base_role/tasks/base_proxy.yml
embed@git.macaw.me b50fd16591 first
2024-01-06 01:38:28 +00:00

170 lines
6.3 KiB
YAML
Executable File

# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
- name: "base base_proxy.yml BOX_OS_FLAVOR={{BOX_OS_FLAVOR}}"
debug:
# verbosity: 1
msg: "base base_proxy.yml http_proxy={{http_proxy}} https_proxy={{https_proxy}} socks_proxy={{socks_proxy}}"
- name: make sure that we can override pip and keep it from installing things
set_fact:
null_proxy_env:
http_proxy: "http://127.0.0.1:9999"
https_proxy: "http://127.0.0.1:9999"
socks_proxy: "socks5://127.0.0.1:9999"
ftp_proxy: "socks5://127.0.0.1:9999"
no_proxy: "{{ NO_PROXY|default('127.0.0.1,localhost') }}"
SSL_CERT_FILE: "{{ SSL_CERT_FILE|default('/usr/local/etc/ssl/cacert-testforge.pem') }}"
RSYNC_PROXY: "127.0.0.1:9999"
TERM: linux
- block:
- debug:
msg: "INFO: Overriding proxy values with the environment variables - ansible_connection={{ansible_connection}}"
- name: These are filled in from the environment in ['local', 'chroot']
set_fact:
http_proxy: "{{ lookup('env', 'http_proxy')|default('') }}"
https_proxy: "{{ lookup('env', 'https_proxy')|default('') }}"
socks_proxy: "{{ lookup('env', 'socks_proxy')|default('') }}"
ftp_proxy: "{{ lookup('env', 'ftp_proxy')|default('') }}"
no_proxy: "{{ lookup('env', 'no_proxy')|default('127.0.0.1,localhost') }}"
# CORP_NTLM_PROXY usually comes from QeRcUser.yaml because of the need for a username/password and domain
- name: make sure that we can override and reset proxy_env from the playbook
set_fact:
proxy_env:
# hostvars[inventory_hostname]['http_proxy']
http_proxy: "{{ http_proxy }}"
https_proxy: "{{ https_proxy }}"
socks_proxy: '{{ socks_proxy }}'
ftp_proxy: '{{ ftp_proxy }}'
no_proxy: '{{ no_proxy }}'
RSYNC_PROXY: "{{ http_proxy|replace('http://', '') }}"
TERM: linux
# Starting rsync with rsync://89.238.71.6/gentoo-portage
when:
# FixMe: this may be bogus - our guest may be very different?
- ansible_connection|default('') in ['local', 'chroot']
- block:
- debug:
msg: "INFO: Overriding proxy values with the external - ansible_connection={{ansible_connection}}"
- name: These are filled in from the /etc/hosts in ['libvirt_qemu']
delegate_to: localhost
shell: |
IP=`ifconfig |grep -A1 wlan|grep inet|sed -e 's/.*inet //' -e 's/ .*//'`
# we may not be connected
if [ $? -ne 0 ] || [ -z "$IP" ] ; then
IP=`grep -q " external" /etc/hosts | sed -e 's/ .*//'`
fi
echo $IP
register: external_out
- name: set the proxies from the external
set_fact:
# these ports should come from the host env
http_proxy: "http://{{external_out.stdout}}:3128"
https_proxy: "http://{{external_out.stdout}}:9128"
socks_proxy: "socks5://{{external_out.stdout}}:9050"
ftp_proxy: "socks5://{{external_out.stdout}}:3128"
# this network should come from inventory
no_proxy: "{{ NO_PROXY|default('127.0.0.1,localhost,10.0.2.0/24') }}"
SSL_CERT_FILE: "{{ SSL_CERT_FILE|default('/usr/local/etc/ssl/cacert-testforge.pem') }}"
RSYNC_PROXY: "{{external_out.stdout}}:3128"
