Last active
January 13, 2021 03:52
-
-
Save stickystyle/ca2e64a4f7d247648b0c to your computer and use it in GitHub Desktop.
Simple script to configure apt to use a squid-deb-proxy server configured at the _apt-proxy._tcp SRV record for the configured search domain
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #just put this in your Dockerfile prior to doing any apt-get operations and your build will use the proxy | |
| FROM ubuntu:14.04 | |
| RUN apt-get install -y --no-install-recommends dnsutils | |
| ADD squid-deb-proxy-discover-setup.sh /root/ | |
| RUN /root/squid-deb-proxy-discover-setup.sh |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ -f /etc/apt/apt.conf.d/31autoproxy ]; then | |
| >&2 echo "NOTICE: squid-deb-proxy-discover already installed" | |
| exit 0 | |
| fi | |
| mkdir -p /usr/share/squid-deb-proxy-discover/ | |
| #we grab the search domain directly from resolv.conf because host, dig, and nslookup will | |
| #not expand the search domain for SRV lookups. | |
| cat > /usr/share/squid-deb-proxy-discover/squid-deb-proxy-discover << 'EOL' | |
| #!/bin/sh | |
| SEARCH_DOMAIN=$(grep -oP "search \K[\w\.]+" /etc/resolv.conf) | |
| if [ ! -f /usr/bin/dig ]; then | |
| >&2 echo "ERROR: dig is not installed, will not set Acquire::http::ProxyAutoDetect" | |
| exit 1 | |
| fi | |
| dig +short _apt_proxy._tcp.$SEARCH_DOMAIN SRV | head -n 1 | awk '{ print "http://", $4, ":", $3};' | sed 's/ //g' | |
| EOL | |
| chmod +x /usr/share/squid-deb-proxy-discover/squid-deb-proxy-discover | |
| #30autoproxy is used by squid-deb-proxy-client, which I've used for inspration here | |
| echo 'Acquire::http::ProxyAutoDetect "/usr/share/squid-deb-proxy-discover/squid-deb-proxy-discover";' > /etc/apt/apt.conf.d/31autoproxy |
I should add the reason I wanted it done like this is I wanted a single Dockerfile for an application that can move from my dev environment, to a remote dev environment, to production; where the squid-deb-proxy server is obviously different in each location.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The idea here is squid-deb-proxy-client uses avahi to find a configured squid-deb-proxy server, however that is only going to work on the local subnet and if you're like me you have your different departments and server on their own subnets; or you're using this from docker containers (which is why I began writing this) where zeroconf discovery just isn't practical.
All you need to do is...
For systems such as boot2docker, the search domain doesn't get set correctly in the containers so you need to add it to /var/lib/boot2docker/profile on the VM host, like so...
EXTRA_ARGS="--dns-search=corp.example.com --dns 10.2.5.2 --dns 10.2.5.3"(this seems to be related to boot2docker/boot2docker#357)