From df9544233fb661e830285c1a0d7755cff4b27408 Mon Sep 17 00:00:00 2001
From: hagbard <vyosdev@derith.de>
Date: Fri, 18 Oct 2019 10:58:03 -0700
Subject: system-proxy: T1741 - Add system wide proxy setting CLI
 implementation

---
 interface-definitions/system-proxy.xml | 43 ++++++++++++++++
 src/conf_mode/system-proxy.py          | 91 ++++++++++++++++++++++++++++++++++
 2 files changed, 134 insertions(+)
 create mode 100644 interface-definitions/system-proxy.xml
 create mode 100755 src/conf_mode/system-proxy.py

diff --git a/interface-definitions/system-proxy.xml b/interface-definitions/system-proxy.xml
new file mode 100644
index 000000000..f43702fc8
--- /dev/null
+++ b/interface-definitions/system-proxy.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+  <node name="system">
+    <children>
+      <node name="proxy" owner="${vyos_conf_scripts_dir}/system-proxy.py">
+        <properties>
+          <help>Sets a proxy for system wide use</help>
+        </properties>
+        <children>
+          <leafNode name="url">
+            <properties>
+              <help>Proxy URL</help>
+              <constraint>
+                <regex>^http://[a-z0-9\.]+$</regex>
+              </constraint>
+            </properties>
+          </leafNode>
+          <leafNode name="port">
+            <properties>
+              <help>Proxy port</help>
+              <constraint>
+                <validator name="numeric" argument="--range 1-65535"/>
+              </constraint>
+            </properties>
+          </leafNode>
+          <leafNode name="username">
+            <properties>
+              <help>Proxy username</help>
+              <constraint>
+                <regex>^[a-z0-9-_\.]{1,100}$</regex>
+              </constraint>
+            </properties>
+          </leafNode>
+          <leafNode name="password">
+            <properties>
+              <help>Proxy password</help>
+            </properties>
+          </leafNode>
+        </children>
+      </node>
+    </children>
+  </node>
+</interfaceDefinition>
diff --git a/src/conf_mode/system-proxy.py b/src/conf_mode/system-proxy.py
new file mode 100755
index 000000000..02e1a2eda
--- /dev/null
+++ b/src/conf_mode/system-proxy.py
@@ -0,0 +1,91 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2018 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#
+
+import sys
+import os
+import re
+import subprocess
+
+from vyos import ConfigError
+from vyos.config import Config
+
+proxy_def=r'/etc/profile.d/vyos-system-proxy.sh'
+
+def get_config():
+  c = Config()
+  if not c.exists('system proxy'):
+    return None
+
+  c.set_level('system proxy')
+
+  cnf = {
+    'url'     : None,
+    'port'    : None,
+    'usr'     : None,
+    'passwd'  : None
+  }
+
+  if c.exists('url'):
+    cnf['url'] = c.return_value('url')
+  if c.exists('port'):
+    cnf['port'] = c.return_value('port')
+  if c.exists('username'):
+    cnf['usr'] = c.return_value('username')
+  if c.exists('password'):
+    cnf['passwd'] = c.return_value('password')
+
+  return cnf
+
+def verify(c):
+  if not c:
+    return None 
+  if not c['url'] or not c['port']:
+    raise ConfigError("proxy url and port requires a value")
+  elif c['usr'] and not c['passwd']:
+    raise ConfigError("proxy password requires a value")
+  elif not c['usr'] and c['passwd']:
+    raise ConfigError("proxy username requires a value")
+
+def generate(c):
+  if not c:
+    return None
+  if not c['usr']:
+    return str("export http_proxy={url}:{port}\nexport https_proxy=$http_proxy\nexport ftp_proxy=$http_proxy"\
+              .format(url=c['url'], port=c['port']))
+  else:
+    return str("export http_proxy=http://{usr}:{passwd}@{url}:{port}\nexport https_proxy=$http_proxy\nexport ftp_proxy=$http_proxy"\
+              .format(url=re.sub('http://','',c['url']), port=c['port'], usr=c['usr'], passwd=c['passwd']))
+
+def apply(ln):
+  if not ln and os.path.exists(proxy_def):
+    subprocess.call(['unset http_proxy https_proxy ftp_proxy'], shell=True)
+    os.remove(proxy_def)
+  else:
+    open(proxy_def,'w').write("# generated by system-proxy.py\n{}\n".format(ln))
+    subprocess.call(['. /etc/profile.d/vyos-system-proxy.sh'], shell=True)
+
+if __name__ == '__main__':
+    try:
+        c = get_config()
+        verify(c)
+        ln = generate(c)
+        apply(ln)
+    except ConfigError as e:
+        print(e)
+        sys.exit(1)
+
-- 
cgit v1.2.3