Improve configuration of HTTP(s) proxy for deployments at customer sites
we are having a bit of trouble with the way iotedge handles HTTP(s)-Proxy configuration.
Right now a HTTP(s) proxy for an iotedge needs to be configured
- locally in /etc/iotedge/config.yml (and required linux daemons)
- and in IoT Edge deployment (IoT Hub) via
- edgeAgent environment variable https_proxy
- edgeHub environment variable https_proxy
Therefore each edge deployed at a customer site with a proxy needs a custom deployment in IoT Hub.
This poses several problems
- customer passwords need to be stored in IoT hub
- which then need to be kept in sync with local proxy configuration
- which we'd prefer not to do security-wise
- customer IT departements prefer for passwords to remain on site
- a seperate deploymend needs to be defined / managed for each IoT edge
- it is not possible to offer the customer a Web-GUI to configure and check connection to IoT hub
Possible Solutions / Workarounds
This problem could be solved
- if iotedge was able to import proxy settings from etc/iotedge/config.yml
- or if iotedge allowed importing enviroment variables for docker containers like docker does (using --env without a value)
- or if iotedge supported the use of --env-file
Thanks you for your attention =).
Original Post: https://github.com/Azure/iotedge/issues/4053