19

I have this Dockerfile:

FROM node:argon

ENV http_proxy http://user:pass@proxy.company.priv:3128
ENV https_proxy https://user:pass@proxy.company.priv:3128

RUN mkdir -p /usr/src/app
WORKDIR /usr/src/app

# Install app dependencies
COPY package.json /usr/src/app/
RUN npm install

# Bundle app source
COPY . /usr/src/app

EXPOSE 8080
CMD [ "npm", "start" ]

But I get this error, in npm install step:

npm info it worked if it ends with ok npm info using npm@2.14.12 npm info using node@v4.2.6 npm WARN package.json deployer-ui@1.0.0 No description npm WARN package.json deployer-ui@1.0.0 No repository field. npm WARN package.json deployer-ui@1.0.0 No README data npm info preinstall deployer-ui@1.0.0 npm info attempt registry request try #1 at 7:09:23 AM npm http request GET https://registry.npmjs.org/body-parser npm info attempt registry request try #1 at 7:09:23 AM npm http request GET https://registry.npmjs.org/express npm info retry will retry, error on last attempt: Error: tunneling socket could not be established, cause=write EPROTO npm info retry will retry, error on last attempt: Error: tunneling socket could not be established, cause=write EPROTO

I guess it is due to the proxy. I have also tried to put

RUN npm config set proxy http://user:pass@proxy.company.priv:3128
RUN npm config set https-proxy http://user:pass@proxy.company.priv:3128

but still getting the same error.

Moreover, in my file /etc/systemd/system/docker.service.d/http-proxy.conf I have this:

Environment="HTTP_PROXY=http://user:pass@proxy.company.priv:3128"
Environment="HTTPS_PROXY=https://user:pass@proxy.company.priv:3128"

Thanks in advance.

Héctor
  • 24,444
  • 35
  • 132
  • 243

5 Answers5

30

First the https_proxy should use an http url, not an https url.

Second, you don't need to embed your proxy settings in your Dockfile: you can use build time variables

docker build --build-arg HTTP_PROXY=http://user:pass@proxy.company.priv:3128 --build-arg HTTPS_PROXY=http://user:pass@proxy.company.priv:3128 .

Finally, proxy settings at the docker service level allows the docker daemon to pull images from internet. It does not mean the unix command executed (RUN directive) by docker build would benefit from them. Hence the need to pass them as build-time environment variables.

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
  • 1
    I want to note that build variables can also be set in a compose file: https://docs.docker.com/compose/compose-file/#args – lindhe Jan 22 '19 at 21:44
  • Why do all the https_proxy variables use http urls instead of https urls? I've always seen this but never understood why – Goku Mar 02 '21 at 16:44
  • 1
    @Goku No need for encryption at the proxy level: https://serverfault.com/a/817684/783 and https://stackoverflow.com/a/47474561/6309 – VonC Mar 02 '21 at 16:55
  • is it possible to configure docker to always use the http proxy while doing docker build? This would be useful if there are lots of pre-built scripts or binaries doing docker build. – Goku Mar 03 '21 at 17:30
  • @Goku I don't think so, beside creating an alias. – VonC Mar 03 '21 at 17:41
6

I also had the same issue and did not want to set any proxy information in my image as I did not want be dependant of my company environment.

My solution was to use a cntlm running in gateway mode. To do so I put the flag Gateway set to yes the following allow rules in my cntlm configuration file:

 Gateway         yes
 # Allow local
 Allow           127.0.0.1
 # Allow docker subnetwork
 Allow           172.17.0.0/16

Then I was able to run my docker file by getting the dokcer0 interface address (got with ifconfigcommand): 

docker build -t my-image --build-arg HTTP_PROXY=http://172.17.0.1:3128 --build-arg HTTPS_PROXY=http://172.17.0.1:3128 .

Same with docker run:

docker run --rm -e HTTP_PROXY=http://172.17.0.1:3128 --build-arg HTTPS_PROXY=http://172.17.0.1:3128 my-image

However please note that since docker 17.07 you can simply configure the docker client proxy.

Hence your ~/.docker/config.json will be like

{
  "proxies": {
      "default":{
          "httpProxy": "http://172.17.0.1:3128/",
          "httpsProxy": "http://172.17.0.1:3128/",
          "noProxy": "127.0.0.1,172.17.0.0/16,*.some.compagny.domain"
      }
}
Kier GRAY
  • 143
  • 2
  • 7
  • I have the same issue but your solution does not work for me. I have cntlm running successfull with Firefox, proxy setting to 127.0.0.1:3128. But no matter what I try as IP with docker it doesn't work. I'm using Windows 10. I have 10.0.75.0 as Subnet Address and for ipconfig /all I have 10.0.75.1. NPM will not install anything. Any idea? BTW: If I insert proxy information user:pw@proxy.de it works fine. – Matthis Kohli Jan 30 '18 at 10:04
3

Adding this to Dockerfile worked for me:

RUN npm config set https-proxy http://user:password@proxy.company.priv:80
RUN npm config set proxy http://user:password@proxy.company.priv:80
Community
  • 1
  • 1
Ohad Lahav
  • 290
  • 3
  • 7
  • I also had to add `RUN npm config set registry http://registry.npmjs.org/` to force the connection to use HTTP. – Drarig29 May 03 '21 at 12:01
0

(Just that you know, this package was written by myself)

You can use docker-container-proxy, it allows configuration of a proxy for any docker container without editing any code.

Just run:

npx dockerproxy start --address company-proxy-address.com --port 8080
# Do anything else that needs a Proxy
Daniel Habenicht
  • 2,133
  • 1
  • 15
  • 36
0

As described in the Docker Documentation adding the following to ~/.docker/config.json helped me:

{
 "proxies":
 {
   "default":
   {
     "httpProxy": "http://127.0.0.1:3001",
     "httpsProxy": "http://127.0.0.1:3001",
     "noProxy": "*.test.example.com,.example2.com"
   }
 }
}
Sonicdelay
  • 17
  • 3