Working Through a Proxy
Docker
If docker.mitigator.ru is accessed through a proxy, you need to configure Docker.
On systems running systemd, you need to:
-
Create a drop-in to the Docker service, specifying the proxy in the environment (replace the details of connecting to the proxy with the current ones):
mkdir -p /etc/systemd/system/docker.service.d && \ cat >/etc/systemd/system/docker.service.d/proxy.conf <<END [Service] Environment=HTTP_PROXY=http://user:password@proxy.local:1234 Environment=HTTPS_PROXY=http://user:password@proxy.local:1234 Environment=NO_PROXY=docker.local END -
Add proxy certificate to Docker’s trusted ones (
/path/to/proxy.crtreplace with the path to the proxy certificate):mkdir -p /etc/docker/certs.d/docker.mitigator.ru && \ cp /path/to/proxy.crt /etc/docker/certs.d/docker.mitigator.ru/ca.crt -
Update the description of the Docker service and restart it:
systemctl daemon-reload && \ systemctl restart docker
MITIGATOR
If MITIGATOR will communicate with the license server (ls.mitigator.ru), the mail server and the Vestochka service through a proxy, you need to specify environment variables:
-
Create a YML file named
docker-compose.proxy.ymlwith the following content:services: backend: environment: HTTP_PROXY: "http://user:password@proxy.local:3128" HTTPS_PROXY: "http://user:password@proxy.local:3128" -
Add
docker-compose.proxy.ymlto theCOMPOSE_FILElist in the.envfile:sed -i 's/^COMPOSE_FILE=\(.*\)$/COMPOSE_FILE=\1:docker-compose.proxy.yml/' .env -
If necessary, also set
NO_PROXY(addresses that need to be accessed without a proxy), you need to include.mitigator,localhost,127.0.0.0/8,10.0.0.0/8,192.168.0.0/16and172.16.0.0/12in it:NO_PROXY: "<new servers>,.mitigator,localhost,127.0.0.0/8,10.0.0.0/8,192.168.0.0/16,172.16.0.0/12" -
Restart the backend service:
docker-compose up -d backend
Do not use proxy settings in ~/.docker/config.json configuration file.
If these settings are required for non-MITIGATOR containers,
specify them only for such containers.