when:
- external_out.rc|default(1) == 0
- external_out.stdout|default('') != ''
# box mode is tor or
check_mode: false
when:
- ansible_connection|default('') in ['libvirt_qemu']
- name: "base base_proxy.yml proxy_env"
debug: var=proxy_env
- name: "set HTTP_PROXY '{{http_proxy}}'"
set_fact: HTTP_PROXY='{{http_proxy}}'
- name: "set HTTP_PROXYPORT HTTP_PROXYHOST HTTP_PROXYTYPE defaults"
set_fact: HTTP_PROXYPORT="" HTTP_PROXYHOST="" HTTP_PROXYTYPE="http"
- name: "set HTTPS_PROXY '{{https_proxy}}'"
set_fact: HTTPS_PROXY='{{https_proxy}}'
- name: "set HTTPS_PROXYPORT HTTPS_PROXYHOST HTTPS_PROXYTYPE defaults"
set_fact: HTTPS_PROXYPORT="" HTTPS_PROXYHOST="" HTTPS_PROXYTYPE="http"
- name: "set SOCKS_PROXY '{{socks_proxy}}'"
set_fact: SOCKS_PROXY="{{socks_proxy}}"
- name: "set SOCKS_PROXYPORT SOCKS_PROXYHOST SOCKS_PROXYTYPE defaults"
set_fact: SOCKS_PROXYPORT="" SOCKS_PROXYHOST="" SOCKS_PROXYTYPE="socks5"
# no_proxy in the environment of the call of ansible-playbook is used
# we set a big default even for people not using a proxy, which is harmless
- name: "set NO_PROXY '{{no_proxy}}'"
set_fact:
NO_PROXY: '{{no_proxy}}'
- name: "set NTLM_PROXYPORT NTLM_PROXYHOST NTLM_PROXYTYPE defaults"
set_fact:
NTLM_PROXYPORT: ""
NTLM_PROXYTYPE: ""
NTLM_PROXYHOST: ""
- block:
- name: set NTLM_PROXYPORT NTLM_PROXYHOST NTLM_PROXYTYPE from CORP_NTLM_PROXY="{{ CORP_NTLM_PROXY }}"
set_fact: >
NTLM_PROXYPORT="{{ CORP_NTLM_PROXY.
split(':') | last }}"
NTLM_PROXYTYPE="{{ CORP_NTLM_PROXY.split(':') | first }}"
NTLM_PROXYHOST="{{ CORP_NTLM_PROXY.replace('http://', '').split(':') | first }}"
when: CORP_NTLM_PROXY|default('') != ''
# we will override HTTP_PROXY with cntlm later when we know its running
- block:
- name: "set HTTP_PROXYPORT HTTP_PROXYHOST HTTP_PROXYTYPE"
set_fact: >
HTTP_PROXYPORT="{{ HTTP_PROXY.split(':') | last }}"
HTTP_PROXYTYPE="{{ HTTP_PROXY.split(':') | first }}"
HTTP_PROXYHOST="{{ HTTP_PROXY.replace('http://', '').split(':') | first }}"
when: "HTTP_PROXY != ''"
- name: "set HTTPS_PROXYPORT HTTPS_PROXYHOST HTTPS_PROXYTYPE"
set_fact: >
HTTPS_PROXYPORT="{{ HTTPS_PROXY.split(':') | last }}"
# one of http https
HTTPS_PROXYTYPE="{{ HTTPS_PROXY.split(':') | first }}"
HTTPS_PROXYHOST="{{ HTTPS_PROXY.replace('http://', '').replace('https://', '').split(':') | first }}"
when: "HTTPS_PROXY != ''"
- name: "set SOCKS_PROXYPORT SOCKS_PROXYHOST SOCKS_PROXYTYPE"
set_fact: >
SOCKS_PROXYPORT="{{ SOCKS_PROXY.split(':') | last }}"
# one of http socks
SOCKS_PROXYTYPE="{{ SOCKS_PROXY.split(':') | first }}"
# FixMe: parse user pass
SOCKS_PROXYHOST="{{ SOCKS_PROXY.replace('socks4://', '').replace('socks5://', '').replace('socks5h://', '').split(':') | first }}"
when: "SOCKS_PROXY != ''"
when: CORP_NTLM_PROXY|default('') == ''
- set_fact:
shell_proxy_env: "{{ proxy_env | ansible.builtin.combine(shell_env) }}"
shell_no_proxy_env: "{{ shell_env }}"
- set_fact:
portage_proxy_env: "{{ shell_proxy_env }}"
pip_proxy_env: "{{ shell_proxy_env }}"