smoser/README.md

## README.md

      
    Raw
  

              README.md
            
          
    proxy setup using tiny proxy and proxy command

set up tinyproxy and /etc/environment for system wide proxy.
By default, this only reports how you can set this up.  No changes
to the system will be made unless the first argument is 'update'
or UPDATE=1 is found in the environment.
No root access is required for dry-run.
The values configured at the top of the script are for an internal
cloud I have access to.  They should be easily modifyable to your liking.
Once set up, all new shells should receive 'http_proxy' and 'https_proxy'
in their environment, and then "just work" to send all requests
through the local proxy.
If you need to add or remove 'no_upstream' entries to tinyproxy config
you can do so later, and then just restart tinyproxy.  There is then no need
to re-set environment variables for existing programs, the changes
will just be immediate.
This script can generally be executed via curl | bash to set a system to
configure tiny proxy.
proxy command

The proxy command is included here just to give it a place to live.
It's usage is not really needed with tinyproxy configuration as described.
But if you do not use tinyproxy as above, then you can just enable / disable use of a proxy with:

proxy <command> run command with http_proxy and friends configured
proxy -n <command> unset proxy environment variables and run command

If  is not given, then a shell is invoked.

  
## proxy
#!/bin/sh
# change these to your liking.
p=http://your.proxy:8080
np=".your.internal,localhost,127.0.0.1"
if [ "$1" = "-h" -o "$1" = "--help" ]; then
    cat <<EOF
${0##*/} [-n] [command [args ...]]

Set proxy environment variables and execute command.

  If command is not provided, it will be set to SHELL or /bin/bash.
  If command is 'show', then settings are shown.

  If the command name is 'noproxy', then you -n behavior is used.

options:
  -n     unset rather than set proxy environment variables.
EOF
exit 0
fi

if [ "$1" = "show" ]; then
    echo "http_proxy=\"$p"\" https_proxy="\"$p\"" ftp_proxy="\"$p\"" no_proxy="\"$np\""
    exit
fi

if [ "$1" = "-n" -o "${0##*/}" = "noproxy" ]; then
    [ "$1" = "-n" ] && shift
    unset http_proxy https_proxy ftp_proxy no_proxy
    [ $# -eq 0 ] &&
        echo "unsetting proxy vars executing shell" 1>&2
else
    [ $# -eq 0 ] &&
        echo "setting proxy to $p. noproxy to \"$np\". executing shell" 1>&2
    export http_proxy="$p" https_proxy="$p" ftp_proxy="$p" no_proxy="$np"
fi
[ $# -eq 0 ] && set -- "${SHELL:-/bin/bash}"
exec "$@"

## sstack-proxy
#!/bin/bash
# curl https://gist.githubusercontent.com/smoser/de5ce0d3eecdfa742184081f51788c30/raw/sstack-proxy -O - | sudo UPDATE=1 bash
#

upstream="squid.internal:3128"
no_upstreams=( .ubuntu.com .launchpad.net 127.0.0.0/8 )
# no_proxies go into default 'no_proxy' environment variable
no_proxies="localhost,127.0.0.1,127.0.1.1"
no_proxies="${no_proxies:+${no_proxies},}ubuntu.com,launchpad.net,maas.io"
myaddr=$(ifconfig eth0 | awk '$1 == "inet" { sub(/addr:/, "", $2); print $2; }')
# turn W.X.Y.Z into W.X.0.0/16
myrange="${myaddr%.*}"
myrange="${myrange%.*}.0.0/16"

TINYPROXY_CONF=${TINYPROXY_CONF:-/etc/tinyproxy.conf}
ETC_ENVIRONMENT=${ETC_ENVIRONMENT:-/etc/environment}
TINYPROXY_URL="http://127.0.0.1:8888/"
MYNAME="sstack_local"

no_upstreams=( "${no_upstreams[@]}" $myrange )
no_proxies="${no_proxies:+${no_proxies},}${myaddr}"

[ "$1" = "update" -o "${UPDATE:-0}" != "0" ] && update=true || update=false

Usage() {
   cat <<EOF
${0##*/} [update]

set up tinyproxy and /etc/environment for system wide proxy.

By default, this only reports how you can set this up.  No changes
to the system will be made unless the first argument is 'update'
or UPDATE=1 is found in the environment.

No root access is required for dry-run.

The values configured at the top of the script are for an internal
cloud I have access to.  They should be easily modifyable to your liking.

Once set up, all new shells should receive 'http_proxy' and 'https_proxy'
in their environment, and then "just work" to send all requests
through the local proxy.

If you need to add or remove 'no_upstream' entries to tinyproxy config
you can do so later, and then just restart tinyproxy.  There is then no need
to re-set environment variables for existing programs, the changes
will just be immediate.
EOF
}


error() { echo "$@" 1>&2; }
write_tinyproxy_conf() {
   local upstream="$1"
   shift
   echo "# begin $MYNAME"
   echo "upstream $upstream"
   for i in "$@"; do echo "no upstream \"$i\""; done
   echo "no upstream \"169.254.169.254\""
   [ -n "$myaddr" ] && echo "no upstream \"$myaddr\""
   echo "# end $MYNAME"
}

write_environment() {
  local no_proxy="$1"
  echo "# begin $MYNAME"
  echo "http_proxy=http://127.0.0.1:8888/"
  echo "https_proxy=http://127.0.0.1:8888/"
  [ -n "$no_proxy" ] && echo "no_proxy=$no_proxy"
  echo "# end $MYNAME"
}

set_output() {
    local targ="$2" bk=""
    bk="$targ.dist"
    if ! "$1"; then
        echo "### append to $2"
        exec 3>&1; return
    fi
    if [ -f "$targ" ]; then
      cp "$targ" "$bk" || { error "failed backup of $targ"; return 1; }
      error "backed up $targ to $bk"
    fi
    [ ! -f "$targ" ] || sed -i "/# begin $MYNAME/,/# end $MYNAME/d" "$targ" ||
       { error "failed removing entries from $targ"; return 1; }
    exec 3>>"$targ" || { error "failed opening $targ for append"; return 1; }
}

[ "$1" = "--help" -o "$1" = "-h" ] && { Usage; exit 0; }

if $update && [ ! "$(id -u)" = "0" ]; then
   error "must be root for update"
   exit 1
fi

if ! which tinyproxy >/dev/null 2>&1; then
   if $update; then
      which eatmydata >/dev/null 2>&1 && emd="eatmydata" || emd=""
      DEBIAN_FRONTEND=noninteractive $emd apt-get install \
          --assume-yes --quiet tinyproxy </dev/null || exit
   else
      echo "## apt-get install --assume-yes --quiet tinyproxy"
   fi
fi

set_output "$update" "${TINYPROXY_CONF}" || exit
write_tinyproxy_conf "$upstream" "${no_upstreams[@]}" 1>&3 || exit
if $update; then
   service tinyproxy restart
else
   echo "## service restart tinyproxy"
fi

set_output "$update" "${ETC_ENVIRONMENT}"
write_environment "$no_proxies" 1>&3 || exit
	#!/bin/sh
	# change these to your liking.
	p=http://your.proxy:8080
	np=".your.internal,localhost,127.0.0.1"
	if [ "$1" = "-h" -o "$1" = "--help" ]; then
	cat <<EOF
	${0##*/} [-n] [command [args ...]]

	Set proxy environment variables and execute command.

	If command is not provided, it will be set to SHELL or /bin/bash.
	If command is 'show', then settings are shown.

	If the command name is 'noproxy', then you -n behavior is used.

	options:
	-n unset rather than set proxy environment variables.
	EOF
	exit 0
	fi

	if [ "$1" = "show" ]; then
	echo "http_proxy=\"$p"\" https_proxy="\"$p\"" ftp_proxy="\"$p\"" no_proxy="\"$np\""
	exit
	fi

	if [ "$1" = "-n" -o "${0##*/}" = "noproxy" ]; then
	[ "$1" = "-n" ] && shift
	unset http_proxy https_proxy ftp_proxy no_proxy
	[ $# -eq 0 ] &&
	echo "unsetting proxy vars executing shell" 1>&2
	else
	[ $# -eq 0 ] &&
	echo "setting proxy to $p. noproxy to \"$np\". executing shell" 1>&2
	export http_proxy="$p" https_proxy="$p" ftp_proxy="$p" no_proxy="$np"
	fi
	[ $# -eq 0 ] && set -- "${SHELL:-/bin/bash}"
	exec "$@"
	#!/bin/bash
	# curl https://gist.githubusercontent.com/smoser/de5ce0d3eecdfa742184081f51788c30/raw/sstack-proxy -O - \| sudo UPDATE=1 bash
	#

	upstream="squid.internal:3128"
	no_upstreams=( .ubuntu.com .launchpad.net 127.0.0.0/8 )
	# no_proxies go into default 'no_proxy' environment variable
	no_proxies="localhost,127.0.0.1,127.0.1.1"
	no_proxies="${no_proxies:+${no_proxies},}ubuntu.com,launchpad.net,maas.io"
	myaddr=$(ifconfig eth0 \| awk '$1 == "inet" { sub(/addr:/, "", $2); print $2; }')
	# turn W.X.Y.Z into W.X.0.0/16
	myrange="${myaddr%.*}"
	myrange="${myrange%.*}.0.0/16"

	TINYPROXY_CONF=${TINYPROXY_CONF:-/etc/tinyproxy.conf}
	ETC_ENVIRONMENT=${ETC_ENVIRONMENT:-/etc/environment}
	TINYPROXY_URL="http://127.0.0.1:8888/"
	MYNAME="sstack_local"

	no_upstreams=( "${no_upstreams[@]}" $myrange )
	no_proxies="${no_proxies:+${no_proxies},}${myaddr}"

	[ "$1" = "update" -o "${UPDATE:-0}" != "0" ] && update=true \|\| update=false

	Usage() {
	cat <<EOF
	${0##*/} [update]

	set up tinyproxy and /etc/environment for system wide proxy.

	By default, this only reports how you can set this up. No changes
	to the system will be made unless the first argument is 'update'
	or UPDATE=1 is found in the environment.

	No root access is required for dry-run.

	The values configured at the top of the script are for an internal
	cloud I have access to. They should be easily modifyable to your liking.

	Once set up, all new shells should receive 'http_proxy' and 'https_proxy'
	in their environment, and then "just work" to send all requests
	through the local proxy.

	If you need to add or remove 'no_upstream' entries to tinyproxy config
	you can do so later, and then just restart tinyproxy. There is then no need
	to re-set environment variables for existing programs, the changes
	will just be immediate.
	EOF
	}


	error() { echo "$@" 1>&2; }
	write_tinyproxy_conf() {
	local upstream="$1"
	shift
	echo "# begin $MYNAME"
	echo "upstream $upstream"
	for i in "$@"; do echo "no upstream \"$i\""; done
	echo "no upstream \"169.254.169.254\""
	[ -n "$myaddr" ] && echo "no upstream \"$myaddr\""
	echo "# end $MYNAME"
	}

	write_environment() {
	local no_proxy="$1"
	echo "# begin $MYNAME"
	echo "http_proxy=http://127.0.0.1:8888/"
	echo "https_proxy=http://127.0.0.1:8888/"
	[ -n "$no_proxy" ] && echo "no_proxy=$no_proxy"
	echo "# end $MYNAME"
	}

	set_output() {
	local targ="$2" bk=""
	bk="$targ.dist"
	if ! "$1"; then
	echo "### append to $2"
	exec 3>&1; return
	fi
	if [ -f "$targ" ]; then
	cp "$targ" "$bk" \|\| { error "failed backup of $targ"; return 1; }
	error "backed up $targ to $bk"
	fi
	[ ! -f "$targ" ] \|\| sed -i "/# begin $MYNAME/,/# end $MYNAME/d" "$targ" \|\|
	{ error "failed removing entries from $targ"; return 1; }
	exec 3>>"$targ" \|\| { error "failed opening $targ for append"; return 1; }
	}

	[ "$1" = "--help" -o "$1" = "-h" ] && { Usage; exit 0; }

	if $update && [ ! "$(id -u)" = "0" ]; then
	error "must be root for update"
	exit 1
	fi

	if ! which tinyproxy >/dev/null 2>&1; then
	if $update; then
	which eatmydata >/dev/null 2>&1 && emd="eatmydata" \|\| emd=""
	DEBIAN_FRONTEND=noninteractive $emd apt-get install \
	--assume-yes --quiet tinyproxy </dev/null \|\| exit
	else
	echo "## apt-get install --assume-yes --quiet tinyproxy"
	fi
	fi

	set_output "$update" "${TINYPROXY_CONF}" \|\| exit
	write_tinyproxy_conf "$upstream" "${no_upstreams[@]}" 1>&3 \|\| exit
	if $update; then
	service tinyproxy restart
	else
	echo "## service restart tinyproxy"
	fi

	set_output "$update" "${ETC_ENVIRONMENT}"
	write_environment "$no_proxies" 1>&3 \|\| exit