vagrant-proxyconf 2.0.4 → 2.0.5

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: b3fb0eb7149c9d6f2428429c1b9aa483c7441b05
4
- data.tar.gz: 93ec0d7d278519991fa1e6e94ec9915926eea50a
2
+ SHA256:
3
+ metadata.gz: a7a1cd739f80a73e0310fcc60987e1c3fb2e41436078e2d5ffa6d88d95769877
4
+ data.tar.gz: 1d40a68b9ec904f7bc84ee8959ec861a5d22eb479d2be90c4fb2710ccd7040cc
5
5
  SHA512:
6
- metadata.gz: da01327a34f53b3ba30471ebcbc0efa5de55005512b17bd20683721f051c1c350db7118fbd43b3ea7a18cf5cad98c8d44c36162d013bc453f6da4b30c2e88a4f
7
- data.tar.gz: 671f0968893e0f819361846ef9338589e6cfbd614e37fa429c8e4d660e6455e974c969eecd7152d2bcaaa5596d84d38305f818108f91972c0904bb8afe6af939
6
+ metadata.gz: 96341ff59ad6ca3a2d4a4d3dd125b15496d805c48c0daa35941a2ca96cf0f4f5ebb8e6b915977943791b70171d7349fe9420b018ffa6129b4a7b98b727a62316
7
+ data.tar.gz: 560894fbc39dd0b14e1ac0df447c786c7e62f0a189f7b062415665cd87a394e89813eca9234591d740d0a05ece76109d22a9638c4db5b7a4b59daaaeb86d3b33
data/.travis.yml CHANGED
@@ -17,8 +17,6 @@ matrix:
17
17
  - env: VAGRANT_VERSION=v2.2.2
18
18
  - env: VAGRANT_VERSION=v2.1.5
19
19
  - env: VAGRANT_VERSION=v2.0.4
20
- - env: VAGRANT_VERSION=v1.9.8
21
- rvm: 2.3.4
22
20
  - env: VAGRANT_VERSION=master
23
21
  allow_failures:
24
22
  - env: VAGRANT_VERSION=master
data/CHANGELOG.md CHANGED
@@ -1,3 +1,89 @@
1
+ # 2.0.6 / NOT_RELEASED_YET
2
+
3
+ # 2.0.5 / 2019-07-27
4
+
5
+ #### Deprecations:
6
+
7
+ - Dropped support for vagrant 1.9.8 due to our tests failinging and it's more than 2 years old.
8
+
9
+ #### Credits
10
+
11
+ - Credit to this release goes to @greut. Thank you for your detailed information and for reporting a solution.
12
+
13
+ This is a feature enhancement for the APT proxy configuration when using
14
+ a proxy that is terminating SSL. By default, these settings are left
15
+ as-is and only enabled when a user wants to configure these settings.
16
+ This feature supports enabling/disabling the follwoing settings
17
+
18
+ #### file `/etc/apt/apt.conf.d/01proxy`
19
+
20
+ ```
21
+ Acquire::https::Verify-Host
22
+ Acquire::https::Verify-Peer
23
+ ```
24
+
25
+ #### Configuration settings for `Acquire::https::Verify-Host` and `Acquire::https::Verify-Peer`
26
+
27
+ * The value for these settings must be a string.
28
+ * When `"true"` enable the setting
29
+ * When `"false"` disable the setting
30
+ * When `""` this setting is removed.
