Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

manage repo trough proxy #394

Closed
elderorange opened this issue Nov 8, 2017 · 7 comments
Closed

manage repo trough proxy #394

elderorange opened this issue Nov 8, 2017 · 7 comments
Labels
question

Comments

@elderorange
Copy link

I want to add icinga2 repo and getting the following message:

Error: /Stage[main]/Icinga2::Repo/File[/etc/pki/GPG-KEY-icinga]: Could not evaluate: Could not retrieve file metadata for http://packages.icinga.com/icinga.key: getaddrinfo: Name or service not known

So, it hangs in repo.pp at:

file { '/etc/pki/GPG-KEY-icinga':
          ensure => present,
          source => 'http://packages.icinga.com/icinga.key',
       }

How does puppet get the source? The better question is how can I setup the puppet client node to do this trough proxy with authentication?

Puppet modules:
├── common (v0.1.0)
├── icinga-icinga2 (v1.3.0)
├── puppet-zypprepo (v2.0.0)
├── puppetlabs-apt (v4.1.0)
├── puppetlabs-chocolatey (v2.0.2)
├── puppetlabs-concat (v2.2.1)
├── puppetlabs-ntp (v6.3.0)
├── puppetlabs-powershell (v2.1.0)
├── puppetlabs-registry (v1.1.4)
└── puppetlabs-stdlib (v4.17.1)

puppet version: 4.10.8
OS: SLES 12.2

Best regards, Markus
@dnsmichi
Copy link

dnsmichi commented Nov 8, 2017

I'd suggest to manage the repo on your own (manage_repo => false) and handle http proxies and such over there.

@elderorange
Copy link
Author

Okay, an exec getting the key by wget works for me. If I want to do it as written at the top, how is "source" getting the file? It uses wget also, or is it curl?

I am asking because it´s not so simple to define proxy settings and noproxy settings for different linux applications. A also tried zypprepo but this as proxy options only for yum repos

@lbetz
Copy link
Contributor

lbetz commented Nov 8, 2017
edited
Loading

You should configure your zypper to use a proxy before declaring the class icinga. If you'll do this by puppet you can use icinga with manage_repo => true.

@elderorange
Copy link
Author

I made this already by setting up /etc/sysconfig/proxy with all necessary noproxy entries.
I found out that entreing authentication for proxy creates a .curlrc in root home directory. I think puppet doesn´t load this file executing zypper. And without the credentials it´s not possible to cross our proxy.

@lbetz
Copy link
Contributor

lbetz commented Nov 13, 2017

Sorry, my mistake. The fiel resource that handle the key isn't involved by zypper. But zypper has an property gpgkey to handle the key. So maybe we can replace the the file resource with this property.

As a workaround for your problem please use manage_repo => false and manage the zypper resource before the icinga2 class by your own. Let me now if you need additional help to implement it.

@lbetz
Copy link
Contributor

lbetz commented Nov 13, 2017

related to #397

@elderorange
Copy link
Author

I made it. Zypper take the credentials from /root/.curlrc not in every situation. I had to enter the credentials to HTTP_PROXY in /etc/sysconfig/proxy as well.
HTTP_PROXY="http://:@:"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dnsmichi @lbetz @elderorange