I'm using Drush and Drush Make to automate download of Drupal module from a corporate network behind a NTLM-SSPI Proxy. Drush and Drush Make uses cURL to download files. cURL supports NTLM-SSPI Proxy. I configured cURL for the proxy in my .curlrc file
--proxy proxy.example.com:8080
--proxy-ntlm
--proxy-user user:password
Drush itself is able to download modules from drupal.org because it uses curl from the command line. But Drush Make uses the PHP cURL API (libcurl) . It looks like when used this way, cURL does not use the configuration in my .curlrc file.
Is there a way to configure libcurl/PHP cURL with a .curlrc file ?
No, the entire .curlrc parser and all associated logic is only present in the command line tool code. It is not included in the library at all. (and the PHP/CURL binding is only using libcurl the library, not the command line tool)
drush really loads the command line tool and runs it, so you can do this in the ~/.curlrc file, but you need to make sure your commands are correctly setup.
leet#test:~$ cat ~/.curlrc
# Proxy manly for drush make
proxy = http://localhost:3128
# Drush make work around for https
#insecure
Can be made with ...
echo -e "\n# Proxy manly for drush make\nproxy = http://localhost:3128 \n /
#Drush make work around for https \n#insecure\n" >> ~/.curlrc
Remember, this will only work for your user, I think you can set a system wide default if you put curlrc in the same folder your bin file is in or /etc/curl, but I have not tested this.
I use this all the time, for quick aegir builds.
Hope that helps.
LeeT
Related
When i use file_get_contents with a url (http://example.com or other), it will return false with different context, user_agent, etc:
file_get_contents(http://example.com):failed to open stream: operation
failed
However when we used file_get_contents() for a local file, it works. But it shows the above error when we try to access any file through http.
I tried the same using cURL and got the following error:
cURL Error (7): couldn't connect to host
According to some solutions on stackoverflow, we changed this setting in php.ini file:
ini_set('allow_url_fopen', 1);
I have also used snoopy library after including snoopy class.php
require "Snoopy/Snoopy.class.php";
$snoopy = new $Snoopy;
fetchtext("http://example.com");
$text = $snoopy->results;
it is also giving an empty response.
If I cURL or wget the same URL using terminal, it works perfectly. But it doesn't work in the PHP code when the file is not local (through HTTP).
Server details:
Debian GNU/Linux 7.6 (wheezy)
Apache/2.2.22 (Debian)
PHP 5.4.45-0+deb7u7
In Debian, there will be a group aid_inet. Apache should be a member of that group to allow to access network.
Run the following command to get the apache user. In my machine its www-data.
cat /etc/passwd
Try this command to add apache user in aid_inet group.
usermod -a -G aid_inet www-data
[Note: if you have different apache user then use your own]
Now, run your php code again to test. It should work.
There is an error in your code, which could be the issue:
fetchtext("http://"google.com");
should be:
fetchtext("https://www.google.com");
(Google uses HTTPS, and always redirects to www subdomain).
Have you checked that the URL you're attempting to query is valid (i.e. structure, escaping of special characters)? It would really help if you can give a real URL you're trying to call.
Regarding from where you are running your php files ( apache or command line ), check that you have allow_url_fopen = On on both php.ini files :
/etc/php5/cli/php.ini
/etc/php5/apache2/php.ini
I am automating installing multiple WordPress blogs on a server. Basically, I need to run multiple wp-cli commands.
Using phpseclib and doing exec(), doesn't work...
When I do something like:
$ssh->exec('wp core download');
I will just get:
/usr/bin/env: php: No such file or directory
Even though I can run it fine, in a normal ssh session...
If I try and $ssh->write the command out and do '\n' it doesn't seem to do anything. Even if I just try to do a simple command like: touch foo.txt
Although that test "touch" command will work with exec...
The system is Ubuntu 14.04...
Any ideas?
I have to connect via SSH from PHP to do this for multiple domains on a server, as new customers come on.
