FRINXio · marosmars · Mar 29, 2022 · Mar 22, 2022
diff --git a/README.md b/README.md
@@ -80,34 +80,6 @@ See: https://docs.docker.com/engine/install/linux-postinstall/#manage-docker-as-
 
 </br>
 
-
-### Install FRINX Machine with proxy
-If you want to configure docker to use a proxy server, use:
-
-
-```sh
-# Create folder for docker proxy config file
-$ mkdir "${USER}/.docker"
-
-$ ./install.sh \
---proxy-conf "${USER}/.docker/config.json" \ 
---http-proxy "ip:port" \
---https-proxy "ip:port" \
---no-proxy "ip:port,ip:port,..."
-
-# or use env variables if are configured
-$ ./install.sh \
---proxy-conf "${USER}/.docker/config.json" \ 
---http-proxy "${http_proxy}" \
---https-proxy "${https_proxy}" \
---no-proxy "${no_proxy}"
-
-```
-For disabling proxy, the config.json must be removed and content of UC_PROXY_* variables in .env file must be erased! For example: UC_PROXY_HTTP_ENV="".
-
-For more info see: https://docs.docker.com/network/proxy/ 
-</br></br>
-
 ### Enable Azure AD authorization
 
 Frinx Machine supports authentification and authorization via Azure AD.
@@ -335,14 +307,27 @@ NOTE: The deployment might take a while as the worker node needs to download all
 
 </br>
 
+## Proxy configuration
+
+Use default environment settings
+```sh
+# Use $HTTPS_PROXY $HTTP_PROXY $NO_PROXY env
+$ ./startup.sh --proxy
+```
+For customization of proxy settings in FM deployment, create FRINX-Machine/.proxy file and configure own settings.
+
+```ini
+HTTP_PROXY='host:port'
+HTTPS_PROXY='host:port'
+NO_PROXY='ip:port,ip:port'
+```
+and start FM with --proxy switch.
+
 ## Preparing Environment
 The FRINX-Machine repository contains a **env.template** (used for creating .env) and **.env** file in which the default FM configuration settings are stored. In .env file, the settings are divided to these groups:
 * **Common settings**
 
 * **Temporary settings** - Created by FM scripts, **do not change them**
->   * UC_PROXY_* : use docker proxy in Uniconfig Service ( See [Installation](#installation) )
-
-Default settings are prepared for deployment without docker proxy.
 
 </br>
 

diff --git a/azure_ad.sh b/azure_ad.sh
@@ -94,7 +94,8 @@ function addEnvToFile {
 function setVariableFile {
   local __filePath="${1}"
   echo $__filePath
-  if [[ -f ${__filePath} ]]; then
+  # check if the file exists and if contain at least one config parameter
+  if [[ -f ${__filePath} ]]  && [[ "$(grep -v '^\s*$\|^\s*\#' ${__filePath})" != "" ]]; then
     source "${__filePath}"
     local __name=$(grep ^[[:alpha:]] ${__filePath})
     for ((i=0; i< ${#__name[@]}; i++ ))
@@ -107,7 +108,8 @@ function setVariableFile {
 
 function unsetVariableFile {
   local __filePath="${1}"
-  if [[ -f ${__filePath} ]]; then
+  # check if the file exists and if contain at least one config parameter
+  if [[ -f ${__filePath} ]]  && [[ "$(grep -v '^\s*$\|^\s*\#' ${__filePath})" != "" ]]; then
     local __name=$(grep ^[[:alpha:]] ${__filePath})
     for ((i=0; i< ${#__name[@]}; i++ ))
     do

