|
1 | 1 | # Terraform Module: HTTP Proxy |
2 | 2 |
|
3 | | -Launches a tiny-proxy based HTTP proxy instance to allow an application server to assume a static IP address for outgoing traffic, e.g. when using a third-party API that requires a static IP address. |
| 3 | +Launches a [Tinyproxy](https://github.com/tinyproxy/tinyproxy)-based HTTP proxy instance to allow an application server to assume a static IP address for outgoing traffic, e.g. when using a third-party API that requires a static IP address. |
4 | 4 |
|
5 | | -⚠️ This is not a great solution for production, but good enough for limited usage. For a more robust solution, consider using a NAT Gateway instead. |
| 5 | +Since this is based on an EC2 machine, you have to take care of keeping the machine's OS up to date (security updates). It also doesn't come with an automatic reboot on failure. |
| 6 | +For a much more robust (and expensive) solution, consider using a NAT Gateway instead. |
6 | 7 |
|
7 | 8 | ## Usage |
8 | 9 |
|
9 | | -Before launching this resouce, create a key-pair; read the [docs](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html). |
| 10 | +Before launching this resource, create a key-pair; read the [docs](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html). |
10 | 11 |
|
11 | 12 | ```terraform |
12 | 13 | module "http-proxy" { |
@@ -110,3 +111,38 @@ sudo /etc/init.d/tinyproxy restart |
110 | 111 | # verify that the proxy is running |
111 | 112 | sudo /etc/init.d/tinyproxy status |
112 | 113 | ``` |
| 114 | + |
| 115 | +## Usage in an app |
| 116 | + |
| 117 | +Set an ENV var on your machine: |
| 118 | + |
| 119 | +```shell |
| 120 | +http_proxy=http://usr:password@EIP:8888 |
| 121 | +``` |
| 122 | + |
| 123 | +If you are using Ruby and have a Rack-based app (e.g. Rails), setting the ENV var `http_proxy` is sufficient. |
| 124 | + |
| 125 | +If you want to limit outbound traffic through the fixed IP to certain requests, you can also use e.g. [net/ssh/proxy/http](https://net-ssh.github.io/ssh/v2/api/classes/Net/SSH/Proxy/HTTP.html). |
| 126 | + |
| 127 | +Example usage to assume static IP to access a FTP server: |
| 128 | + |
| 129 | +```ruby |
| 130 | + |
| 131 | + sig { returns(Net::SFTP::Session) } |
| 132 | + def sftp_session |
| 133 | + @sftp_session ||= begin |
| 134 | + if ENV['HTTP_PROXY_DBL'].present? |
| 135 | + uri = URI.parse(ENV.fetch('HTTP_PROXY_DBL')) |
| 136 | + proxy = Net::SSH::Proxy::HTTP.new( |
| 137 | + uri.host, |
| 138 | + uri.port, |
| 139 | + user: uri.user, |
| 140 | + password: uri.password, |
| 141 | + ) |
| 142 | + end |
| 143 | + params = { password: @password, proxy: proxy }.compact |
| 144 | + |
| 145 | + Net::SFTP.start(@host, @username, **params) |
| 146 | + end |
| 147 | + end |
| 148 | +``` |
0 commit comments