The path to PHP probably needs to be defined. When you SH in with the regular SSH client it's probably running any number of Bash initialization files.
In light of this I have two thoughts.
Try to use a PTY. eg.
$ssh->enablePTY();
$ssh->exec('passwd');
echo $ssh->read();
More info: http://phpseclib.sourceforge.net/ssh/pty.html
Are you doing $ssh->read('[prompt]'); after doing the write("command\n")? You may need to read the stream to get the command to actually be run.
I use composer on a network where the only way to access the internet is using HTTP or socks proxy. I have http_proxy and https_proxy environment variables. When compose tries to access HTTPS URLs I get this:
file could not be downloaded: failed to open stream: Cannot connect to HTTPS server through proxy
As far as I know the only way to connect to a https website is using a connect verb. How can I use composer behind this proxy?
If you are using Windows, you should set the same environment variables, but Windows style:
set http_proxy=<your_http_proxy:proxy_port>
set https_proxy=<your_https_proxy:proxy_port>
That will work for your current cmd.exe. If you want to do this more permanent, y suggest you to use environment variables on your system.
If you're on Linux or Unix (including OS X), you should put this somewhere that will affect your environment:
export HTTP_PROXY_REQUEST_FULLURI=0 # or false
export HTTPS_PROXY_REQUEST_FULLURI=0 #
You can put it in /etc/profile to globally affect all users on the machine, or your own ~/.bashrc or ~/.zshrc, depending on which shell you use.
If you're on Windows, open the Environment Variables control panel, and add either a system or user environment variables with both HTTP_PROXY_REQUEST_FULLURI and HTTPS_PROXY_REQUEST_FULLURI set to 0 or false.
For other people reading this (not you, since you said you have these set up), make sure HTTP_PROXY and HTTPS_PROXY are set to the correct proxy, using the same methods. If you're on Unix/Linux/OS X, setting both upper and lowercase versions of the variable name is the most complete approach, as some things use only the lowercase version, and IIRC some use the upper case. (I'm often using a sort of hybrid environment, Cygwin on Windows, and I know for me it was important to have both, but pure Unix/Linux environments might be able to get away with just lowercase.)
If you still can't get things working after you've done all this, and you're sure you have the correct proxy address set, then look into whether your company is using a Microsoft proxy server. If so, you probably need to install Cntlm as a child proxy to connect between Composer (etc.) and the Microsoft proxy server. Google CNTLM for more information and directions on how to set it up.
If you have to use credentials try this:
export HTTP_PROXY="http://username:password#webproxy.com:port"
Try this:
export HTTPS_PROXY_REQUEST_FULLURI=false
solved this issue for me working behind a proxy at a company few weeks ago.
This works , this is my case ...
C:\xampp\htdocs\your_dir>SET HTTP_PROXY="http://192.168.1.103:8080"
Replace with your IP and Port
on Windows insert:
set http_proxy=<proxy>
set https_proxy=<proxy>
before
php "%~dp0composer.phar" %*
or on Linux insert:
export http_proxy=<proxy>
export https_proxy=<proxy>
before
php "${dir}/composer.phar" "$#"
iconoclast's answer did not work for me.
I upgraded my php from 5.3.* (xampp 1.7.4) to 5.5.* (xampp 1.8.3) and the problem was solved.
Try iconoclast's answer first, if it doesn't work then upgrading might solve the problem.
You can use the standard HTTP_PROXY environment var. Simply set it to the URL of your proxy. Many operating systems already set this variable for you.
Just export the variable, then you don't have to type it all the time.
export HTTP_PROXY="http://johndoeproxy.cu:8080"
Then you can do composer update normally.
Operation timed out (IPv6 issues)#
You may run into errors if IPv6 is not configured correctly. A common error is:
The "https://getcomposer.org/version" file could not be downloaded: failed to
open stream: Operation timed out
We recommend you fix your IPv6 setup. If that is not possible, you can try the following workarounds:
Workaround Linux:
On linux, it seems that running this command helps to make ipv4 traffic have a higher prio than ipv6, which is a better alternative than disabling ipv6 entirely:
sudo sh -c "echo 'precedence ::ffff:0:0/96 100' >> /etc/gai.conf"
Workaround Windows:
On windows the only way is to disable ipv6 entirely I am afraid (either in windows or in your home router).
