Skip to content

Instantly share code, notes, and snippets.

@jessereynolds

jessereynolds/puppet_proxy.pp

Last active March 21, 2019 17:36
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jessereynolds/e2ba966b202de183ac9053a8d5c4aed1 to your computer and use it in GitHub Desktop.
Save jessereynolds/e2ba966b202de183ac9053a8d5c4aed1 to your computer and use it in GitHub Desktop.
Download ZIP
squid proxy config for puppet eg pxp-agent
Raw
puppet_proxy.pp
# puppet module install puppet/squid --modulepath ~/modules
# puppet apply proxy.conf --modulepath ~/modules
# curl -v --proxy http://127.0.0.1:3128/ https://puppet.com > /dev/null
#
class { 'squid': }
squid::acl { 'Safe_ports':
type => port,
entries => ['80','443','8140','8142','8143'],
}
squid::http_access { 'Safe_ports':
action => allow,
}
squid::http_access{ '!Safe_ports':
action => deny,
}
squid::http_port { '3128': }
Raw
pxp-agent-config.markdown

I manually added the broker-ws-proxy entry to /etc/puppetlabs/pxp-agent/pxp-agent.conf eg:

{
    "broker-ws-uris": [
        "wss://pe-201814-master.puppetdebug.vlan:8142/pcp2/"
    ],
    "broker-ws-proxy": "http://10.234.2.201:3128/",
    "loglevel": "info",
    "master-uris": [
        "https://pe-201814-master.puppetdebug.vlan:8140"
    ],
    "pcp-version": "2",
    "ssl-ca-cert": "/etc/puppetlabs/puppet/ssl/certs/ca.pem",
    "ssl-cert": "/etc/puppetlabs/puppet/ssl/certs/pe-201814-agent.puppetdebug.vlan.pem",
    "ssl-key": "/etc/puppetlabs/puppet/ssl/private_keys/pe-201814-agent.puppetdebug.vlan.pem"
}

Note that in Puppet Enterprise you'll need to remove the puppet_enterprise::profile::agent from the PE Agent node group, or exclude the nodes from this node group, otherwise the pxp-agent.conf will be overwritten and lose the proxy setting. It would be nice if puppet_enterprise::profile::agent was enhanced to take a pcp_broker_proxy parameter.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment