Page MenuHomePhabricator

Let outbound proxy be configurable
Closed, ResolvedPublic1 Estimated Story Points

Event Timeline

Mvolz raised the priority of this task from to Needs Triage.
Mvolz updated the task description. (Show Details)
Mvolz added a project: Citoid.
Mvolz moved this task to Service on the Citoid board.
Mvolz added a subscriber: Mvolz.

Change 192562 had a related patch set uploaded (by Mvolz):
[WIP] Convert scrape.js into an object

https://gerrit.wikimedia.org/r/192562

Patch-For-Review

Change 192562 abandoned by Mvolz:
[WIP] Convert scrape.js into an object

https://gerrit.wikimedia.org/r/192562

This is pretty straightforward. In your config, add a proxy stanza. Then, when you read the configuration in (anywhere in the service's process, the sooner the better, ofc), simply set:

process.env.HTTP_PROXY = config.proxy

The setting will be automatically picked up by the request lib (which is used in Citoid to do external requests). Note that, to be on the safe side, process.env.HTTPS_PROXY should be set as well.

Is there a reason to prefer this approach rather than defining request lib once and setting the proxy there (i.e. var r = request.defaults({'proxy':'http://localproxy.com'}))?

In general I am shy of modifying environmental variables for security reasons. Although process.env says "You can write to this object, but changes won't be reflected outside of your process." So hopefully means it's secure...

Change 195024 had a related patch set uploaded (by Mvolz):
[WIP] Allow outbound proxy config; breaking change

https://gerrit.wikimedia.org/r/195024

Change 195024 merged by jenkins-bot:
Allow outbound proxy config; breaking change

https://gerrit.wikimedia.org/r/195024

@akosiaris, do we need a special config for HTTPS, or is the HTTP proxy configured to resolve those as well (i.e. on the same port)?

@mobrovac, no url-downloader.wikimedia.org is capable of proxying HTTPS traffic as well.

Jdforrester-WMF claimed this task.
Jdforrester-WMF added a subscriber: Jdforrester-WMF.

Resolved, I think?

@mobrovac, no url-downloader.wikimedia.org is capable of proxying HTTPS traffic as well.

Perfect, thnx.

Resolved, I think?

Yup.