31
+
32
+ #### Example Inside the Vagrantfile
33
+
34
+ ```
35
+ Vagrant.configure("2") do |config|
36
+
37
+ config.vm.define 'apt_host' do |c|
38
+ c.vm.box = "bento/ubuntu-18.04"
39
+
40
+ if Vagrant.has_plugin?('vagrant-proxyconf')
41
+ c.proxy.http = ENV['HTTP_PROXY']
42
+ c.proxy.https = ENV['HTTPS_PROXY']
43
+ c.proxy.no_proxy = ENV['NO_PROXY']
44
+ c.apt_proxy.verify_host = "false"
45
+ c.apt_proxy.verify_peer = "false"
46
+
47
+ c.proxy.enabled = {
48
+ :apt => {
49
+ :enabled => true,
50
+ :skip => false,
51
+ },
52
+ :env => {
53
+ :enabled => true,
54
+ :skip => false,
55
+ },
56
+ :git => {
57
+ :enabled => true,
58
+ :skip => false,
59
+ }
60
+ }
61
+ end
62
+ end
63
+
64
+ end
65
+ ```
66
+
67
+ #### Example setting the environment variables
68
+
69
+ ```
70
+ export VAGRANT_APT_VERIFY_HOST="false"
71
+ export VAGRANT_APT_VERIFY_PEER="false"
72
+ vagrant up
73
+ vagrant provision
74
+ ```
75
+
76
+ **NOTE** If you change a setting in your `Vagrantfile` and the box is
77
+ running, you can run `vagrant provision` or `vagrant reload` to adjust
78
+ the settings.
79
+
80
+ Supporting Issues:
81
+ - https://github.com/tmatilai/vagrant-proxyconf/issues/199
82
+
83
+ Supporting Integration Tests:
84
+ - Look at the examples in directory [199](test/issues/199/)
85
+
86
+
1
87
  # 2.0.4 / 2019-07-24
2
88
 
3
89
  This is a bug fix release to address a logic issue for supporting docker
data/README.md CHANGED
@@ -237,6 +237,8 @@ VAGRANT_APT_HTTP_PROXY="http://proxy.example.com:8080" vagrant up
237
237
  | apt | `VAGRANT_APT_HTTP_PROXY` | Configures APT http proxy | Highest |
238
238
  | | `VAGRANT_APT_HTTPS_PROXY` | Configures APT https proxy | Highest |
239
239
  | | `VAGRANT_APT_FTP_PROXY` | Configures APT ftp proxy | Highest |
240
+ | | `VAGRANT_APT_VERIFY_PEER` | Configures APT Verify-Peer | Highest |
241
+ | | `VAGRANT_APT_VERIFY_HOST` | Configures APT Verify-Host | Highest |
240
242
  | chef | `VAGRANT_CHEF_HTTP_PROXY` | Configures CHEF http proxy | Highest |
241
243
  | | `VAGRANT_CHEF_HTTPS_PROXY` | Configures CHEF https proxy | Highest |
242
244
  | | `VAGRANT_CHEF_NO_PROXY` | Configures CHEF no proxy | Highest |
@@ -330,3 +332,22 @@ unless ENV.key?('VAGRANT_INSTALLER_EMBEDDED_DIR')
330
332
  end
331
333
  end
332
334
  ```
335
+
336
+ # Contributors
337
+
338
+ * @tmatilai
339
+ * @otahi
340
+ * @jperville
341
+ * @johnbellone
342
+ * @SaschaGuenther
343
+ * @mrsheepuk
344
+ * @vboerchers
345
+ * @rlaveycal
346
+ * @pomeh
347
+ * @mynamewastaken
348
+ * @lawsonj2019
349
+ * @jonekdahl
350
+ * @hexmode
351
+ * @craigmunro
352
+ * @greut
353
+ * @codylane
@@ -87,13 +87,17 @@ module VagrantPlugins
87
87
  local_tmp = tempfile(config)
88
88
 
89
89
  logger.debug "Configuration (#{path}):\n#{config}"
90
+
90
91
  @machine.communicate.tap do |comm|
91
- comm.sudo("rm -f #{tmp}", error_check: false)
92
92
  comm.upload(local_tmp.path, tmp)
93
- comm.sudo("chmod #{opts[:mode] || '0644'} #{tmp}")
94
- comm.sudo("chown #{opts[:owner] || 'root:root'} #{tmp}")
95
- comm.sudo("mkdir -p #{File.dirname(path)}")
96
- comm.sudo("mv -f #{tmp} #{path}")
93
+ if comm.test("command -v sudo")
94
+ comm.sudo("chmod #{opts[:mode] || '0644'} #{tmp}")
95
+ comm.sudo("chown #{opts[:owner] || 'root:root'} #{tmp}")
96
+ comm.sudo("mkdir -p #{File.dirname(path)}")
97
+ comm.sudo("mv -f #{tmp} #{path}")
98
+ else
99
+ raise Vagrant::Errors::CommandUnavailable.new(file: "sudo")
100
+ end
97
101
  end
98
102
  end
99
103
 
@@ -20,6 +20,12 @@ module VagrantPlugins
20
20
  # @return [String] the FTP proxy
21
21
  key :ftp, env_var: 'VAGRANT_APT_FTP_PROXY'
22
22
 
23
+ # @return [String] whether APT should verify peer certificate
24
+ key :verify_peer, env_var: 'VAGRANT_APT_VERIFY_PEER'
25
+
26
+ # @return [String] whether APT should verify that certificate name matches server name
27
+ key :verify_host, env_var: 'VAGRANT_APT_VERIFY_HOST'
28
+
23
29
  def finalize!
