Updated Proxy settings

CSVD · Aug 1, 2024 · 46f10b5 · 46f10b5
1 parent cc9fcfc
commit 46f10b5
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 12 deletions.
diff --git a/build.pkr.hcl b/build.pkr.hcl
@@ -13,13 +13,38 @@ source "amazon-ebs" "rhel" {
   region        = "us-gov-west-1"
   source_ami    = "ami-03fadeeea589a106b"  # Updated AMI ID for RHEL x86_64
   ssh_username  = "ec2-user"
+
+  # Set environment variables for proxy
+  user_data = <<EOF
+#!/bin/bash
+export http_proxy=http://proxy.tco.census.gov:3128
+export https_proxy=http://proxy.tco.census.gov:3128
+export no_proxy=.census.gov,169.254.169.254,148.129.*,10.*,172.18.*,172.22.*,172.23.*,172.24.*,172.25.*,.eks.amazonaws.com,.s3.amazonaws.com,.amazonaws.com,.gcr.io,.pkg.dev,us-gov-west-1.compute.internal,.us-gov-west-1.compute.internal
+EOF
 }
 
 build {
   sources = ["source.amazon-ebs.rhel"]
 
+  provisioner "shell" {
+    inline = [
+      "export http_proxy=http://proxy.tco.census.gov:3128",
+      "export https_proxy=http://proxy.tco.census.gov:3128",
+      "export no_proxy=.census.gov,169.254.169.254,148.129.*,10.*,172.18.*,172.22.*,172.23.*,172.24.*,172.25.*,.eks.amazonaws.com,.s3.amazonaws.com,.amazonaws.com,.gcr.io,.pkg.dev,us-gov-west-1.compute.internal,.us-gov-west-1.compute.internal",
+      "yum -y install epel-release",
+      "yum -y install python3-pip",
+      "pip3 install --trusted-host pypi.org --trusted-host files.pythonhosted.org --proxy=$http_proxy passlib"
+    ]
+  }
+
   provisioner "ansible" {
     playbook_file = "${var.ansible_dir}/rhel-arm-baseline.yaml"
+    extra_arguments = ["-e", "ansible_python_interpreter=/usr/bin/python3"]
+    environment_vars = {
+      HTTP_PROXY  = "http://proxy.tco.census.gov:3128"
+      HTTPS_PROXY = "http://proxy.tco.census.gov:3128"
+      NO_PROXY    = ".census.gov,169.254.169.254,148.129.*,10.*,172.18.*,172.22.*,172.23.*,172.24.*,172.25.*,.eks.amazonaws.com,.s3.amazonaws.com,.amazonaws.com,.gcr.io,.pkg.dev,us-gov-west-1.compute.internal,.us-gov-west-1.compute.internal"
+    }
   }
 
   post-processor "shell-local" {

diff --git a/rhel-arm-baseline.yaml b/rhel-arm-baseline.yaml
@@ -1,19 +1,16 @@
----
 - name: RHEL ARM Baseline
   hosts: all
   become: true
   vars:
-    ansible_python_interpreter: /usr/bin/python3.9 # Explicitly define the Python interpreter
-
+    http_proxy: "http://proxy.tco.census.gov:3128"
+    https_proxy: "http://proxy.tco.census.gov:3128"
+    no_proxy: ".census.gov,169.254.169.254,148.129.*,10.*,172.18.*,172.22.*,172.23.*,172.24.*,172.25.*,.eks.amazonaws.com,.s3.amazonaws.com,.amazonaws.com,.gcr.io,.pkg.dev,us-gov-west-1.compute.internal,.us-gov-west-1.compute.internal"
   tasks:
-    - name: Install pip
-      package:
-        name: python3-pip
-        state: present
-
-    - name: Install passlib
-      pip:
-        name: passlib
+    - name: Set proxy environment variables
+      set_fact:
+        http_proxy: "{{ http_proxy }}"
+        https_proxy: "{{ https_proxy }}"
+        no_proxy: "{{ no_proxy }}"
 
     - name: Ensure latest packages are installed
       package:
@@ -41,13 +38,24 @@
         name: curl
         state: present
 
+    - name: Install passlib for password hashing
+      pip:
+        name: passlib
+        state: present
+        extra_args: "--trusted-host pypi.org --trusted-host files.pythonhosted.org --proxy={{ http_proxy }}"
+        executable: /usr/bin/pip3
+      environment:
+        http_proxy: "{{ http_proxy }}"
+        https_proxy: "{{ https_proxy }}"
+        no_proxy: "{{ no_proxy }}"
+
     - name: Create example user
       user:
         name: exampleuser
         state: present
         groups: wheel
         shell: /bin/bash
-        password: "{{ 'password' | password_hash('sha512') }}" # Change 'password' to a secure password or hash
+        password: "{{ 'secure_password' | password_hash('sha512') }}" # Replace 'secure_password' with an actual secure password or hash
 
     - name: Configure SSH for exampleuser
       authorized_key: