diff --git a/mysql/provider.go b/mysql/provider.go index 956cfb041..256b6e617 100644 --- a/mysql/provider.go +++ b/mysql/provider.go @@ -4,6 +4,8 @@ import ( "database/sql" "fmt" "net" + "net/url" + "regexp" "strings" "time" @@ -58,6 +60,16 @@ func Provider() terraform.ResourceProvider { DefaultFunc: schema.EnvDefaultFunc("MYSQL_PASSWORD", nil), }, + "proxy": { + Type: schema.TypeString, + Optional: true, + DefaultFunc: schema.MultiEnvDefaultFunc([]string{ + "ALL_PROXY", + "all_proxy", + }, nil), + ValidateFunc: validation.StringMatch(regexp.MustCompile("^socks5h?://.*:\\d+$"), "The proxy URL is not a valid socks url."), + }, + "tls": { Type: schema.TypeString, Optional: true, @@ -118,7 +130,11 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) { AllowCleartextPasswords: d.Get("authentication_plugin").(string) == cleartextPasswords, } - dialer := proxy.FromEnvironment() + dialer, err := makeDialer(d) + if err != nil { + return nil, err + } + mysql.RegisterDial("tcp", func(network string) (net.Conn, error) { return dialer.Dial("tcp", network) }) @@ -132,6 +148,26 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) { var identQuoteReplacer = strings.NewReplacer("`", "``") +func makeDialer(d *schema.ResourceData) (proxy.Dialer, error) { + proxyFromEnv := proxy.FromEnvironment() + proxyArg := d.Get("proxy").(string) + + if len(proxyArg) > 0 { + proxyURL, err := url.Parse(proxyArg) + if err != nil { + return nil, err + } + proxy, err := proxy.FromURL(proxyURL, proxyFromEnv) + if err != nil { + return nil, err + } + + return proxy, nil + } + + return proxyFromEnv, nil +} + func quoteIdentifier(in string) string { return fmt.Sprintf("`%s`", identQuoteReplacer.Replace(in)) } diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown index 775d4181d..ffd9882c5 100644 --- a/website/docs/index.html.markdown +++ b/website/docs/index.html.markdown @@ -79,6 +79,7 @@ The following arguments are supported: * `endpoint` - (Required) The address of the MySQL server to use. Most often a "hostname:port" pair, but may also be an absolute path to a Unix socket when the host OS is Unix-compatible. Can also be sourced from the `MYSQL_ENDPOINT` environment variable. * `username` - (Required) Username to use to authenticate with the server, can also be sourced from the `MYSQL_USERNAME` environment variable. * `password` - (Optional) Password for the given user, if that user has a password, can also be sourced from the `MYSQL_PASSWORD` environment variable. +* `proxy` - (Optional) Proxy socks url, can also be sourced from `ALL_PROXY` or `all_proxy` environment variables. * `tls` - (Optional) The TLS configuration. One of `false`, `true`, or `skip-verify`. Defaults to `false`. Can also be sourced from the `MYSQL_TLS_CONFIG` environment variable. * `max_conn_lifetime_sec` - (Optional) Sets the maximum amount of time a connection may be reused. If d <= 0, connections are reused forever. * `max_open_conns` - (Optional) Sets the maximum number of open connections to the database. If n <= 0, then there is no limit on the number of open connections.