24
30
  super
25
31
 
@@ -33,7 +39,15 @@ module VagrantPlugins
33
39
 
34
40
  # (see KeyMixin#config_for)
35
41
  def config_for(key, value)
36
- %Q{Acquire::#{key.name}::Proxy #{value.inspect};\n} if value
42
+ if value
43
+ if key.name == :verify_host
44
+ %Q{Acquire::https::Verify-Host #{value.inspect};\n}
45
+ elsif key.name == :verify_peer
46
+ %Q{Acquire::https::Verify-Peer #{value.inspect};\n}
47
+ else
48
+ %Q{Acquire::#{key.name}::Proxy #{value.inspect};\n}
49
+ end
50
+ end
37
51
  end
38
52
 
39
53
  def finalize_uri(key, value)
@@ -55,7 +69,8 @@ module VagrantPlugins
55
69
  end
56
70
 
57
71
  def to_s
58
- direct || "#{prefix}#{value}#{suffix}"
72
+ # direct || "#{prefix}#{value}#{suffix}"
73
+ direct || verify || "#{prefix}#{value}#{suffix}"
59
74
  end
60
75
 
61
76
  private
@@ -64,6 +79,10 @@ module VagrantPlugins
64
79
  'DIRECT' if value.upcase == 'DIRECT'
65
80
  end
66
81
 
82
+ def verify
83
+ value if ["true", "false"].to_set.include? value
84
+ end
85
+
67
86
  # Hash of deprecation warning sentinels
68
87
  @@warned = {}
69
88
 
@@ -1,5 +1,5 @@
1
1
  module VagrantPlugins
2
2
  module ProxyConf
3
- VERSION = '2.0.4'
3
+ VERSION = '2.0.5'
4
4
  end
5
5
  end
@@ -8,6 +8,10 @@ end
8
8
  def conf_line(proto, name, port = 3142)
9
9
  if name == :direct
10
10
  %Q{Acquire::#{proto}::Proxy "DIRECT";\n}
11
+ elsif proto == :verify_peer
12
+ %Q{Acquire::https::Verify-Peer "#{name}";\n}
13
+ elsif proto == :verify_host
14
+ %Q{Acquire::https::Verify-Host "#{name}";\n}
11
15
  else
12
16
  port = ":#{port}" if port
13
17
  %Q{Acquire::#{proto}::Proxy "#{proto}://#{name}#{port}";\n}
@@ -65,6 +69,14 @@ shared_examples "apt proxy config" do |proto|
65
69
  end
66
70
  end
67
71
 
72
+ [:verify_peer, :verify_host].each do |verify|
73
+ context "with #{verify.inspect}" do
74
+ subject { config_with(verify => "false") }
75
+ its(:enabled?) { should be_truthy }
76
+ its(:to_s) { should eq conf_line(verify, "false") }
77
+ end
78
+ end
79
+
68
80
  [false, ""].each do |unset|
69
81
  context "with #{unset.inspect}" do
70
82
  subject { config_with(proto => unset) }
@@ -4,6 +4,7 @@ require 'vagrant-proxyconf/action/configure_svn_proxy'
4
4
  def mock_write_config(machine)
5
5
  allow(machine).to receive_message_chain(:communicate, :sudo).with("rm -f /tmp/vagrant-proxyconf", error_check: false)
6
6
  allow(machine).to receive_message_chain(:communicate, :upload)
7
+ allow(machine).to receive_message_chain(:communicate, :test).with('command -v sudo').and_return(true)
7
8
  allow(machine).to receive_message_chain(:communicate, :sudo).with("chmod 0644 /tmp/vagrant-proxyconf")
