2014-09-04 00:18:34 -04:00
|
|
|
|
# vim:sts=2 ts=2 sw=2 et ai
|
|
|
|
|
{% from "apt-cacher/map.jinja" import apt_cacher with context %}
|
2014-01-05 17:02:07 -05:00
|
|
|
|
# This file is managed by Salt, do not edit by hand!!
|
|
|
|
|
#################################################################################
|
|
|
|
|
# This is the config file for apt-cacher. On most Debian systems you can safely #
|
|
|
|
|
# leave the defaults alone. #
|
|
|
|
|
# #
|
|
|
|
|
# Commented defaults or examples are given. They can be changed here, or #
|
|
|
|
|
# overridden using a fragment placed in ./conf.d/ #
|
|
|
|
|
#################################################################################
|
|
|
|
|
|
|
|
|
|
### GENERAL ###
|
|
|
|
|
|
|
|
|
|
# The location of the local cache/working directory. This can become quite
|
|
|
|
|
# large, so make sure it is somewhere with plenty of space.
|
|
|
|
|
#
|
|
|
|
|
#cache_dir = /var/cache/apt-cacher
|
|
|
|
|
|
|
|
|
|
# The directory to use for apt-cacher access and error logs.
|
|
|
|
|
# The access log records every request in the format:
|
|
|
|
|
#
|
|
|
|
|
# date-time|PID|client IP address|HIT/HEAD/MISS/EXPIRED/NOTMOD|object size|object name
|
|
|
|
|
#
|
|
|
|
|
# The error log is slightly more free-form, and is also used for debug messages
|
|
|
|
|
# if debug mode is turned on.
|
|
|
|
|
#
|
|
|
|
|
#log_dir = /var/log/apt-cacher
|
|
|
|
|
|
|
|
|
|
# The email address of the administrator is displayed in the info page and
|
|
|
|
|
# traffic reports.
|
|
|
|
|
#
|
|
|
|
|
admin_email = {{ apt_cacher.get('admin_email', 'root@localhost') }}
|
|
|
|
|
|
|
|
|
|
# Daemon port setting, only useful in stand-alone mode. You need to run the
|
|
|
|
|
# daemon as root to use privileged ports (<1024).
|
|
|
|
|
#
|
|
|
|
|
# For standalone daemon auto startup settings please edit the file
|
|
|
|
|
# /etc/default/apt-cacher.
|
|
|
|
|
#
|
|
|
|
|
#daemon_port = 3142
|
|
|
|
|
|
|
|
|
|
# Optional settings, user and group to run the daemon as. Make sure they have
|
|
|
|
|
# sufficient permissions within the cache and log directories. Comment the
|
|
|
|
|
# settings to run apt-cacher as the invoking user.
|
|
|
|
|
#
|
2014-09-04 00:18:34 -04:00
|
|
|
|
group = {{ apt_cacher.get('group', 'www-data') }}
|
|
|
|
|
user = {{ apt_cacher.get('user', 'www-data') }}
|
2014-01-05 17:02:07 -05:00
|
|
|
|
|
|
|
|
|
# optional setting, binds the listening daemon to specified IP(s).
|
|
|
|
|
#
|
|
|
|
|
#daemon_addr = localhost
|
|
|
|
|
|
|
|
|
|
# Apt-cacher can be used in offline mode which just uses files already cached,
|
|
|
|
|
# but doesn't make any new outgoing connections by setting this to 1.
|
|
|
|
|
#
|
|
|
|
|
#offline_mode = 1
|
|
|
|
|
|
|
|
|
|
# To enable data checksumming, install libberkeleydb-perl and set this option to
|
|
|
|
|
# 1. Then wait until the Packages/Sources files have been refreshed once (and so
|
|
|
|
|
# the database has been built up). You can also delete them from the cache to
|
|
|
|
|
# trigger the database update.
|
|
|
|
|
#
|
|
|
|
|
#checksum = 1
|
|
|
|
|
|
|
|
|
|
# Importing checksums from new index files into the checksum database can cause
|
|
|
|
|
# high CPU usage on slower systems. This option sets a limit to the number of
|
|
|
|
|
# index files that are imported simultaneously, thereby limiting CPU load
|
|
|
|
|
# average, but, possibly, taking longer. Set to 0 for no limit.
|
|
|
|
|
#
|
|
|
|
|
#concurrent_import_limit = 1
|
|
|
|
|
|
|
|
|
|
# CGI mode is deprecated.
|
|
|
|
|
#
|
|
|
|
|
# Send a 410 (Gone) HTTP message with the specified text when accessed via
|
|
|
|
|
# CGI. Useful to tell users to adapt their sources.list files when the
|
|
|
|
|
# apt-cacher server is being relocated (via apt-get's error messages while
|
|
|
|
|
# running "update")
|
|
|
|
|
#
|
|
|
|
|
#cgi_advise_to_use = Please use http://cacheserver:3142/ as apt-cacher access URL
