Apt-proxy is a simple program that caches downloaded Debian packages. By setting up multiple client computers to use the same apt-proxy, requested packages are only downloaded from the remote server once and cached. This decreases the load on the remote server and improves the speed with which the apt-proxy clients can get hold of the latest Debian packages! Like most network programs, apt-proxy uses the client and server model. In this case, the computer running apt-proxy is the server and the computers using the server as their source for updates and upgrades are clients.
Note that the current version of apt-proxy has known unfixed security bugs, and release-critical bugs, and will most likely not be making it into Debian sarge. You may want to consider apt-cacher, which performs much the same task as apt-proxy, but has a nicer architecture.
The Server Side
For Debian users, who are, let's face it, the people most likely to be wanting to use apt-proxy, installing the software is as simple as:
apt-get install apt-proxy
The apt-proxy package and a couple of dependencies will be downloaded and installed. Apt-proxy is started automatically on request by inetd so only configuration remains to be seen to. Also ensure that you have wget installed.
==== Configuring apt-proxy ====Apt-proxy is configured by editing the etc/apt-proxy/apt-proxy.conf file. Although perhaps a little daunting at first, it is quote straight-forward once you have got the hang of the rather strict syntax. It is worth having about four terminal windows open for this stage: One for the apt-proxy man page, one for the apt-proxy.conf man page, one showing a working /etc/apt/sources.list and finally one for editing /etc/apt-proxy/apt-proxy.conf itself.
Backup the existing /etc/apt-proxy/apt-proxy.conf.
Edit the /etc/apt-proxy/apt-proxy.conf to include sections relating to each server (or set of servers).
Configure one section for each apt source in the working /etc/apt/sources.list. You may want to comment out the suggested sections and configure your own. This is covered in more detail below.
- There are additional parameters that are set at the end of the configuration file. For most people, the defaults should be fine.
For example, in the /etc/apt/sources.list shown further down the page, there are two different apt sources specified, one as the "main" location for binary and source packages, one as the location for "non-US" binary and source packages. So, two sections in /etc/apt-proxy/apt-proxy.conf would be needed, one for each of these apt sources. You may notice from the /etc/apt/sources.list below that two different mirrors have been used at different times. This is common when one mirror has gone off-line or fallen behind in synchronisation. Instead of editing the client's /etc/apt/sources.list when this happens, you can instead specify in /etc/apt-proxy/apt-proxy.conf more than one mirror to be used. This allows apt-proxy to locate a working mirror without changing any configuration files on the client. (This is useful when mirror.ac.uk goes off-line!)
So, for example, the entry in /etc/apt-proxy/apt-proxy.conf for a server list referred to as "debian", with two possible mirrors as upstream sources, could look like:
add_backend /debian/ \\ $APT_PROXY_CACHE/debian/ \\ http://www.mirror.ac.uk/sites/ftp.debian.org/debian/ \\ http://debian.blueyonder.co.uk/
The add_backend line specifies the "nickname" of the apt source that is used in the /etc/apt/sources.list on the clients.
The APT_PROXY_CACHE line determines which directory within /var/cache/apt-proxy the packages downloaded from that "backend" are stored.
- You can add a number of alternative mirrors to use for a single apt source.
- It is important to maintain the backslashes on all lines in the same section except the last. This means the section is interpretted as a single line by apt-proxy.
The Client Side
Configuring clients to use apt-proxy is simply a case of editing /etc/apt/sources.list, replacing the existing sources with lines referring to the apt-proxy instead. For convenience, simply comment out the existing lines in /etc/apt/sources.list rather than removing them. This allows the uncommented lines to be returned to active use if the client is removed from the network and unable to contact apt-proxy.
Essentially, instead of specifying the full URL for the relevant mirror, one replaces it with the URL of the apt-proxy. In this example the apt-proxy server is called holly, which should be DNS resolvable. By default, apt-proxy runs on port 9999, and this needs to be specified in the lines in /etc/apt/sources.list. This is followed by a suffix (e.g. debian), that matches the section in /etc/apt-proxy/apt-proxy.conf containing the mirror that was previously used by this line in the file. It might be helpful to think of the suffix as a "nickname" that tells apt-proxy which list of mirrors to use.
So, for example, the replacement for a mirror.ac.uk line in /etc/apt/sources.list for the apt-proxy as configured above would be http://holly:9999/debian. The "tags" at the end of the line should be left as they are, because they are passed to apt-proxy and used to determine which files and package lists should be downloaded. In this way the same apt-proxy installation can be used for stable and unstable systems.
An example /etc/apt/sources.list file could be:
#deb http://mirror.ox.ac.uk/debian/ unstable main #deb http://debian.blueyonder.co.uk/ unstable main deb http://holly:9999/debian unstable main #deb-src http://www.mirror.ac.uk/sites/ftp.debian.org/debian unstable main #deb-src http://debian.blueyonder.co.uk/ unstable main deb-src http://holly:9999/debian unstable main #deb http://non-us.debian.org/debian-non-US unstable/non-US main deb http://holly:9999/debian-non-US unstable/non-US main #deb-src http://non-us.debian.org/debian-non-US unstable/non-US main deb-src http://holly:9999/debian-non-US unstable/non-US main
Once you have configured both the server and the clients for apt-proxy, you are ready to begin using it. On a client:
Run apt-get clean. This will purge the existing downloaded packages and package lists.
Run apt-get update. This will get the apt-proxy to download initial package lists as well as passing them onto the client. You should see from the displayed output that apt-get is now using the apt-proxy as its source rather than your old sources.
Get:1 http://holly unstable/main Packages [2942kB] Hit http://holly unstable/main Release Get:2 http://holly unstable/main Sources [1154kB] Hit http://holly unstable/main Release Hit http://holly unstable/non-US/main Packages Hit http://holly unstable/non-US/main Release Hit http://holly unstable/non-US/main Sources Hit http://holly unstable/non-US/main Release Fetched 4095kB in 11s (371kB/s) Reading Package Lists... Done
- You can now use apt-get to install or upgrade packages as normal. Downloaded packages will be cached on the apt-proxy for use by other clients.
Tricks and Gotchas
Don't run apt-proxy from the command line, because it will create the cache directories in /var/cache/apt-proxy with the permissions of the user running the program. When run by inetd, apt-proxy is run by the user aptproxy, so if you run the program as another user, you might screw up the permissions.
If you have run apt-proxy as a user other than aptproxy you will need to check (and probably change) the ownership of all directories and files within /var/cache/apt-proxy and /var/log/apt-proxy.log. This can be done with:
chown -R root.root /var/cache/apt-proxy/
Ensure you have sufficient hard disk space available for /var/cache/apt-proxy. Apt-proxy will purge cached packages automatically, but you may still need to store a few hundred megabytes of data in the cache.
Apt-proxy has been known to cause issues with upgrading/dist-upgrading, since the cache is read before the package descriptors are fetched. If you get errors from apt/aptitude about this, comment out the lines for apt-proxy in /etc/apt/sources.list. Then
apt-get update && aptitude upgrade
A typical error is: [[PreDepends]]: libblkid1 (>= 1.34-1) but it is not installable. It is worth nothing that this sample error message is not exclusive with the use of apt-proxy.
This page originally by: TonyWhitmore.