[ansible-project] Re: Global HTTP proxy setting for all roles/tasks?

[Barry Flanagan]

On Thursday, 19 March 2015 09:08:02 UTC, Timo Ahokas wrote:
>
> Hi,
>
> We're working in an environment where all access outside needs to go 
> through HTTP/HTTPS proxies. We have previously solved this by defining a 
> global environment variable with the necessary proxy definitions 
> (http_proxy, https_proxy, no_proxy) and then have passed that down to each 
> task with "environment". But this means we need to patch most 
> public/external playbooks for the tasks that require external access (e.g. 
> package installs, resource download etc).
>
> Is there any way to make the proxy environment automatically available for 
> all tasks without adding the "environment: proxy_env" for all individual 
> tasks?
>


I do the following, which will install /etc/profile.d/proxy.sh  and 
/etc/apt/apt.conf.d/02-apt-cacher if the host does not have a valid default 
route, and ensures it is not present if it does. You could do something 
similar and then have a further task at the end of your playbook to remove 
them again if you don't want them always present.

- name: make sure proxy is not used on hosts with a default route.
  file:
    dest: /etc/profile.d/proxy.sh
    state: absent
  when:  ansible_default_ipv4.gateway is defined and 
ansible_default_ipv4.gateway | match("^87\.232") 

- name: install http proxy env profile
  template:
    dest: /etc/profile.d/proxy.sh
    mode: 0755
    src: profile-proxy.sh
  when:  ansible_default_ipv4.gateway is not defined or 
ansible_default_ipv4.gateway | match("^10\.5")

- name: Remove /etc/apt/apt.conf.d/02-apt-cacher on hosts with a default 
route.
  file:
    dest: /etc/apt/apt.conf.d/02-apt-cacher
    state: absent
  when:  ansible_default_ipv4.gateway is defined and 
ansible_default_ipv4.gateway | match("^87\.232")

- name: install /etc/apt/apt.conf.d/02-apt-cacher
  template:
    dest: /etc/apt/apt.conf.d/02-apt-cacher
    mode: 0755
    src: apt-cacher.conf
  when:  ansible_default_ipv4.gateway is not defined or 
ansible_default_ipv4.gateway | match("^10\.5")

Hope this helps.

-Barry Flanagan

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/85106548-b120-4e3b-abe7-76c4cce7aa66%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.