8
9
  allow(machine).to receive_message_chain(:communicate, :sudo).with("chown root:root /tmp/vagrant-proxyconf")
9
10
  allow(machine).to receive_message_chain(:communicate, :sudo).with("mkdir -p /etc/subversion")
@@ -10,7 +10,7 @@ bundle exec vagrant up default
10
10
  ## Expect
11
11
 
12
12
 
13
- ### Box `default``
13
+ ### Box `default`
14
14
 
15
15
  - The box `default` is a docker container that will be a reverse
16
16
  proxy. It should provision itself and work without errors.
@@ -21,7 +21,7 @@ bundle exec vagrant up default
21
21
  - **NOTE**: You'll need to use `docker exec <hash> -it bash` to get into the container
22
22
 
23
23
 
24
- ### Box `docker-host`
24
+ ### Box `docker_host`
25
25
 
26
26
  - Vagrant should automatically instally docker-ce.
27
27
  - The box should come up and provision itself with the proxy settings
@@ -0,0 +1,2 @@
1
+ --color
2
+ --format documentation
@@ -0,0 +1,47 @@
1
+ FROM centos:7
2
+
3
+ ENV CI_USERNAME vagrant
4
+ ENV CI_PASSWORD vagrant
5
+ ENV CI_HOMEDIR /home/vagrant
6
+ ENV CI_SHELL /bin/bash
7
+
8
+ EXPOSE 8888
9
+
10
+ RUN yum clean all && \
11
+ yum makecache fast && \
12
+ yum -y install epel-release && \
13
+ yum clean expire-cache && \
14
+ yum -y install \
15
+ curl \
16
+ initscripts \
17
+ openssh-clients \
18
+ openssh-server \
19
+ sudo \
20
+ tinyproxy
21
+
22
+ RUN /usr/sbin/sshd-keygen && \
23
+ mkdir -p /var/run/sshd && \
24
+ rm -f /usr/lib/tmpfiles.d/systemd-nologin.conf
25
+
26
+ RUN if ! getent passwd $CI_USERNAME; then \
27
+ useradd -m -d ${CI_HOMEDIR} -s ${CI_SHELL} $CI_USERNAME; \
28
+ fi && \
29
+ echo "${CI_USERNAME}:${CI_PASSWORD}" | chpasswd && \
30
+ echo "${CI_USERNAME} ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers && \
31
+ mkdir -p /etc/sudoers.d && \
32
+ echo "${CI_USERNAME} ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/${CI_USERNAME} && \
33
+ chmod 0440 /etc/sudoers.d/${CI_USERNAME} && \
34
+ mkdir -p ${CI_HOMEDIR}/.ssh && \
35
+ chown -R ${CI_USERNAME}:${CI_USERNAME} ${CI_HOMEDIR}/.ssh && \
36
+ chmod 0700 ${CI_HOMEDIR}/.ssh && \
37
+ curl -L https://raw.githubusercontent.com/hashicorp/vagrant/master/keys/vagrant.pub > ${CI_HOMEDIR}/.ssh/vagrant.pub && \
38
+ touch ${CI_HOMEDIR}/.ssh/authorized_keys && \
39
+ grep -q "$(cat ${CI_HOMEDIR}/.ssh/vagrant.pub | awk '{print $2}')" ${CI_HOMEDIR}/.ssh/authorized_keys || cat ${CI_HOMEDIR}/.ssh/vagrant.pub >> ${CI_HOMEDIR}/.ssh/authorized_keys && \
40
+ chown ${CI_USERNAME}:${CI_USERNAME} ${CI_HOMEDIR}/.ssh/authorized_keys && \
41
+ chmod 0600 ${CI_HOMEDIR}/.ssh/authorized_keys