Workaround Mac OS X:
Get name of your network device:
networksetup -listallnetworkservices
Disable IPv6 on that device (in this case "Wi-Fi"):
networksetup -setv6off Wi-Fi
Run composer ...
You can enable IPv6 again with:
networksetup -setv6automatic Wi-Fi
That said, if this fixes your problem, please talk to your ISP about it to try and resolve the routing errors. That's the best way to get things resolved for everyone.
Hoping it will help you!
according to above ideas, I created a shell script that to make a proxy environment for composer.
#!/bin/bash
export HTTP_PROXY=http://127.0.0.1:8888/
export HTTPS_PROXY=http://127.0.0.1:8888/
zsh # you can alse use bash or other shell
This piece of code is in a file named ~/bin/proxy_mode_shell and it will create a new zsh shell instance when you need proxy. After update finished, you can simply press key Ctrl+D to quit the proxy mode.
add export PATH=~/bin:$PATH to ~/.bashrc or ~/.zshrc if you cannot run proxy_mode_shell directly.
I want to do SVN update easier - with calling PHP script.
I created PHP script:
$cmd = "svn update https://___/svn/website /var/www/html/website/ 2>&1";
exec($cmd, $out);
As the user running the script is apache (not root), I get some permission errors.
If I change the owner of every directory to apache (or chrown everything to 777) I have another problem. Because I use https protocol user apache should permanently accept certificate of the svn server. I tried to do "su - apache" and accept certificate but OS says that "apache" is not valid user. I also dont know how could I accept certificate with exec() function.
Any idea? How can I make svn update-ing easier?
Is the error telling you that the user isn't a valid svn user? If apache is the user running httpd, you should be able to su to it. This is the script I use:
/usr/bin/svn --config-dir=/home/user/.subversion --username=svnuser --password=svnpass update
once the password is saved you can remove it from the command. Again, make sure the user/pass above is a valid SVN user.
Lately I've actually migrated to using Hudson for svn updates as you can schedule it as well as run manually and do a bunch of other tasks, plus you can view the svn logs for each commit as well as any console errors.
Why not use php svn functions instead of (insecure) exec?
http://www.php.net/manual/en/function.svn-auth-set-parameter.php has good examples for authentification options.
Use getent apache on the shell. This will return the shell of apache. Most likely, it is /bin/nologin or /bin/false. Change this to /bin/bash. You'll also need to specify the home directory and create it on the file system.
UPDATE: getent apache will actually return the entry in the /etc/passwd file for the apache user. The last token in this string is the shell.
I'm trying to setup ViewSVN for viewing our subversion repository.
My SVN repository uses https for access. However, irrespective of supplying svn://, svn+ssh:// or https:// in the viewsvn configuration for my svn repository, I always get this in my apache log:
svn: URL protocol is not supported 'https://my.repository.com'
Everything of course works perfectly when running from the commandline.
my localconfig.php file defines the svn root server as
$config['svnroot']='https://my.repository.com';
One other thing- I am using JavaSVN.
Do you happen to have multiple versions of SVN installed, e.g. ViewSVN using /usr/bin/svn whereas you are using /usr/local/bin/svn or something like that?
[EDIT]
I don't know JavaSVN but maybe it behaves differently when run by different users. Maybe it doesn't load additional plugins you need to handle different protocols. Do you have superuser access to your machine? Try to run the checkout from the command line as the web server user:
su nobody
svn checkout https://...
I have the "port number" and the "root folder" added in svnroot, like the follwoing
$config['svnroot']='https://my.repository.com:8088/svn';
I use TortoiseSVN and it shows my svnroot, I think JAVASVN has the same feature.