36 lines
1.2 KiB
Markdown
36 lines
1.2 KiB
Markdown
---
|
|
title: "Fetching Go Modules via `goproxy` Inside VPN"
|
|
date: "2024-02-29"
|
|
toc: false
|
|
---
|
|
|
|
I think I finally setup the holy grail of universally being able to
|
|
fetch-by-proxy go modules through a firewall using
|
|
https://github.com/goproxy/goproxy
|
|
|
|
<!--more-->
|
|
|
|
On your internal host (such as your work machine), run the following:
|
|
|
|
```shell_session
|
|
GOPRIVATE=git.company.com GOMODCACHE=~/go goproxy server --address localhost:9981
|
|
```
|
|
|
|
On your external host (such as a network isolated Linux VM):
|
|
|
|
```shell_session
|
|
ssh -L 9981:localhost:9981 $INTERNALHOST &
|
|
GOPROXY=http://localhost:9981,direct go mod tidy
|
|
```
|
|
|
|
Of course, the tunneling is optional and you can use a non-`localhost`
|
|
`--address` when running `goproxy server`, but then of course you are dealing
|
|
with this proxy being open on the LAN, which may upset security in some cases.
|
|
|
|
And bam! Now you can fetch go modules as if you're on the VPN even if you're not
|
|
on the VPN.
|
|
|
|
You can use something like `go env -w GOPROXY=http://localhost:9981,direct` to
|
|
avoid prefixing all your `go` commands with the environment variable. Obviously,
|
|
this can cause things to break weirdly if/when the `goproxy server` dies or the
|
|
tunnel is disconnected. Tread lightly!
|