42
+
43
+ COPY tinyproxy.conf /etc/tinyproxy/tinyproxy.conf
44
+ COPY entrypoint.sh /entrypoint.sh
45
+
46
+ ENTRYPOINT ["/entrypoint.sh"]
47
+ CMD [ "start" ]
@@ -0,0 +1,40 @@
1
+ FROM ubuntu:bionic
2
+
3
+ ENV CI_USERNAME vagrant
4
+ ENV CI_PASSWORD vagrant
5
+ ENV CI_HOMEDIR /home/vagrant
6
+ ENV CI_SHELL /bin/bash
7
+
8
+ RUN apt-get -y update && \
9
+ mkdir -p /run/sshd && \
10
+ apt-get -y install \
11
+ apt-transport-https \
12
+ ca-certificates \
13
+ curl \
14
+ gnupg-agent \
15
+ openssh-client \
16
+ openssh-server \
17
+ software-properties-common \
18
+ sudo
19
+
20
+ RUN curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - && \
21
+ sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" && \
22
+ rm -f /usr/lib/tmpfiles.d/systemd-nologin.conf && \
23
+ if ! getent passwd $CI_USERNAME; then \
24
+ useradd -m -d ${CI_HOMEDIR} -s ${CI_SHELL} $CI_USERNAME; \
25
+ fi && \
26
+ echo "${CI_USERNAME}:${CI_PASSWORD}" | chpasswd && \
27
+ echo "${CI_USERNAME} ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers && \
28
+ mkdir -p /etc/sudoers.d && \
29
+ echo "${CI_USERNAME} ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers.d/${CI_USERNAME} && \
30
+ chmod 0440 /etc/sudoers.d/${CI_USERNAME} && \
31
+ mkdir -p ${CI_HOMEDIR}/.ssh && \
32
+ chown -R ${CI_USERNAME}:${CI_USERNAME} ${CI_HOMEDIR}/.ssh && \
33
+ chmod 0700 ${CI_HOMEDIR}/.ssh && \
34
+ curl -L https://raw.githubusercontent.com/hashicorp/vagrant/master/keys/vagrant.pub > ${CI_HOMEDIR}/.ssh/vagrant.pub && \
35
+ touch ${CI_HOMEDIR}/.ssh/authorized_keys && \
36
+ grep -q "$(cat ${CI_HOMEDIR}/.ssh/vagrant.pub | awk '{print $2}')" ${CI_HOMEDIR}/.ssh/authorized_keys || cat ${CI_HOMEDIR}/.ssh/vagrant.pub >> ${CI_HOMEDIR}/.ssh/authorized_keys && \
37
+ chown ${CI_USERNAME}:${CI_USERNAME} ${CI_HOMEDIR}/.ssh/authorized_keys && \
38
+ chmod 0600 ${CI_HOMEDIR}/.ssh/authorized_keys
39
+
40
+ CMD [ "/usr/sbin/sshd", "-D" ]
@@ -0,0 +1,29 @@
1
+ Tests
2
+ -----
3
+
4
+ If you are testing the current release of this plugin via bundler
5
+
6
+ ```
7
+ bundle exec vagrant up default
8
+ ```
9
+
10
+ ## Expect
11
+
12
+
13
+ ### Box `default`
14
+
15
+ - The box `default` is a docker container that will be a reverse
16
+ proxy. It should provision itself and work without errors.
17
+
18
+ - You can check that the proxy is working by
19
+ `tail -f /var/log/tinyproxy/tinyproxy.log` inside the container
20
+
21
+ - **NOTE**: You'll need to use `docker exec <hash> -it bash` to get into the container
22
+
23
+
24
+ ### Box `docker-host`
25
+
26
+ - Vagrant should automatically instally docker-ce.
