://', '') }}"
|
|
TERM: linux
|
|
# Starting rsync with rsync://89.238.71.6/gentoo-portage
|
|
|
|
when:
|
|
# FixMe: this may be bogus - our guest may be very different?
|
|
- ansible_connection|default('') in ['local', 'chroot']
|
|
|
|
- block:
|
|
|
|
- debug:
|
|
msg: "INFO: Overriding proxy values with the external - ansible_connection={{ansible_connection}}"
|
|
|
|
- name: These are filled in from the /etc/hosts in ['libvirt_qemu']
|
|
delegate_to: localhost
|
|
shell: |
|
|
IP=`ifconfig |grep -A1 wlan|grep inet|sed -e 's/.*inet //' -e 's/ .*//'`
|
|
# we may not be connected
|
|
if [ $? -ne 0 ] || [ -z "$IP" ] ; then
|
|
IP=`grep -q " external" /etc/hosts | sed -e 's/ .*//'`
|
|
fi
|
|
echo $IP
|
|
register: external_out
|
|
|
|
- name: set the proxies from the external
|
|
set_fact:
|
|
# these ports should come from the host env
|
|
http_proxy: "http://{{external_out.stdout}}:3128"
|
|
https_proxy: "http://{{external_out.stdout}}:9128"
|
|
socks_proxy: "socks5://{{external_out.stdout}}:9050"
|
|
ftp_proxy: "socks5://{{external_out.stdout}}:3128"
|
|
# this network should come from inventory
|
|
no_proxy: "{{ NO_PROXY|default('127.0.0.1,localhost,10.0.2.0/24') }}"
|
|
SSL_CERT_FILE: "{{ SSL_CERT_FILE|default('/usr/local/etc/ssl/cacert-testforge.pem') }}"
|
|
RSYNC_PROXY: "{{external_out.stdout}}:3128"
|
|
when:
|
|
- external_out.rc|default(1) == 0
|
|
- external_out.stdout|default('') != ''
|
|
# box mode is tor or
|
|
|
|
check_mode: false
|
|
when:
|
|
- ansible_connection|default('') in ['libvirt_qemu']
|
|
|
|
- name: "base base_proxy.yml proxy_env"
|
|
debug: var=proxy_env
|
|
|
|
- name: "set HTTP_PROXY '{{http_proxy}}'"
|
|
set_fact: HTTP_PROXY='{{http_proxy}}'
|
|
|
|
- name: "set HTTP_PROXYPORT HTTP_PROXYHOST HTTP_PROXYTYPE defaults"
|
|
set_fact: HTTP_PROXYPORT="" HTTP_PROXYHOST="" HTTP_PROXYTYPE="http"
|
|
|
|
- name: "set HTTPS_PROXY '{{https_proxy}}'"
|
|
set_fact: HTTPS_PROXY='{{https_proxy}}'
|
|
|
|
- name: "set HTTPS_PROXYPORT HTTPS_PROXYHOST HTTPS_PROXYTYPE defaults"
|
|
set_fact: HTTPS_PROXYPORT="" HTTPS_PROXYHOST="" HTTPS_PROXYTYPE="http"
|
|
|
|
- name: "set SOCKS_PROXY '{{socks_proxy}}'"
|
|
set_fact: SOCKS_PROXY="{{socks_proxy}}"
|
|
|
|
- name: "set SOCKS_PROXYPORT SOCKS_PROXYHOST SOCKS_PROXYTYPE defaults"
|
|
set_fact: SOCKS_PROXYPORT="" SOCKS_PROXYHOST="" SOCKS_PROXYTYPE="socks5"
|
|
|
|
# no_proxy in the environment of the call of ansible-playbook is used
|
|
# we set a big default even for people not using a proxy, which is harmless
|
|
- name: "set NO_PROXY '{{no_proxy}}'"
|
|
set_fact:
|
|
NO_PROXY: '{{no_proxy}}'
|
|
|
|
- name: "set NTLM_PROXYPORT NTLM_PROXYHOST NTLM_PROXYTYPE defaults"
|
|
set_fact:
|
|
NTLM_PROXYPORT: ""
|
|
NTLM_PROXYTYPE: ""
|
|
NTLM_PROXYHOST: ""
|
|
|
|
- block:
|
|
|
|
- name: set NTLM_PROXYPORT NTLM_PROXYHOST NTLM_PROXYTYPE from CORP_NTLM_PROXY="{{ CORP_NTLM_PROXY }}"
|
|
set_fact: >
|
|
NTLM_PROXYPORT="{{ CORP_NTLM_PROXY.
|
|
split(':') | last }}"
|
|
NTLM_PROXYTYPE="{{ CORP_NTLM_PROXY.split(':') | first }}"
|
|
NTLM_PROXYHOST="{{ CORP_NTLM_PROXY.replace('http://', '').split(':') | first }}"
|
|
|
|
when: CORP_NTLM_PROXY|default('') != ''
|
|
|
|
# we will override HTTP_PROXY with cntlm later when we know its running
|
|
|
|
- block:
|
|
|
|
- name: "set HTTP_PROXYPORT HTTP_PROXYHOST HTTP_PROXYTYPE"
|
|
set_fact: >
|
|
HTTP_PROXYPORT="{{ HTTP_PROXY.split(':') | last }}"
|
|
HTTP_PROXYTYPE="{{ HTTP_PROXY.split(':') | first }}"
|
|
HTTP_PROXYHOST="{{ HTTP_PROXY.replace('http://', '').split(':') | first }}"
|
|
when: "HTTP_PROXY != ''"
|
|
|
|
- name: "set HTTPS_PROXYPORT HTTPS_PROXYHOST HTTPS_PROXYTYPE"
|
|
set_fact: >
|
|
HTTPS_PROXYPORT="{{ HTTPS_PROXY.split(':') | last }}"
|
|
# one of http https
|
|
HTTPS_PROXYTYPE="{{ HTTPS_PROXY.split(':') | first }}"
|
|
HTTPS_PROXYHOST="{{ HTTPS_PROXY.replace('http://', '').replace('https://', '').split(':') | first }}"
|
|
when: "HTTPS_PROXY != ''"
|
|
|
|
- name: "set SOCKS_PROXYPORT SOCKS_PROXYHOST SOCKS_PROXYTYPE"
|
|
set_fact: >
|
|
SOCKS_PROXYPORT="{{ SOCKS_PROXY.split(':') | last }}"
|
|
# one of http socks
|
|
SOCKS_PROXYTYPE="{{ SOCKS_PROXY.split(':') | first }}"
|
|
# FixMe: parse user pass
|
|
SOCKS_PROXYHOST="{{ SOCKS_PROXY.replace('socks4://', '').replace('socks5://', '').replace('socks5h://', '').split(':') | first }}"
|
|
|
|
when: "SOCKS_PROXY != ''"
|
|
|
|
when: CORP_NTLM_PROXY|default('') == ''
|
|
|
|
- set_fact:
|
|
shell_proxy_env: "{{ proxy_env | ansible.builtin.combine(shell_env) }}"
|
|
shell_no_proxy_env: "{{ shell_env }}"
|
|
|
|
- set_fact:
|
|
portage_proxy_env: "{{ shell_proxy_env }}"
|
|
pip_proxy_env: "{{ shell_proxy_env }}"
|