Using smart-proxy in DMZ to download packages/repository

i didn’t find no informations in the documentation.
My question is :
For security mesure, i have a foreman in the LAN and a foreman-proxy in DMZ.
My goal is that the repository synchronisation will be made with the foreman-proxy in dmz.
I didn’t find any solution in foreman to specifying wich foreman-proxy using to synchronise.
Is it possible ?

Hi, yes it’s possible, when you register a host/client you specify to foreman server to use… proxy in this case. It takes the config/info from there to finish.
Explain a bit further how you are doing the enrollment/subscription process today and which error you encounter.

hello, thanks for your answer.
As my english is not perfect, maybe my ask is not good.
Actually the foreman server on our LAN didn’t have acces to internet. Only the DMZ with a smart-proxy inside can acces internet to fecth repositories. how to specifying to foreman that he does use this smart-proxy to make synchronisation ( The best will be that the repositories data will be on the main foreman proxy on the lan ( in /var/lib/pulp/media)

Hey @Zippopotamme

Will you take a look at this and see does it describe what you are trying to do:

hi, thanks for the link.
if i understood, it’s possible but instead of only a smart-procy, i have ti add another foreman server (and proxy) in my dmz and " duplicate" my content into the seconde one. right ?

and if i understood, this is a “manual” operration (or scriptedf) but cannot be done “automaticly” by the foreman server

if you have a Foreman already, follow the instructions for adding a proxy and locate it at your DMZ(port opening, test that from internet, etc).
depending on what you want to do, if you want to provide packages/repos, you will need to replicate them with pulp, its described in the links @mcorr previously provided.

1 Like