Hi,
If the device/network is behind a sock proxy server, is there any method to update the settings during first boot? I didn’t find a way to do so and cannot provision the device.
i fear you’d have to use a dedicated gadget for this and set something like:
defaults:
# defaults for the core snap
99T7MUlRhtI3U0QFgl5mXXESAiSwt776:
proxy:
http: http://whatever.host:1080
https: http://whatever.host:1080
in gadget.yaml
1 Like
Thank you @orga.
This does work if I am using a customized image.
But, if I still want to use the generic image, is it possible to add a item in console-conf and allow users to input the proxy server setting?
Currently only by calling snap set system proxy.http="http://foobar:8080" (“system” is equivalent to “core”, they are interchangeable ATM) after first login (and i suspect you need to reboot afterwards as well).
picking a proxy at initial setup in console-conf instead would indeed be a nice addition, i’d try filing a whishlist bug …
1 Like
Hey @ogra, any news on this? I just tried to bring-up a freshly installed Ubutu Core image on a Raspberry PI inside our cooperate network we do use a Proxy for internet access. Having the possibility to add a Proxy Server in the console-conf would be a really nice feature, From studying the source code at : https://github.com/CanonicalLtd/subiquity it looks like at least the Server installer provides the ability to set the Proxy server.
Of course I could use my Phone to enable a HotSpot and provide direct internet access. But unfortunately our device we are planning to build does not have a Wifi interface. I also see some issues with customers using this device behind a cooperate firewall.
While i don’´t know if @robertliu ever filed the suggested wishlist bug, it seems to be on the schedule for core20 (and could perhaps be backported to core18):
That said … if you enable a device and do it with a brand store, you have the ability to ship a configuration snap
that uses the privileged snapd-control interface to simply use the snap set system proxy.*= commands from a script/application you include in your image (i.e. one that reads (signed) configuration from an auto-mounted usb stick on boot) as a workaround.
Thanks @ogra for pointing that out. With a customer base of 100k+ customers a pre configured Proxy does not feel like the right solution. I agree this makes sense for a device like the fing box. We have different use cases and one of them is providing our product to the end customer who wants to put her own stuff on the box and therefore needs to login. Providing signed configs for each customer running behind a proxy feels not like a good solution. On the other hand we have products which are sold like the fing box and the user shall not ssh into. For those kind of products we could use pre-settings.
well, there is nothing that stops you from using your own subiquity fork (or something with a similar functionality) inside such a configuration snap … have it utilize the network-setup-control and snapd-control interfaces and it should be able to write a netplan config, use snap set system proxy.*=foo as well as snap create-user … just make sure to disable the original subiquity during image creation …
using a usb key with signed (or unsigned) config file was just a suggestion to cause less work than maintaining an own setup tool 
and indeed if you can wait for core20 both of these points are moot anyway since @xnox seems to push for having the feature in subiquity by then.
1 Like
You can provide cloud-init metadata which specifies proxy settings in user-data. These will be read and applied on first boot.
you mean they call snap set system http.proxy=... ?
just dumping proxy data into /etc/environment (which cloud-init does i think) will currently not work, snapd needs to be aware so the info ends up in generated snap systemd service files …