27
+ - The box should come up and provision itself with the proxy settings
28
+ configured in your Vagrantfile.
29
+ - **NOTE**: You can use `ssh` to connect to this container.
@@ -0,0 +1,27 @@
1
+ require 'rake'
2
+ require 'rspec/core/rake_task'
3
+
4
+ task :spec => 'spec:all'
5
+ task :default => :spec
6
+
7
+ namespace :spec do
8
+ targets = []
9
+ Dir.glob('./spec/*').each do |dir|
10
+ next unless File.directory?(dir)
11
+ target = File.basename(dir)
12
+ target = "_#{target}" if target == "default"
13
+ targets << target
14
+ end
15
+
16
+ task :all => targets
17
+ task :default => :all
18
+
19
+ targets.each do |target|
20
+ original_target = target == "_default" ? target[1..-1] : target
21
+ desc "Run serverspec tests to #{original_target}"
22
+ RSpec::Core::RakeTask.new(target.to_sym) do |t|
23
+ ENV['TARGET_HOST'] = original_target
24
+ t.pattern = "spec/#{original_target}/*_spec.rb"
25
+ end
26
+ end
27
+ end
@@ -0,0 +1,64 @@
1
+ # this should be the IP address of the :default box
2
+ $PROXY_HOST ="172.17.0.1"
3
+ $PROXY_PORT="8888"
4
+ $PROXY_NO_PROXY=[
5
+ 'localhost',
6
+ ]
7
+
8
+ ENV['HTTP_PROXY'] = ENV.fetch('HTTP_PROXY', "http://#{$PROXY_HOST}:#{$PROXY_PORT}")
9
+ ENV['HTTPS_PROXY'] = ENV.fetch('HTTPS_PROXY', "http://#{$PROXY_HOST}:#{$PROXY_PORT}")
10
+ ENV['NO_PROXY'] = ENV.fetch('NO_PROXY', $PROXY_NO_PROXY.join(","))
11
+
12
+ puts "HTTP_PROXY = '#{ENV["HTTP_PROXY"]}'"
13
+ puts "HTTPS_PROXY = '#{ENV["HTTPS_PROXY"]}'"
14
+ puts "NO_PROXY = '#{ENV["NO_PROXY"]}'"
15
+
16
+ puts "vagrant-proxyconf is installed? #{Vagrant.has_plugin?('vagrant-proxyconf')}"
17
+
18
+
19
+ Vagrant.configure("2") do |config|
20
+
21
+ config.vm.define 'default' do |c|
22
+ c.vm.box = nil
23
+
24
+ if Vagrant.has_plugin?('vagrant-proxyconf')
25
+ c.proxy.enabled = false
26
+ end
27
+
28
+ c.vm.provider "docker" do |d|
29
+ d.build_dir = "."
30
+ d.has_ssh = true
31
+ d.ports = [
32
+ "#{$PROXY_PORT}:#{$PROXY_PORT}",
33
+ ]
34
+ end
35
+ end
36
+
37
+ config.vm.define 'docker_host' do |c|
38
+ c.vm.box = nil
39
+
40
+ if Vagrant.has_plugin?('vagrant-proxyconf')
41
+ c.proxy.http = ENV['HTTP_PROXY']
42
+ c.proxy.https = ENV['HTTPS_PROXY']
43
+ c.proxy.no_proxy = ENV['NO_PROXY']
44
+ c.proxy.enabled = {
45
+ :apt => {
46
+ :enabled => true,
47
+ :skip => false,
48
+ },
49
+ :env => {
50
+ :enabled => false,
51
+ :skip => false,
52
+ }
53
+ }
54
+ end
55
+
56
+ c.vm.provider "docker" do |d|
57
+ d.build_dir = "."
58
+ d.dockerfile = "Dockerfile.bionic"
59
+ d.has_ssh = true
60
+ end
61
+
62
+ end
63
+
64
+ end