Today we were setting up few Web servers on a private network which will be serving the traffic through the Load Balancer. The setup was simple until we came to know that the Webservers needs to connect to github.com for the repository access.
We have a jumpbox / Bastion (10.10.1.10) which is used for the Administrative purpose. The jumbpbox has direct internet access for any operation which requires the internet.
After the team discussion, we have decided to use the same squid proxy which is running on the jumpbox.
So we allowed cachemgr access for our WebServer Private IP range.
acl webnet src 10.10.0.0/16 # Webservers network . . . # Only allow cachemgr access from localhost http_access allow webnet ##add this line http_access allow manager localhost http_access deny manager
Save the squid configuration and restart the service.
Install socat package.
yum install -y socat
Since git protocol is over ssh, we need to add the below configuration to the .ssh/config file of the user.
ie, if the user is web, then the config file path will be /home/web/.ssh/config .
Add the below line and save it.
ProxyCommand=socat - PROXY:10.10.1.10:%h:%p,proxyport=3128