# Deploying Connectware Behind a Corporate Proxy Deploying Connectware in environments where Internet access is controlled via a corporate proxy requires additional configuration. This guide outlines the steps necessary to install and run Connectware in such environments, covering system, Docker, and application-level proxy settings. ## Prerequisites To follow this guide, you will need the following: * A valid [Connectware license](https://docs.cybus.io/2-0-0/documentation/installation-and-upgrades/licensing). * [Docker](https://docs.docker.com/get-docker/) and [Docker Compose](https://docs.docker.com/compose/) installed on your system. ## Proxy Behavior Across Applications Proxy configuration across applications can vary: * Some tools recognize `http_proxy`, `https_proxy`, and `no_proxy` (lowercase). * Others may use `HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY` (uppercase). * Some software may require both or use custom proxy settings. General recommendations: * Set both lowercase and uppercase variants of proxy variables. * Avoid IP addresses unless known to be used directly by the application. * Hostname resolution may fail under proxy settings unless explicitly configured. ## Configuration ### Verifying Host and Proxy Server Reachability To confirm connectivity: {% code lineNumbers="true" %} ```bash uname -a ping -c 1 your-proxy-ip ``` {% endcode %} Expected output should confirm that the proxy server is reachable with minimal latency and no packet loss. ### System-Wide Proxy Configuration To apply proxy settings system-wide: 1. Create a script that will contain your proxy settings. The `/etc/profile.d directory` contains shell scripts that are likely to be executed at launch of your shell. {% code lineNumbers="true" %} ```bash sudo nano /etc/profile.d/proxy.sh ``` {% endcode %} {% code lineNumbers="true" %} ```bash export http_proxy="http://:/" export https_proxy="http://:/" export no_proxy="127.0.0.1,localhost" export HTTP_PROXY="http://:/" export HTTPS_PROXY="http://:/" export NO_PROXY="127.0.0.1,localhost" ``` {% endcode %} 2. Make the script executable: {% code lineNumbers="true" %} ```bash sudo chmod +x /etc/profile.d/proxy.sh ``` {% endcode %} 3. Restart the shell or re-login to apply. You can verify with the following: {% code lineNumbers="true" %} ```bash env | grep -i proxy ``` {% endcode %} ### Preserving Proxy Settings for Sudo To retain proxy variables for commands executed with `sudo`: 1. Edit your configuration for sudo. {% code lineNumbers="true" %} ```bash sudo nano /etc/sudoers.d/env_keep_proxy ``` {% endcode %} 2. Add the following: {% code lineNumbers="true" %} ```bash Defaults env_keep += "http_proxy https_proxy no_proxy HTTP_PROXY HTTPS_PROXY NO_PROXY" ``` {% endcode %} ### APT Proxy Configuration For Debian-based systems, APT requires its own proxy settings. This is not required for running Connectware. However, without it you are not able to install any software using APT. {% code lineNumbers="true" %} ```bash sudo nano /etc/apt/apt.conf.d/80proxy ``` {% endcode %} {% code lineNumbers="true" %} ```bash Acquire::http::proxy "http://:/"; Acquire::https::proxy "http://:/"; Acquire::ftp::proxy "http://:/"; ``` {% endcode %} This allows software installation via APT behind the proxy. ### Docker Daemon Proxy Setup The Docker daemon requires proxy configuration to pull images from the Internet: 1. Create the drop-in directory: {% code lineNumbers="true" %} ```bash sudo mkdir -p /etc/systemd/system/docker.service.d ``` {% endcode %} 2. Create the config file: {% code lineNumbers="true" %} ```bash sudo nano /etc/systemd/system/docker.service.d/http-proxy.conf ``` {% endcode %} 3. Add the following: {% code lineNumbers="true" %} ```ini [Service] Environment="HTTP_PROXY=http://:/" Environment="HTTPS_PROXY=http://:/" Environment="NO_PROXY=localhost,127.0.0.1" ``` {% endcode %} 4. Apply the changes and restart: {% code lineNumbers="true" %} ```bash sudo systemctl daemon-reload sudo systemctl restart docker ``` {% endcode %} 5. Verify the configuration: {% code lineNumbers="true" %} ```bash sudo systemctl show --property=Environment docker ``` {% endcode %} 6. Test Docker image pull: {% code lineNumbers="true" %} ```bash docker pull hello-world ``` {% endcode %} The result should look like this: {% code lineNumbers="true" %} ```bash Using default tag: latest latest: Pulling from library/hello-world 2db29710123e: Pull complete Digest: sha256:10d7d58d5ebd2a652f4d93fdd86da8f265f5318c6a73cc5b6a9798ff6d2b2e67 Status: Downloaded newer image for hello-world:latest docker.io/library/hello-world:latest ``` {% endcode %} ### Container-Level Internet Access Internet access from within containers can be configured globally or per container. * To define global proxy settings for all containers: {% code lineNumbers="true" %} ```bash mkdir -p ~/.docker nano ~/.docker/config.json ``` {% endcode %} **Example** {% code lineNumbers="true" %} ```json { "proxies": { "default": { "httpProxy": "http://:/", "httpsProxy": "http://:/", "noProxy": "127.0.0.1,localhost,admin-web-app,auth-server,broker,container-manager,connectware,ingress-controller,postgresql,protocol-mapper,service-manager,system-control-server,workbench" } } } ``` {% endcode %} This ensures Connectware containers can communicate with each other without proxy interference. ### Configuring the Connectware Environment File 1. Before launching Connectware, set the proxy in the environment configuration file. By default, the environment file is located in your installation directory. {% code lineNumbers="true" %} ```bash sudo nano /opt/connectware/.env ``` {% endcode %} 2. Add the following: {% code lineNumbers="true" %} ```bash # Proxy Configuration CYBUS_PROXY=http://:/ CYBUS_NO_PROXY= ``` {% endcode %} Make sure the `.env` file is located in the correct installation directory to take effect. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.cybus.io/2-0-0/guides/system-connectivity/deploying-connectware-behind-a-corporate-proxy.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.