[SOLVED] Proxy settings for outgoing connections, e.g. push-proxy

Hey there,

after a long time I decided to give the push proxy a try for mobile notifications. To test it I use the push test server provided for this purpose with the app from the Google Play store.

The problem is I don’t know how to let mattermost know about the proxy it needs to connect from our network to the external push proxy (http://push-test.mattermost.com).

After I did not find any settings for it and no mentions in neither the docs nor the forums I searched the source code and found some methods that look like they try to extract a proxy from environmental variables. I am however not knowledgable enough to understand the correct context.

I’m currently trying to figure out a way to let the mattermost process know about the environmental variables http_proxy and https_proxy, but since I’m not even sure that is useful I thought I’d ask here and look for some help :slight_smile:.

BTW this is how the error in the log file looks:
[2016/06/16 14:39:29 CEST] [EROR] - github.com/mattermost/platform/api.sendPushNotification:809 - Failed to send push notificationid=[...]8jdbp[...], err=Post http://push-test.mattermost.com/api/v1/send_push: dial tcp 54.152.221.224:80: getsockopt: connection timed out

TL;DR how can I tell mattermost to use a proxy for outbound connections?

2 Likes

push-test.mattermost.com uses the std ports 80 and 443. You can input any string with a port into the System console if you want to proxy the connection through an internal route.

I might have created some confusion with the example of the push-proxy. My problem is not specific to the push-proxy (TPNS) but outbound connections from mattermost platform in general.
The security check does not work as well, as it needs to connect to an external address.

To visualize the status quo:
mattermost platform -> || Firewall || (external Server, e.g. security check or TPNS)
(outbound connections are not allowed, while inbound are)

What i need:

mattermost platform \    || Firewall ||     -> (external Server, e.g. security check or TPNS)
                      -> our proxy-server /

Outbound connections use our internal general purpose proxy server (which is allowed through the firewall)

1 Like

Hello!
I have the same problem, I also would like to force the Mattermost application to use an outgoing proxy server as the server itself can not reach the internet.

You can set a custom server which forwards to push.mattermost.com

Yes I am aware of that :slight_smile:
I want to use the default push.mattermost.com
BUT I want the connection to go through a proxy, as my mattermost-application server does not have direct access to the internet. All communication to the internet must go through our company proxy.
Right now mattermost tries to contact push.mattermost.com directly which will not work as the firewall will block it.
Mattermost application must be aware of that it need to contact push.mattermost.com via our outgoing proxy.

I might be miss understanding, but you can replace https://push.mattermost.com with https://my-internal-machine-or-proxy that forwards to the outside machine or https://push.mattermost.com in this case.

What reach3r means is that the push notification server shall send the notification to a proxy and not straight to the outside machine.
I am having this issue too and I would be glad that this problem is solved as soon as possible so i don’t have to open my firewall for this but just let the notification go through my proxy.

1 Like

Nice ascii arts :slight_smile: This illustrates the issue perfectly.

1 Like

This issue is due to missing / incomplete internet proxy support as described in #6469.

Thanks for your feedback @tjuerge,

I’ll close this off here as we have the GitHub issue and Jira ticket tracking it.