Proxy support and key download from URL.
diff --git a/aptly/publisher.sls b/aptly/publisher.sls
index a286125..16e68bd 100644
--- a/aptly/publisher.sls
+++ b/aptly/publisher.sls
@@ -16,6 +16,9 @@
publisher_installed:
pip.installed:
- name: python-aptly
+ {%- if publisher.source.get('proxy', None) %}
+ - proxy: {{ publisher.source.get('proxy') }}
+ {%- endif %}
- require:
- pkg: publisher_python_pip
diff --git a/aptly/schemas/publisher.yaml b/aptly/schemas/publisher.yaml
index 6f5b55f..17fd776 100644
--- a/aptly/schemas/publisher.yaml
+++ b/aptly/schemas/publisher.yaml
@@ -30,4 +30,7 @@
type: string
registry:
description: Docker regirsty host for publisher image. Set if installation from docker is chosen
- type: string
\ No newline at end of file
+ type: string
+ proxy:
+ description: Proxy for accessing installation source (probably meaningful only for pip source)
+ type: string
diff --git a/aptly/schemas/server.yaml b/aptly/schemas/server.yaml
index 73eb923..5b9f8d6 100644
--- a/aptly/schemas/server.yaml
+++ b/aptly/schemas/server.yaml
@@ -101,6 +101,9 @@
keyring:
description: Keyring for GPG
type: string
+ http_proxy:
+ description: HTTP proxy to use for keys download
+ type: string
api:
description: Parameters map for for APTLY API services
type: object
@@ -228,4 +231,4 @@
_architectures:
description: Packages architecture
type: string
- example: amd64
\ No newline at end of file
+ example: amd64
diff --git a/aptly/server/mirrors.sls b/aptly/server/mirrors.sls
index 4e31e9d..0c409f4 100644
--- a/aptly/server/mirrors.sls
+++ b/aptly/server/mirrors.sls
@@ -40,6 +40,27 @@
{%- for mirror_name, mirror in server.mirror.iteritems() %}
+{%- if mirror.get('key_url', None) %}
+gpg_add_keys_{{ mirror_name }}_fromurl:
+ cmd.run:
+ - name: curl -Ls {{ mirror.get('key_url') }} | gpg --no-tty {% if server.gpg.get('keyring', None) %} --no-default-keyring --keyring {{ server.gpg.keyring }} {% endif %}{% if server.gpg.get('homedir', None) %} --homedir {{ server.gpg.homedir }}{% endif %} --import
+ - runas: {{ server.user.name }}
+ - cwd: {{ server.home_dir }}
+ - unless: gpg --no-tty {% if server.gpg.get('keyring', None) %} --no-default-keyring --keyring {{ server.gpg.keyring }} {% endif %}{% if server.gpg.get('homedir', None) %} --homedir {{ server.gpg.homedir }} {% endif %} --list-public-keys $(curl -Ls {{ mirror.get('key_url') }} | gpg --with-colons | cut -f 5 -d ':')
+ {%- if server.secure %}
+ - require:
+ - cmd: import_gpg_priv_key
+ - cmd: import_gpg_pub_key
+ - require_in:
+ - cmd: aptly_{{ mirror_name }}_mirror
+ {%- endif %}
+ {%- if server.gpg.get('http_proxy', None) %}
+ - env:
+ - http_proxy: {{ server.gpg.get('http_proxy') }}
+ - https_proxy: {{ server.gpg.get('http_proxy') }}
+ {%- endif %}
+{%- endif %}
+
{%- for gpgkey in mirror.get('gpgkeys', []) %}
gpg_add_keys_{{ mirror_name }}_{{ gpgkey }}:
@@ -47,7 +68,7 @@
- name: gpg --no-tty {% if server.gpg.get('keyring', None) %} --no-default-keyring --keyring {{ server.gpg.keyring }} {% endif %}{% if server.gpg.get('homedir', None) %} --homedir {{ server.gpg.homedir }}{% endif %} --keyserver {{ mirror.keyserver|default(server.gpg.keyserver) }} {% if server.gpg.get('http_proxy', None) %} --keyserver-options http-proxy={{ server.gpg.get('http_proxy') }} {% endif %} --recv-keys {{ gpgkey }}
- runas: {{ server.user.name }}
- cwd: {{ server.home_dir }}
- - unless: gpg --no-tty {% if server.gpg.get('keyring', None) %} --no-default-keyring --keyring {{ server.gpg.keyring }} {% endif %}{% if server.gpg.get('homedir', None) %} --homedir {{ server.gpg.homedir }} {% endif %} {% if server.gpg.get('http_proxy', None) %} --keyserver-options http-proxy={{ server.gpg.get('http_proxy') }} {% endif %} --list-public-keys {{gpgkey}}
+ - unless: gpg --no-tty {% if server.gpg.get('keyring', None) %} --no-default-keyring --keyring {{ server.gpg.keyring }} {% endif %}{% if server.gpg.get('homedir', None) %} --homedir {{ server.gpg.homedir }} {% endif %} --list-public-keys {{gpgkey}}
{%- if server.secure %}
- require:
- cmd: import_gpg_priv_key
@@ -93,6 +114,10 @@
{%- if server.source.engine == "docker" %}
- require:
- file: aptly_wrapper
+ {%- elif server.mirror_update.get('http_proxy', None) %}
+ - env:
+ - http_proxy: {{ server.mirror_update.get('http_proxy') }}
+ - https_proxy: {{ server.mirror_update.get('http_proxy') }}
{%- endif %}
aptly_{{ mirror_name }}_mirror_edit: