Skip to main content

Appending the certificate authority of MITM proxies

See Custom Certificate Authorities to append the CA certificate of your corporate proxy to the trusted store.

Configuring a machine to use the proxy

To configure Talos to use an HTTP or HTTPS proxy, set the appropriate environment variables in the machine configuration: 
machine:
  env:
    http_proxy: <http proxy>
    https_proxy: <https proxy>
    no_proxy: <no proxy>
In proxy-restricted environments, you may also need to configure DNS (nameservers) and NTP (timeservers) explicitly: 
machine:
  env:
  ...
  time:
    servers:
      - <server 1>
      - <server ...>
      - <server n>
  ...
  network:
    nameservers:
      - <ip 1>
      - <ip ...>
      - <ip n>
If proxy access is required before the machine configuration is applied (for example, during initial boot), provide the proxy settings via kernel command line arguments: 
talos.environment=http_proxy=<http-proxy> talos.environment=https_proxy=<https-proxy>
DNS and NTP settings can also be managed using their dedicated configuration documents: ResolverConfig and TimeSyncConfig respectively