|
|
|
|
|
#cgi_advise_to_use = Server relocated. To change sources.list, run
|
|
|
|
|
# perl -pe "s,/apt-cacher??,:3142," -i /etc/apt/sources.list
|
|
|
|
|
#
|
|
|
|
|
# To further facilitate migration from CGI to daemon mode this setting will
|
|
|
|
|
# automatically redirect incoming CGI requests to the specified daemon URL.
|
|
|
|
|
#
|
|
|
|
|
#cgi_redirect = http://localhost:3142/
|
|
|
|
|
|
|
|
|
|
### UPSTREAM PROXY ###
|
|
|
|
|
|
|
|
|
|
# Apt-cacher can pass all its requests to an external HTTP proxy like Squid,
|
|
|
|
|
# which could be very useful if you are using an ISP that blocks port 80 and
|
|
|
|
|
# requires all web traffic to go through its proxy. The format is
|
|
|
|
|
# 'hostname:port', eg: 'proxy.example.com:8080'.
|
|
|
|
|
#
|
|
|
|
|
#http_proxy = proxy.example.com:8080
|
|
|
|
|
|
|
|
|
|
# External http proxy sometimes need authentication to get full access. The
|
|
|
|
|
# format is 'username:password'.
|
|
|
|
|
#
|
|
|
|
|
#http_proxy_auth = proxyuser:proxypass
|
|
|
|
|
|
|
|
|
|
# Use of the configured external proxy can be turned on or off with this flag.
|
|
|
|
|
# Value should be either 0 (off) or 1 (on).
|
|
|
|
|
#
|
|
|
|
|
#use_proxy = 0
|
|
|
|
|
|
|
|
|
|
# Use of external proxy authentication can be turned on or off with this flag.
|
|
|
|
|
# Value should be either 0 (off) or 1 (on).
|
|
|
|
|
#
|
|
|
|
|
#use_proxy_auth = 0
|
|
|
|
|
|
|
|
|
|
# This sets the interface to use for the upstream connection.
|
|
|
|
|
# Specify an interface name, an IP address or a host name.
|
|
|
|
|
# If unset, the default route is used.
|
|
|
|
|
#
|
2014-09-04 00:18:34 -04:00
|
|
|
|
{%- if apt_cacher.get('interface', 'False') != 'False' %}
|
|
|
|
|
interface = {{ apt_cacher.get('interface', 'False') }}
|
|
|
|
|
{%- endif %}
|
2014-01-05 17:02:07 -05:00
|
|
|
|
#interface = eth0
|
|
|
|
|
|
|
|
|
|
# Rate limiting sets the maximum bandwidth in bytes per second to use for
|
|
|
|
|
# fetching packages. Use 0 value for no rate limiting.
|
|
|
|
|
#
|
|
|
|
|
#limit = 0
|
|
|
|
|
|
|
|
|
|
### ACCESS and SECURITY ###
|
|
|
|
|
|
|
|
|
|
# Server mapping - this allows mapping virtual paths that appear in the access
|
|
|
|
|
# URL to real server names. The syntax is the part of the beginning of the URL
|
|
|
|
|
# to replace (the key), followed by a list of mirror URLs, all space
|
|
|
|
|
# separated. Multiple mappings are separated by semicolons or commas, as
|
|
|
|
|
# usual. Note that you need to specify all keys (or use the 'PATH_MAP'
|
|
|
|
|
# shorthand) in the allowed_locations option, if you make use of it. Also note
|
|
|
|
|
# that the paths should not overlap each other.
|
|
|
|
|
#
|
|
|
|
|
# The keys are also used to separate the caching of multiple distributions
|
|
|
|
|
# within a single apt-cacher instance if distinct_namespaces is also set.
|
|
|
|
|
#
|
|
|
|
|
#path_map = debian ftp.uni-kl.de/pub/linux/debian ftp2.de.debian.org/debian ;
