background

Go agent (Quniu, Ali, Golang China) can be accessed inside the company's LAN, and the internal server code of the company should be accessed instead of the public networkCopy the code

The preparatory work

  • A server for the proxy 192.168.1.125
  • athens
  • nginx
  • Git environment
  • Golang environment

Building work

1. Install a native

Github.com/gomods/athe…

Change the config. Dev. Toml

GoBinaryEnvVars = ["GOPROXY=direct"] GlobalEndpoint = "https://goproxy.cn" FilterFile = "filterfile.toml" NETRCPath = "Netrc. Toml SumDBs ="/" https://sum.golang.google.cn "NoSumPatterns = [" private library domain name / *"] StorageType = "disk Storage. Disk #  RootPath is the Athens Disk Root folder # Env override: ATHENS_DISK_STORAGE_ROOT RootPath = "E:/data"Copy the code

Filterfile toml file

D # GitLab on the Intranet does not need to download + git.company.com/xxx/xxx 'via GlobalEndpointCopy the code

.netrc netrc

# Use account configuration, also can use SSH specific Google Machine192.1681.125.

   login username

   password password
Copy the code

2. Add a route to the host of the proxy server

The IP address is the LAN address of the private Git: 192.168.1.125. The private git library name is prefixed with the import prefix of go.mod, such as git.company.com

192.168.1.125 Private library domain name

3. Configure nginx

Generate an SSL free self-signed certificate

Blog.csdn.net/qq_28018929…

Configure nginx

server {
Copy the code

listen 443 ssl;

server_name git.company.com;

ssl on;

ssl_certificate server.crt; Configure the certificate location

ssl_certificate_key server.key; Configure the key location

#ssl_client_certificate ca.crt; Two-way authentication

#ssl_verify_client on; Two-way authentication

ssl_session_timeout 5m;

ssl_protocols SSLv2 SSLv3 TLSv1;

ssl_ciphers ALL:! ADH:! EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;

ssl_prefer_server_ciphers on;

location / {

if ($args ~* “^go-get=1”) {

return 200 “”;

}

root html;

index index.html index.htm;

Proxy_pass http://192.168.1.125;

}

}

4. Modify golang source code go get ignore insecure certificates

Go source installation reference:Studygolang.com/articles/28…

After compiling, replace bin\go.exe in golang environment on proxy server

5. Modify client environment variables

windows :

Go env – w GOPROXY = http://192.168.1.125:3000

go env -w GONOSUMDB=git.company.com/*