From 3eee49ca76fb3b2e7c98b43b9377b95a73014309 Mon Sep 17 00:00:00 2001
From: Laurent Hoss <laurent.hoss@gmail.com>
Date: Wed, 21 Dec 2016 17:35:47 +0100
Subject: [PATCH] disable new docker_proxy vars by default and document
 reasonable defaults (re-using the proxy/ies in ansible_env)

---
 README.md         |  9 +++++++++
 defaults/main.yml |  9 +++++++++
 tasks/main.yml    | 12 ++++++------
 3 files changed, 24 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index 4f755ac..7824697 100644
--- a/README.md
+++ b/README.md
@@ -77,6 +77,15 @@ apt_repository: deb https://apt.dockerproject.org/repo {{ ansible_lsb.id|lower }
 #  -H tcp://0.0.0.0:2375
 #  --log-level=debug
 docker_opts: ""
+
+# configurable proxies: a reasonable default is to re-use the proxy from ansible_env:
+# docker_http_proxy: "{{ ansible_env.http_proxy|default('') }}"
+# Notes:
+# if docker_http_proxy==""   the role sets HTTP_PROXY="" (useful to 'empty' existing ENV var)
+# if docker_http_proxy is undefined the role will not set/modify any ENV vars
+docker_http_proxy:
+docker_https_proxy:
+
 # List of users to be added to 'docker' system group (disabled by default)
 # SECURITY WARNING: 
 # Be aware that granted users can easily get full root access on the docker host system!
diff --git a/defaults/main.yml b/defaults/main.yml
index 8087d1e..f9cd41e 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -25,6 +25,15 @@ docker_opts: ""
 # SECURITY WARNING: 
 # Be aware that granted users can easily get full root access on the docker host system!
 docker_group_members: []
+
+# configurable proxies: a reasonable default is to re-use the proxy from ansible_env:
+# docker_http_proxy: "{{ ansible_env.http_proxy|default('') }}"
+# Notes:
+# if docker_http_proxy==""   the role sets HTTP_PROXY="" (useful to 'empty' existing ENV var)
+# if docker_http_proxy is undefined the role will not set/modify any ENV vars
+docker_http_proxy:
+docker_https_proxy:
+
 # Flags for whether to install pip packages
 pip_install_pip: true
 pip_install_setuptools: true
diff --git a/tasks/main.yml b/tasks/main.yml
index b93aa74..ea51be0 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -202,24 +202,24 @@
     line: "DEFAULT_FORWARD_POLICY=\"ACCEPT\""
   when: ufw_default_exists.stat.exists
 
-- name: Set docker proxy settings if http_proxy env. var is defined
+- name: Set docker HTTP_PROXY if docker_http_proxy defined
   lineinfile:
     dest: /etc/default/docker
     regexp: "^export HTTP_PROXY="
-    line: "export HTTP_PROXY=\"{{ansible_env.http_proxy}}\""
+    line: "export HTTP_PROXY=\"{{docker_http_proxy}}\""
     state: present
-  when: ansible_env.http_proxy is defined
+  when: docker_http_proxy is defined and (docker_http_proxy != None)
   notify:
     - Restart docker
   tags: proxy
 
-- name: Set docker proxy settings if https_proxy env. var is defined
+- name: Set docker HTTPS_PROXY if docker_https_proxy defined
   lineinfile:
     dest: /etc/default/docker
     regexp: "^export HTTPS_PROXY="
-    line: "export HTTPS_PROXY=\"{{ansible_env.https_proxy}}\""
+    line: "export HTTPS_PROXY=\"{{docker_https_proxy}}\""
     state: present
-  when: ansible_env.https_proxy is defined
+  when: docker_https_proxy is defined and (docker_https_proxy != None)
   notify:
     - Restart docker
   tags: proxy