|
|
|
|
|
# ubuntu archive.ubuntu.com/ubuntu ;
|
|
|
|
|
# security security.debian.org/debian-security ftp2.de.debian.org/debian-security
|
|
|
|
|
#
|
|
|
|
|
# There are 2 default internal path_map settings for the Debian and Ubuntu
|
|
|
|
|
# changelog servers which will be merged with this option.
|
|
|
|
|
#
|
|
|
|
|
# debian-changelogs packages.debian.org
|
|
|
|
|
# ubuntu-changelogs changelogs.ubuntu.com
|
|
|
|
|
#
|
|
|
|
|
# These can be overridden by specifying an alternative mirror for that key, or
|
|
|
|
|
# deleted by just specifying the key with no mirror.
|
|
|
|
|
#
|
|
|
|
|
#path_map = debian-changelogs
|
|
|
|
|
|
|
|
|
|
# From version 1.7.0 there is support for caching multiple distibutions (eg
|
|
|
|
|
# Debian and Ubuntu) within the same apt-cacher instance. Enable this by setting
|
|
|
|
|
# distinct_namespaces to 1. Distribution package files are cached in separate
|
|
|
|
|
# directories whose names are derived from the relevant path_map key. So
|
|
|
|
|
# generally there will be a path_map key => server(s) setting for each
|
|
|
|
|
# distribution that is cached. Having enabled distinct_namespaces, existing
|
|
|
|
|
# packages can be imported into the correct directory by running (as root)
|
|
|
|
|
#
|
|
|
|
|
# /usr/share/apt-cacher/apt-cacher-import.pl -u {cache_dir}/packages
|
|
|
|
|
#
|
|
|
|
|
#distinct_namespaces = 0
|
|
|
|
|
|
|
|
|
|
# If the apt-cacher machine is directly exposed to the Internet and you are
|
|
|
|
|
# worried about unauthorised machines fetching packages through it, you can
|
|
|
|
|
# specify a list of IP addresses which are allowed to use it and another list of
|
|
|
|
|
# IP addresses which are prohibited.
|
|
|
|
|
#
|
|
|
|
|
# Localhost (127.0.0.1, ::1 and ::7f00:1) are always allowed. Other addresses
|
|
|
|
|
# must be matched by allowed_hosts and not by denied_hosts to be permitted to
|
|
|
|
|
# use the cache. Setting allowed_hosts to "*" means "allow all" (which was the
|
|
|
|
|
# default before version 1.7.0). The default is now ''.
|
|
|
|
|
#
|
|
|
|
|
# The format is a comma-separated list containing addresses, optionally with
|
|
|
|
|
# masks (like 10.0.0.0/24 or 10.0.0.0/255.255.255.0), or ranges of addresses
|
|
|
|
|
# (two addresses separated by a hyphen with no masks, specifying a valid subnet,
|
|
|
|
|
# like '192.168.0.0-63' or '192.168.0.0 - 192.168.0.63') or a DNS resolvable
|
|
|
|
|
# hostname. The corresponding IPv6 options allowed_hosts_6 and denied_hosts_6
|
|
|
|
|
# are deprecated (but will still be honoured, if set). IPv6 addresses can now be
|
|
|
|
|
# added directly to allowed_hosts and denied_hosts along with IPv4 addresses.
|
|
|
|
|
|
|
|
|
|
allowed_hosts = {{ apt_cacher.get('allowed_hosts', '*') }}
|
|
|
|
|
denied_hosts = {{ apt_cacher.get('denied_hosts', '') }}
|
|
|
|
|
|
|
|
|
|
# Only allow HTTPS/SSL proxy CONNECT to hosts or IPs which match an item in this
|
|
|
|
|
# list.
|
|
|
|
|
#
|
|
|
|
|
#allowed_ssl_locations =
|
|
|
|
|
|
|
|
|
|
# Only allow HTTPS/SSL proxy CONNECT to ports which match an item in this list.
|
|
|
|
|
# Adding further items to this option can pose a significant security risk. DO
|
|
|
|
|
# NOT do it unless you understand the full implications.
|
|
|
|
|
#
|
|
|
|
|
#allowed_ssl_ports = 443
|
|
|
|
|
|
|
|
|
|
# Optional setting to limit access to upstream mirrors based on server names in
|
|
|
|
|
# the URLs. This is matched before any path_map settings are expanded. If
|
|
|
|
|
# 'PATH_MAP' in included in this option, it will be expanded to the keys of the
|
|
|
|
|
# path_map setting. Note these items are strings, not regexps.
|
|
|
|
|
#
|
|
|
|
|
#allowed_locations = ftp.uni-kl.de, ftp.nerim.net, debian.tu-bs.de/debian
|
|
|
|
|
#allowed_locations = ftp.debian.org, PATH_MAP
|
|
|
|
|
#allowed_locations = PATH_MAP
|
|
|
|
|
|
|
|
|
|
# List of Ubuntu release names used to expand UBUNTU_RELEASE_NAMES in
|
|
|
|
|
# installer_files_regexp (see below). This is required to allow the Ubuntu
|
|
|
|
|
# installer to fetch upgrade information. As the naming scheme is unpredictable,
|
|
|
|
|
# new release names need to be added to this list.
|
|
|
|
|
#
|
|
|
|
|
#ubuntu_release_names = dapper, edgy, feisty, gutsy, hardy, intrepid, jaunty, karmic, lucid, maverick, natty, oneiric, precise
