On Tue, Dec 19, 2017 at 03:09:05PM +0100, 'Tom Zander' via qubes-users wrote: > On Monday, 18 December 2017 10:13:48 CET pr0xy wrote: > > I am still a bit stuck concerning the Qubes Update Proxy. Where would I > > set the environment variables for my corporate proxy so that I could > > update dom0, templates and VMs? > > You should add sys-net to your template VM if you want that since the proxy > that is in place today is to avoid your template VM from accessing the > intranet or internet outside of your own machine. > > Then google on where the template operating system (Fedora or Debian etc) > sets proxies for doing the command-line update, the configuration is the same > as Fedora or Debian etc. > I don’t know fedora at all, > in archlinux you’ll have a file in /etc/pacman/ which sets the current proxy, > in debian you’ll likely have one in /etc/apt/ > > grep -R -i PROXY /etc/* > > may be useful too.
Tom Ive suggested before that if you give this advice you should clearly state the consequences. op - please dont do this. sys-net will not enforce a firewall and it is bad practice to expose your templates in this way. i understand you chose not to use the iptables route. If you want to combine the Qubes proxy with an external proxy on your network you should be able to do this by editing the tinyproxy.conf file. You will find this in /etc/tinyproxy. Qubes uses tinyproxy for all the template updates. you can make tinyproxy use an external proxy. The change you need to make is: upstream host:port check the documentation at https://tinyproxy.github.io unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20171219153349.vmkxn7epchvynfrm%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
