Currently I’m working on a project where I have the staging environment running on a virtual machine in a vlan. However, the virtual machine cannot directly access the internet for security reasons. This is inconvenient when I want to e.g. run a buildout to update the project.
Obviously the first step is to install the relevant packages on the local machine (Ubuntu in my case):
$ sudo apt-get install micro-proxy micro-inetd
The next step is to run the proxy (again: on my laptop) and make sure
it accepts connections on port
$ micro-inetd 3128 /usr/sbin/micro_proxy
Then, when you SSH into the remote machine you will have to forward the right port:
$ ssh box.example.com -R 3128:localhost:3128
Whenever you want to access the internet, you’ll have to use the proxy
listening on port
3128. For instance to run
you can set the following environment variables:
$ export http_proxy=http://localhost:3128 $ export https_proxy=http://localhost:3128
(Note that I’m also proxying HTTPS traffic here, which is supported by
wget command should now succeed:
$ wget http://www.google.com/
Assuming the ad hoc setup works, you may want to configure things so things are a little bit easier the next time you want to use it. This is what I did.
So I don’t have to remember how to start the proxy, I added this line
~/.bashrc file on my local machine:
alias start_proxy='echo Running proxy on port 3128 && micro-inetd 3128 /usr/sbin/micro_proxy'
The SSH command is also too much typing for my liking. So I added this
Host box HostName box.example.com RemoteForward 3128 localhost:3128
To make sure that the HTTP(S) proxy is used on the remote machine, I
added this to my
~/.bashrc file on the remote:
export http_proxy=http://localhost:3128 export https_proxy=http://localhost:3128
So whenever I want to work on the staging environment, I open a terminal and run:
In another terminal I type:
$ ssh box
And I’m good to go.
Now, there may be better solutions (especially if you want to permanently setup a proxy), but for my purposes this works great.
When I originally wrote this article, I was not yet (or only just) using Docker. But when I was setting up a new laptop a while ago, I wanted to run a proxy in a Docker container.
As a result, I now run the following to start a proxy:
$ docker run --name squid -d -p 3128:3128 datadog/squid
This way I don’t have to install
micro_inetd on my machine.