From f0d6c7b6ed9a8b03733b4c913fdbaa403e0aad7b Mon Sep 17 00:00:00 2001
From: "Vincent S. Cojot" <vincent@cojot.name>
Date: Wed, 22 Feb 2017 23:50:05 -0500
Subject: Adds http proxy support for registering RHEL overcloud nodes

It is quite common in large entreprises that direct HTTP/HTTPS to the outside
world is denied from nodes/systems but reaching out through a proxy is allowed.

This change adds support for an HTTP proxy when RHEL overcloud nodes reach
out to either the RHSM portal or to a satellite server. This allows the
overcloud nodes to download updates even in locked-down environments.

The following variables are settable through templates:
  rhel_reg_http_proxy_host:
  rhel_reg_http_proxy_port:
  rhel_reg_http_proxy_username:
  rhel_reg_http_proxy_password:

Note the following restrictions:
  - If setting rhel_reg_http_proxy_host,
    then rhel_reg_http_proxy_port cannot be empty.
  - If setting rhel_reg_http_proxy_port,
    then rhel_reg_http_proxy_host cannot be empty.
  - If setting rhel_reg_http_proxy_username,
    then rhel_reg_http_proxy_password cannot be empty.
  - If setting rhel_reg_http_proxy_password,
    then rhel_reg_http_proxy_username cannot be empty.
  - If setting either rhel_reg_http_proxy_username or
    rhel_reg_http_proxy_password, then rhel_reg_http_proxy_host
    AND rhel_reg_http_proxy_port cannot be empty

Closes-Bug: #1668618
Change-Id: I003ad5449bd99c01376781ec0ce9074eca3e2704
(cherry picked from commit 3002edc90a631f3adb8ae0ee696062347f94ea52)
---
 .../rhel-registration/scripts/rhel-registration    | 80 ++++++++++++++++++++++
 1 file changed, 80 insertions(+)

(limited to 'extraconfig/pre_deploy/rhel-registration/scripts')

diff --git a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration
index 2650a967..4c9e08ef 100644
--- a/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration
+++ b/extraconfig/pre_deploy/rhel-registration/scripts/rhel-registration
@@ -13,10 +13,18 @@ fi
 
 retryCount=0
 opts=
+config_opts=
 attach_opts=
 sat5_opts=
 repos="repos --enable rhel-7-server-rpms"
 satellite_repo=${REG_SAT_REPO}
+proxy_host=
+proxy_port=
+proxy_url=
+proxy_username=
+proxy_password=
+
+# process variables..
 if [ -n "${REG_AUTO_ATTACH:-}" ]; then
     opts="$opts --auto-attach"
 
@@ -97,6 +105,57 @@ if [ -n "${REG_TYPE:-}" ]; then
     opts="$opts --type=$REG_TYPE"
 fi
 
+# Proxy settings (host and port)
+if [ -n "${REG_HTTP_PROXY_HOST:-}" ]; then
+    proxy_host="${REG_HTTP_PROXY_HOST}"
+fi
+
+if [ -n "${REG_HTTP_PROXY_PORT:-}" ]; then
+    proxy_port="${REG_HTTP_PROXY_PORT}"
+fi
+
+# Proxy settings (user and password)
+if [ -n "${REG_HTTP_PROXY_USERNAME:-}" ]; then
+    proxy_username="${REG_HTTP_PROXY_USERNAME}"
+fi
+
+if [ -n "${REG_HTTP_PROXY_PASSWORD:-}" ]; then
+    proxy_password="${REG_HTTP_PROXY_PASSWORD}"
+fi
+
+# Sanity Checks for proxy host/port/user/password
+if [ -n "${REG_HTTP_PROXY_HOST:-}" ]; then
+    if [ -n "${REG_HTTP_PROXY_PORT:-}" ]; then
+        # Good both values are not empty
+        proxy_url="http://${proxy_host}:${proxy_port}"
+        config_opts="--server.proxy_hostname=${proxy_host} --server.proxy_port=${proxy_port}"
+        sat5_opts="${sat5_opts} --proxy_hostname=${proxy_url}"
+        echo "RHSM Proxy set to: ${proxy_url}"
+        if [ -n "${REG_HTTP_PROXY_USERNAME:-}" ]; then
+            if [ -n "${REG_HTTP_PROXY_PASSWORD:-}" ]; then
+                config_opts="${config_opts} --server.proxy_user=${proxy_username} --server.proxy_password=${proxy_password}"
+                sat5_opts="${sat5_opts} --proxyUser=${proxy_username} --proxyPassword=${proxy_password}"
+            else
+                echo "Warning: REG_HTTP_PROXY_PASSWORD cannot be null with non-empty REG_HTTP_PROXY_USERNAME! Skipping..."
+                proxy_username= ; proxy_password=
+            fi
+        else
+            if [ -n "${REG_HTTP_PROXY_PASSWORD:-}" ]; then
+                echo "Warning: REG_HTTP_PROXY_USERNAME cannot be null with non-empty REG_HTTP_PROXY_PASSWORD! Skipping..."
+                proxy_username= ; proxy_password=
+            fi
+        fi
+    else
+        echo "Warning: REG_HTTP_PROXY_PORT cannot be null with non-empty REG_HTTP_PROXY_HOST! Skipping..."
+        proxy_host= ; proxy_port= ; proxy_url= ; proxy_username= ; proxy_password=
+    fi
+else
+    if [ -n "${REG_HTTP_PROXY_PORT:-}" ]; then
+        echo "Warning: REG_HTTP_PROXY_HOST cannot be null with non-empty REG_HTTP_PROXY_PORT! Skipping..."
+        proxy_host= ; proxy_port= ; proxy_url= ; proxy_username= ; proxy_password=
+    fi
+fi
+
 function retry() {
   if [[ $retryCount < 3 ]]; then
     $@
@@ -127,6 +186,27 @@ function detect_satellite_version {
     fi
 }
 
+if [ "x${proxy_url}" != "x" ];then
+    # Config subscription-manager for proxy
+    subscription-manager config ${config_opts}
+
+    # Config yum for proxy..
+    sed -i -e '/^proxy=/d' /etc/yum.conf
+    echo "proxy=${proxy_url}" >> /etc/yum.conf
+
+    # Handle optional username/password
+    if [ -n "${proxy_username}" ]; then
+        sed -i -e '/^proxy_username=/d' /etc/yum.conf
+        echo "proxy_username=${proxy_username}" >> /etc/yum.conf
+    fi
+
+    if [ -n "${proxy_password}" ]; then
+        sed -i -e '/^proxy_password=/d' /etc/yum.conf
+        echo "proxy_password=${proxy_password}" >> /etc/yum.conf
+    fi
+
+fi
+
 case "${REG_METHOD:-}" in
     portal)
         retry subscription-manager register $opts
-- 
cgit 1.2.3-korg