|
|
|
|
|
|
|
|
|
|
### HOUSEKEEPING ###
|
|
|
|
|
|
|
|
|
|
# Apt-cacher can generate usage reports every 24 hours if you set this directive
|
|
|
|
|
# to 1. You can view the reports in a web browser by pointing to your cache
|
|
|
|
|
# machine with 'report' on the end, like this:
|
|
|
|
|
#
|
|
|
|
|
# http://yourcache.example.com:3142/report
|
|
|
|
|
#
|
|
|
|
|
# Generating reports is very fast even with many thousands of logfile lines, so
|
|
|
|
|
# you can safely turn this on without creating much additional system load.
|
|
|
|
|
#
|
|
|
|
|
#generate_reports = 1
|
|
|
|
|
|
|
|
|
|
# Apt-cacher can clean up its cache directory every 24 hours if you set this
|
|
|
|
|
# directive to 1. Cleaning the cache can take some time to run (generally in the
|
|
|
|
|
# order of a few minutes) and removes all package files that are not mentioned
|
|
|
|
|
# in any existing 'Packages' lists. This has the effect of deleting packages
|
|
|
|
|
# that have been superseded by an updated 'Packages' list.
|
|
|
|
|
#
|
|
|
|
|
#clean_cache = 1
|
|
|
|
|
|
|
|
|
|
### INTERNALS ###
|
|
|
|
|
|
|
|
|
|
# Debug mode makes apt-cacher write a lot of extra debug information to the
|
|
|
|
|
# error log (whose location is defined with the 'log_dir' directive). Leave
|
|
|
|
|
# this off unless you need it, or your error log will get very big. Acceptable
|
|
|
|
|
# values are 0 or an integer up to 7. See man apt-cacher (1) for further
|
|
|
|
|
# details.
|
|
|
|
|
#
|
|
|
|
|
#debug = 0
|
|
|
|
|
|
|
|
|
|
# You shouldn't need to change anything below here. If you do, ensure you
|
|
|
|
|
# understand the full implications of doing so.
|
|
|
|
|
|
|
|
|
|
# Permitted package files -- this is a perl regular expression which matches all
|
|
|
|
|
# package-type files (files that are uniquely identified by their filename).
|
|
|
|
|
#
|
|
|
|
|
#package_files_regexp = (?:^[-+.a-z0-9]+_(?:\d:)?[-+.~a-zA-Z0-9]+(?:_[-a-z0-9]+\.(?:u|d)?deb|\.dsc|\.tar(?:\.gz|\.bz2|\.xz)|\.diff\.gz)|\.rpm|index\.db-.+\.gz|\.jigdo|\.template)$
|
|
|
|
|
|
|
|
|
|
