cntlm proxy and docker

It can be troublesome to use Linux and docker from within a Windows based IT infrastructure. To achieve this I did the following:

Get the user name

user=`getent passwd 1000 | cut -d ':' -f1`

Get the docker interface ip address

docker0=`ip addr show docker0 | grep inet | head -n1 | awk '{print $2}' | cut -d '/' -f1`

Install cntlm

apt-get update
apt-get install -y cntlm

Edit the /etc/cntlm.conf

sudo vi /etc/cntlm.conf
Domain # Change to your domain

Proxy xx.xx.xx.xx:xx # Change to your proxy server ip:port

# Add all local ip address-ranges no need to use proxy
NoProxy localhost,127.0.0.*,10.*,192.168.*,169.254.*,172.17.42.*

Listen 3128
Listen ##DOCKER##:3128

Allow ##DOCKER##/16

Replace ##DOCKER## with docker interface ip address

sudo sed -ri "s/##DOCKER##/$docker0/g" /etc/cntlm.conf

Add proxy environment variables to /etc/environment and /etc/bash.bashrc


Setting 99fixbadproxy

mkdir -p /etc/apt/apt.conf.d/
echo "Acquire::http::Pipeline-Depth 0;" > /etc/apt/apt.conf.d/99fixbadproxy
echo "Acquire::http::No-Cache true;" >> /etc/apt/apt.conf.d/99fixbadproxy
echo "Acquire::BrokenProxy true;" >> /etc/apt/apt.conf.d/99fixbadproxy

Getting and updating zscaler certificate

wget --no-proxy --no-check-certificate -O /usr/local/share/ca-certificates/ZscalerRootCertificate-2048-SHA256.crt

Restart cntlm

sudo service cntlm restart
Posted in Yocto | Tagged , , , , | Leave a comment

Replacing busybox-httpd with nginx in yocto

To replace busybox webserver with nginx follow these steps:

1. Remove CONFIG_HTTPD and CONFIG_FEATURE_HTTPD from the busybox defconfig

2. Remove any special considerations made in your busybox_XXX.bbappend regarding httpd webserver.

3. Add meta-webserver layer to your bblayers.conf

 ##OEROOT#/../meta-webserver \
Posted in Yocto | Tagged , , , | Leave a comment