Recent searches
Search options
Anyone with Ansible/AWX experience accessing HTTP APIs on protected networks?
I have tried documentation, the global web and chat with colleagues. Time to bring on the fedi human search.
Using ansible on switches that require you to come from a protected network is easy, you set up your ssh command to go through a jumphost. Accessing switches or firewalls that use an HTTP API is easy, you use a package that talks to the HTTP API, probably using the httpapi package.
But an HTTP API where you need to come from a protected network? Manually it's easy, just `ssh -D` to a jumphost/bastion in the right network and tell curl to use a SOCKS proxy.
On the Ansible side though, I can't find the right place to get httpapi to go through a SOCKS proxy, and I'm not sure where's the best place to run that ssh command.
Has anyone on Fedi already solved this problem?
@bonkers I didn't even consider that it might accept a socks URL in the normal http proxy setting, but it's certainly worth trying, and probably works!
Then the question just remains how to wrap this in some context where the ssh client is running.
@clacke I think you can set the remote variable in Ansible job definition. But I'm not that deep in it. I only did basic automation with direct ssh access to the remote side.
@clacke LOL, nice domain name over there