Server Version#: 1.43.0.10492
Player Version#: N/A
I have a running copy of PMS on a Kubernetes cluster as part of my home setup. Since the Plex server takes public traffic I have isolated the network connectivity around the service – no need to enable lateral movement in my network in the event of a breach.
To that end I have deployed a dedicated Squid proxy server alongside PMS. Up until recently this worked great to just inject the standard proxy environmental variables into the container:
Environment:
HTTPS_PROXY: http://squid:3128
HTTP_PROXY: http://squid:3128
NO_PROXY: 127.0.0.1,localhost,plex-plex-media-server,172.16.64.0/18,172.16.128.0/18
Then all connections except to those above were handled by Squid and subject to the ACLs I put in place there.
It now looks like PMS does not respect the proxy settings for connections to the PubSub service. It looks like those connections are just HTTPS connections and should be able to pass over the proxy server via a CONNECT, but I’m only theorizing based on what I see.
The impact here is that PMS thinks it is offline and refuses to perform any media scans – the UI displays:
An internet connection is required to scan library files. Please check this server’s connection and try again.
I have updated the Kubernetes NetworkPolicy object to permit connections from the PMS pod to the (hardcoded 
, Hardcoded IPv4 PubSubServer IPs ) IP of the value of the PubSubServer setting in my Preferences.xml. But that is going to break at some point in the future for sure!
Could we please update the PubSub connections to respect the proxy service?
