3

I'm trying to integrate an internal GitLab installation with a Slack incoming webhook but I have a problem, the machine where GitLab can only access other machines in the same network. I have VM which is in that same network and has external access.

The Slack webhook is a URL like this:

https://hooks.slack.com/services/T18QMD0NM/C09PY5XKO/52lDzmkoxL51p9NLRqxQ9Kq2

But since I cannot use that in GitLab, I've configured the Slack service on GitLab to make requests to the following URL instead:

https://192.168.1.220:3128/services/T18QMD0NM/C09PY5XKO/52lDzmkoxL51p9NLRqxQ9Kq2

192.168.1.220 is the VM IP address and 3128 is where Squid is listening.

How do I use Squid to forward all incoming requests to hooks.slack.com?

P.S: I have a clean Squid installation, didn't change any setting at all.

rfgamaral
  • 940
  • 2
  • 11
  • 18

1 Answers1

4

I suppose the best way to solve your issue is by directing your GitLab to use an outbound http proxy.

You can refer this link to configure the http proxy on your GitLab installation.

-- Update

#!/usr/bin/perl
use strict;

# Turn off buffering to STDOUT
$| = 1;

# Read from STDIN
while (<>) {

    my @elems = split; # splits $_ on whitespace by default

    # The URL is the first whitespace-separated element.
    my $url = $elems[0];

    # Handle local IP links and translate them to https://hooks.slack.com
    # with the rest of the URL intact (if present) and ignore warnings.
    # 192.168.1.220:3128
    if ($url =~ m#^https://192\.168\.1\.220(/.*)?#i) {

        $url = "https://hooks.slack.com${1}";

        print "$url\n";

    }    
}

Add the following line of code in your squid.conf file:

redirect_program /path/to/the/script/above/redirect_program.pl

And Finally reload/reconfigure squid using:

/path/to/executable/squid -k reconfigure
HawkEye
  • 128
  • 9
  • That's not an option. I don't have access to the GitLab machine. – rfgamaral Jul 02 '15 at 19:02
  • Ok, Then perhaps you should be utilizing the URL Rewrite program in squid. Go through this [link](http://www.squid-cache.org/Doc/config/url_rewrite_program/). – HawkEye Jul 02 '15 at 19:06
  • I've already went through the documentation and I can't understand how to do it... – rfgamaral Jul 02 '15 at 19:08
  • I have edited my answer take a look at it! It may not be the perfect answer but I have put the best of my knowledge into action. :) – HawkEye Jul 02 '15 at 19:22
  • Thanks. But I can't get it working. Not sure if it's the script or I'm doing something wrong. Do you have any idea how I can debug this? How can I print stuff and check their contents? How do I now the script is really being called? – rfgamaral Jul 02 '15 at 19:37
  • Also, I believe you made a mistake in `hooks.slack.com`, there's a `/` where it should be a `.`. Am I right? – rfgamaral Jul 02 '15 at 19:38
  • Yes. You are right about the typo, I just fixed it. Now I am starting to think that we should somehow start handling the port 3128 that you are mentioning in the URL. I am not sure if we can debug this, but nonetheless you can check your squid logs! – HawkEye Jul 02 '15 at 19:42
  • Try replacing the URL with `https://192\.168\.1\.220\:3128` – HawkEye Jul 02 '15 at 20:08
  • Let us [continue this discussion in chat](http://chat.stackexchange.com/rooms/25472/discussion-between-ricardo-amaral-and-hawkeye). – rfgamaral Jul 02 '15 at 20:27
  • Still not working. I tried to modify the basic example [here](http://wiki.squid-cache.org/Features/Redirectors), to simply just redirect everything to a static url, like this `print $X[0]." 302:https://hooks.slack.com/services/T18QMD0NM/C09PY5XKO/52lDzmkoxL51p9NLRqxQ9Kq2\n";` and it also doesn't work. So something must be missing. – rfgamaral Jul 02 '15 at 20:44
  • I gave up on Squid and used nginx, much easier and I already have it working. Thanks anyway. Not sure what to do with this question now. – rfgamaral Jul 02 '15 at 21:19
  • Hmmm, So I forgot to mention a couple of things on this. First thing is that you `ensure you have perl installed` and the second thing is to `grant execute permissions to the script.` – HawkEye Jul 03 '15 at 03:48
  • I didn't check for the first one, but the second one I was aware. Well, looking at the docs, I assume this answer is on the right track and I'm marking it as correct. thank you. – rfgamaral Jul 03 '15 at 09:28