diff --git a/composefiles/swarm-uniconfig.yml b/composefiles/swarm-uniconfig.yml
@@ -96,8 +96,12 @@ services:
     environment:
       - CONTAINER_ID={{.Task.Slot}}
       - JAVA_MAX_MEM=${UC_XMX_LIMIT_MEM}
+      - HTTP_PROXY=${HTTP_PROXY}
+      - HTTPS_PROXY=${HTTPS_PROXY}
+      - NO_PROXY=${NO_PROXY}
+      - PROXY_ENABLED=${PROXY_ENABLED:-false}
       # Enable G1GC and GC logging 
-      - _JAVA_OPTIONS=-Xmx${UC_XMX_LIMIT_MEM} -XX:+AlwaysPreTouch -Djna.nosys=true -XX:+CrashOnOutOfMemoryError -XX:MaxGCPauseMillis=200 -Xlog:gc:/opt/uniconfig-frinx/log/gc-{{.Task.Slot}}.log:tags,time,uptime,level:filecount=10,filesize=5M -XX:+UseG1GC -XX:+ExplicitGCInvokesConcurrent -XX:+ParallelRefProcEnabled -XX:+UseStringDeduplication -XX:+UnlockExperimentalVMOptions -XX:G1NewSizePercent=20 -XX:+UnlockDiagnosticVMOptions -XX:G1SummarizeRSetStatsPeriod=1 ${UC_PROXY_HTTP_ENV} ${UC_PROXY_HTTP_PORT_ENV} ${UC_PROXY_HTTPS_ENV} ${UC_PROXY_HTTPS_PORT_ENV} ${UC_PROXY_NOPROXY_ENV}
+      - _JAVA_OPTIONS=-Xmx${UC_XMX_LIMIT_MEM} -XX:+AlwaysPreTouch -Djna.nosys=true -XX:+CrashOnOutOfMemoryError -XX:MaxGCPauseMillis=200 -Xlog:gc:/opt/uniconfig-frinx/log/gc-{{.Task.Slot}}.log:tags,time,uptime,level:filecount=10,filesize=5M -XX:+UseG1GC -XX:+ExplicitGCInvokesConcurrent -XX:+ParallelRefProcEnabled -XX:+UseStringDeduplication -XX:+UnlockExperimentalVMOptions -XX:G1NewSizePercent=20 -XX:+UnlockDiagnosticVMOptions -XX:G1SummarizeRSetStatsPeriod=1
       - dbPersistence_enabled=true
       - dbPersistence_connection_databaseLocations_host=uniconfig-postgres
       - dbPersistence_connection_databaseLocations_port=5432

diff --git a/composefiles/swarm-uniflow.yml b/composefiles/swarm-uniflow.yml
@@ -35,8 +35,9 @@ services:
       # - FC_OUT=/etc/krakend/output.json
       # Ignore x509 certificate errors
       - GODEBUG="x509ignoreCN=0"
-      - HTTP_PROXY=${http_proxy}
-      - HTTPS_PROXY=${https_proxy}
+      - PROXY_ENABLED=${PROXY_ENABLED:-false}
+      - HTTP_PROXY=${HTTP_PROXY}
+      - HTTPS_PROXY=${HTTPS_PROXY}
       - NO_PROXY=workflow-proxy,frinx-frontend,inventory,uniconfig,unistore,uniresource
     volumes:
       - ${UF_CONFIG_PATH}/krakend:/etc/krakend:ro

diff --git a/composefiles/swarm-unistore.yml b/composefiles/swarm-unistore.yml
@@ -35,7 +35,11 @@ services:
     environment:
       - JAVA_MAX_MEM=${US_XMX_LIMIT_MEM}
       # Enable G1GC and GC logging 
-      - _JAVA_OPTIONS=-Xmx${US_XMX_LIMIT_MEM} -XX:+AlwaysPreTouch -Djna.nosys=true -XX:+CrashOnOutOfMemoryError -XX:MaxGCPauseMillis=200 -Xlog:gc:/opt/uniconfig-frinx/log/gc.log:tags,time,uptime,level:filecount=10,filesize=5M -XX:+UseG1GC -XX:+ExplicitGCInvokesConcurrent -XX:+ParallelRefProcEnabled -XX:+UseStringDeduplication -XX:+UnlockExperimentalVMOptions -XX:G1NewSizePercent=20 -XX:+UnlockDiagnosticVMOptions -XX:G1SummarizeRSetStatsPeriod=1 ${UC_PROXY_HTTP_ENV} ${UC_PROXY_HTTP_PORT_ENV} ${UC_PROXY_HTTPS_ENV} ${UC_PROXY_HTTPS_PORT_ENV} ${UC_PROXY_NOPROXY_ENV}
+      - HTTP_PROXY=${HTTP_PROXY}
+      - HTTPS_PROXY=${HTTPS_PROXY}
+      - NO_PROXY=${NO_PROXY}
+      - PROXY_ENABLED=${PROXY_ENABLED:-false}
+      - _JAVA_OPTIONS=-Xmx${US_XMX_LIMIT_MEM} -XX:+AlwaysPreTouch -Djna.nosys=true -XX:+CrashOnOutOfMemoryError -XX:MaxGCPauseMillis=200 -Xlog:gc:/opt/uniconfig-frinx/log/gc.log:tags,time,uptime,level:filecount=10,filesize=5M -XX:+UseG1GC -XX:+ExplicitGCInvokesConcurrent -XX:+ParallelRefProcEnabled -XX:+UseStringDeduplication -XX:+UnlockExperimentalVMOptions -XX:G1NewSizePercent=20 -XX:+UnlockDiagnosticVMOptions -XX:G1SummarizeRSetStatsPeriod=1
       - dbPersistence_enabled=true
       - dbPersistence_connection_dbName=unistore
       - dbPersistence_connection_databaseLocations_host=unistore-postgres

diff --git a/config/uniconfig/run_uniconfig.sh b/config/uniconfig/run_uniconfig.sh
@@ -6,6 +6,7 @@ MAIN_CLASS="io.frinx.lighty_uniconfig.Main"
 JAVA_MAX_MEM=${JAVA_MAX_MEM:="4G"}
 DEBUG_PARAMETER="--debug"
 UNICONFIG_ID=${CONTAINER_ID:=1}
+PROXY_ENABLED=${PROXY_ENABLED:="false"}
 
 # set sensitive env variables from docker secrets
 if [[ -f "/set_env_secrets.sh" ]]; then
@@ -25,6 +26,23 @@ display_usage() {
     echo -e "   --debug          : enabled java debugging on port 5005"
 }
 
+is_system_proxy_enabled() {
+    unset PROXY_PORT PROXY_HOST
+    local PROXY_URL="$1"
+    if [[ "${PROXY_URL}" == "http"* ]] && [[ $(echo "${PROXY_URL}" | tr -d -c ":" | wc -m) -eq 2 ]]; then
+        PROXY_PORT="$(echo "${PROXY_URL}"| cut -d ':' -f 3 | sed 's,[^0-9]*,,g')"
+        PROXY_HOST="$(echo "${PROXY_URL}"| cut -d ':' -f 2 | sed 's,//,,')"
+    elif [[ "${PROXY_URL}" =~ ^[[:digit:]] ]] && [[ $(echo "${PROXY_URL}" | tr -d -c ":" | wc -m) -eq 1 ]]; then
+        PROXY_PORT="$(echo "${PROXY_URL}"| cut -d ':' -f 2 | sed 's,[^0-9]*,,g')"
+        PROXY_HOST="${PROXY_HOST}$(echo "${PROXY_URL}"| cut -d ':' -f 1)"
+    else
+        echo -e ${ERROR} "Used bad HTTP Proxy format ${PROXY_URL}"
+        exit 1
+    fi
+    eval "$3=-D${2}.proxyHost=${PROXY_HOST}"
+    eval "$4=-D${2}.proxyPort=${PROXY_PORT}"
+}
+
 is_enabled_debugging() {
   for arg in "$@"; do
     if [ "$arg" = $DEBUG_PARAMETER ]; then
@@ -53,6 +71,12 @@ case $i in
 esac
 done
 
+if [[ ${PROXY_ENABLED} == "true" ]]; then
+  is_system_proxy_enabled $HTTP_PROXY "http" __HTTP_HOST __HTTP_PORT
+  is_system_proxy_enabled $HTTPS_PROXY "https" __HTTPS_HOST __HTTPS_PORT
+  _JAVA_OPTIONS="$_JAVA_OPTIONS ${__HTTP_HOST} ${__HTTP_PORT} ${__HTTPS_HOST} ${__HTTPS_PORT} -Dhttp.nonProxyHosts=${NO_PROXY}"
+fi
+
 # removing cached data and logs from previous run
 rm -rf snapshots/ journal/
 

diff --git a/env.template b/env.template
@@ -11,12 +11,3 @@
 # These settings are configured by ./install.sh and ./startup.sh scripts !!!
 # Do not change them !!!
 
-# Uniconfig proxy settings 
-# These settings are configured by ./install script
-# For more info see README.md
-UC_PROXY_HTTP_ENV="" 
-UC_PROXY_HTTP_PORT_ENV=""
-UC_PROXY_HTTPS_ENV=""
-UC_PROXY_HTTPS_PORT_ENV=""
-UC_PROXY_NOPROXY_ENV=""
-