# Permitted APT pdiff files -- this is a perl regular expression which matches
|
|
|
|
|
# APT pdiff files which are ed(1) scripts used to patch index files rather than
|
|
|
|
|
# redownloading the whole file afresh.
|
|
|
|
|
#
|
|
|
|
|
#pdiff_files_regexp = ^2\d{3}-\d{2}-\d{2}-\d{4}\.\d{2}\.gz$
|
|
|
|
|
|
|
|
|
|
# Permitted Index files -- this is the perl regular expression which matches all
|
|
|
|
|
# index-type files (files that are uniquely identified by their full path and
|
|
|
|
|
# need to be checked for freshness).
|
|
|
|
|
#
|
|
|
|
|
#index_files_regexp = ^(?:Index(?:\.bz2)?|Packages(?:\.gz|\.bz2)?|Release(?:\.gpg)?|InRelease|Sources(?:\.gz|\.bz2)?|Contents-(?:[a-z]+-)?[a-zA-Z0-9]+\.gz|(?:srclist|pkglist)\.[a-z-]+\.bz2|release(?:\.gz|\.bz2)?|Translation-[a-z]{2,3}(?:_[A-Z]{2})?(?:\.gz|\.bz2|\.xz)?)$
|
|
|
|
|
|
|
|
|
|
# Permitted installer files -- this is the perl regular expression which matches
|
|
|
|
|
# all installer-type files (files that are uniquely identified by their full
|
|
|
|
|
# path but don’t need to be checked for freshness). These are typically files
|
|
|
|
|
# used by Debian/Ubuntu Installer, Debian Live and apt. Within this option, the
|
|
|
|
|
# shorthand 'UBUNTU_RELEASE_NAMES' will be expanded to the list configured in
|
|
|
|
|
# ubuntu_release_names as regexp alternatives.
|
|
|
|
|
#
|
|
|
|
|
installer_files_regexp = ^(?:vmlinuz|linux|initrd\.gz|changelog|NEWS.Debian|[a-z]+\.tar\.gz(?:\.gpg)?|UBUNTU_RELEASE_NAMES\.tar\.gz(?:\.gpg)?|(?:Devel|EOL)?ReleaseAnnouncement(?:\.html)?|meta-release(?:-lts)?(?:-(?:development|proposed))?)$
|
|
|
|
|
|
|
|
|
|
# Perl regular expression which matches Index files from which to read checksums
|
|
|
|
|
# if checksum is enabled.
|
|
|
|
|
#
|
|
|
|
|
#checksum_files_regexp = ^(?:Packages(?:\.gz|\.bz2)?|Sources(?:\.gz|\.bz2)?|(?:In)?Release|Index(?:\.bz2)?)$
|
|
|
|
|
|
|
|
|
|
# Perl regular expression which matches URLs to be permitted for Debian bugs
|
|
|
|
|
# SOAP requests as made by apt-listbugs(1).
|
|
|
|
|
#
|
|
|
|
|
#soap_url_regexp = ^(?:http://)?bugs\.debian\.org(?::80)?/cgi-bin/soap.cgi$
|