Poudriere in Highly Secure Environment with Proxy Access

Mon, 27 Oct 2025 15:41:18 -0700 

Hi,

I need to use Poudriere in a highly secured environment without direct Internet 
connection and without DNS that reaches out to the outside world.

To setup the Poudriere Jails the env(1) settings work.

```
# \
  env HTTP_PROXY="http://proxy.freebsd.xyz:3128/"; \
      HTTPS_PROXY="https://proxy.freebsd.xyz:3128/"; \
      FTP_PROXY="http://proxy.freebsd.xyz:3128/"; \
      poudriere jail -c -j 14-3-R-amd64 -v 14.3-RELEASE
```

To fetch Ports tree git(1) option does the job - while env(1) method does not 
work.

```
# git config --system http.proxy http://proxy.freebsd.xyz:3128/
# poudriere ports -c -p default
[00:00:00] Creating default fs at /var/local/poudriere/ports/default... done
[00:00:00] Cloning the ports tree...
```

Now - while the above steps work - I am not able to make poudriere bulk to work.

None of the methods above work.

Bare metal FreeBSD host in the same environment needs these settings to make 
pkg(8) do bootstrap and work.

This PKG_ENV at the end of /usr/local/etc/pkg.conf file:

```
# tail -6 /usr/local/etc/pkg.conf

PKG_ENV {
        HTTP_PROXY: "http://proxy.freebsd.xyz:3128";
        HTTPS_PROXY: "https://proxy.freebsd.xyz:3128";
        FTP_PROXY: "http://proxy.freebsd.xyz:3128";
}
```
But that is not all.

The pkg+ prefix needs to be removed from url: and mirror_type: needs to be 
changed from srv to none.

After these changes pkg(8) works.

```
- url: "pkg+https://pkg.FreeBSD.org/${ABI}/latest";,
+ url: "https://pkg.FreeBSD.org/${ABI}/latest";,
- mirror_type: "srv",
+ mirror_type: "none",
```

Now - my questions:

Which part of Poudriere I need to modify that:

    I will have this custom pkg.conf inside FreeBSD Jail before the build bulk 
process.
    I will have git(1) option http.proxy defined as 
http://proxy.freebsd.xyz:3128 value.

I assume it should be put somewhere just after Jail start and before bulk 
process of building packages.

This is how it fails 'live':
- 
https://github.com/user-attachments/assets/f2304bdf-c56f-4d7b-82df-b460f140ca1c

I also created the same on pkg(8) GitHub:
- https://github.com/freebsd/poudriere/issues/1279

Thanks for help.

Regards,
vermaden

Reply via email to