formula-apt-cacher/apt-cacher/files/apt-cacher.conf

282 lines
12 KiB
Text
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# vim:sts=2 ts=2 sw=2 et ai
{% from "apt-cacher/map.jinja" import apt_cacher with context %}
# This file is managed by Salt, do not edit by hand!!
#################################################################################
# This is the config file for apt-cacher. On most Debian systems you can safely #
# leave the defaults alone. #
# #
# Commented defaults or examples are given. They can be changed here, or #
# overridden using a fragment placed in ./conf.d/ #
#################################################################################
### GENERAL ###
# The location of the local cache/working directory. This can become quite
# large, so make sure it is somewhere with plenty of space.
#
#cache_dir = /var/cache/apt-cacher
# The directory to use for apt-cacher access and error logs.
# The access log records every request in the format:
#
# date-time|PID|client IP address|HIT/HEAD/MISS/EXPIRED/NOTMOD|object size|object name
#
# The error log is slightly more free-form, and is also used for debug messages
# if debug mode is turned on.
#
#log_dir = /var/log/apt-cacher
# The email address of the administrator is displayed in the info page and
# traffic reports.
#
admin_email = {{ apt_cacher.get('admin_email', 'root@localhost') }}
# Daemon port setting, only useful in stand-alone mode. You need to run the
# daemon as root to use privileged ports (<1024).
#
# For standalone daemon auto startup settings please edit the file
# /etc/default/apt-cacher.
#
#daemon_port = 3142
# Optional settings, user and group to run the daemon as. Make sure they have
# sufficient permissions within the cache and log directories. Comment the
# settings to run apt-cacher as the invoking user.
#
group = {{ apt_cacher.get('group', 'www-data') }}
user = {{ apt_cacher.get('user', 'www-data') }}
# optional setting, binds the listening daemon to specified IP(s).
#
#daemon_addr = localhost
# Apt-cacher can be used in offline mode which just uses files already cached,
# but doesn't make any new outgoing connections by setting this to 1.
#
#offline_mode = 1
# To enable data checksumming, install libberkeleydb-perl and set this option to
# 1. Then wait until the Packages/Sources files have been refreshed once (and so
# the database has been built up). You can also delete them from the cache to
# trigger the database update.
#
#checksum = 1
# Importing checksums from new index files into the checksum database can cause
# high CPU usage on slower systems. This option sets a limit to the number of
# index files that are imported simultaneously, thereby limiting CPU load
# average, but, possibly, taking longer. Set to 0 for no limit.
#
#concurrent_import_limit = 1
# CGI mode is deprecated.
#
# Send a 410 (Gone) HTTP message with the specified text when accessed via
# CGI. Useful to tell users to adapt their sources.list files when the
# apt-cacher server is being relocated (via apt-get's error messages while
# running "update")
#
#cgi_advise_to_use = Please use http://cacheserver:3142/ as apt-cacher access URL
#cgi_advise_to_use = Server relocated. To change sources.list, run
# perl -pe "s,/apt-cacher??,:3142," -i /etc/apt/sources.list
#
# To further facilitate migration from CGI to daemon mode this setting will
# automatically redirect incoming CGI requests to the specified daemon URL.
#
#cgi_redirect = http://localhost:3142/
### UPSTREAM PROXY ###
# Apt-cacher can pass all its requests to an external HTTP proxy like Squid,
# which could be very useful if you are using an ISP that blocks port 80 and
# requires all web traffic to go through its proxy. The format is
# 'hostname:port', eg: 'proxy.example.com:8080'.
#
#http_proxy = proxy.example.com:8080
# External http proxy sometimes need authentication to get full access. The
# format is 'username:password'.
#
#http_proxy_auth = proxyuser:proxypass
# Use of the configured external proxy can be turned on or off with this flag.
# Value should be either 0 (off) or 1 (on).
#
#use_proxy = 0
# Use of external proxy authentication can be turned on or off with this flag.
# Value should be either 0 (off) or 1 (on).
#
#use_proxy_auth = 0
# This sets the interface to use for the upstream connection.
# Specify an interface name, an IP address or a host name.
# If unset, the default route is used.
#
{%- if apt_cacher.get('interface', 'False') != 'False' %}
interface = {{ apt_cacher.get('interface', 'False') }}
{%- endif %}
#interface = eth0
# Rate limiting sets the maximum bandwidth in bytes per second to use for
# fetching packages. Use 0 value for no rate limiting.
#
#limit = 0
### ACCESS and SECURITY ###
# Server mapping - this allows mapping virtual paths that appear in the access
# URL to real server names. The syntax is the part of the beginning of the URL
# to replace (the key), followed by a list of mirror URLs, all space
# separated. Multiple mappings are separated by semicolons or commas, as
# usual. Note that you need to specify all keys (or use the 'PATH_MAP'
# shorthand) in the allowed_locations option, if you make use of it. Also note
# that the paths should not overlap each other.
#
# The keys are also used to separate the caching of multiple distributions
# within a single apt-cacher instance if distinct_namespaces is also set.
#
#path_map = debian ftp.uni-kl.de/pub/linux/debian ftp2.de.debian.org/debian ;
# ubuntu archive.ubuntu.com/ubuntu ;
# security security.debian.org/debian-security ftp2.de.debian.org/debian-security
#
# There are 2 default internal path_map settings for the Debian and Ubuntu
# changelog servers which will be merged with this option.
#
# debian-changelogs packages.debian.org
# ubuntu-changelogs changelogs.ubuntu.com
#
# These can be overridden by specifying an alternative mirror for that key, or
# deleted by just specifying the key with no mirror.
#
#path_map = debian-changelogs
# From version 1.7.0 there is support for caching multiple distibutions (eg
# Debian and Ubuntu) within the same apt-cacher instance. Enable this by setting
# distinct_namespaces to 1. Distribution package files are cached in separate
# directories whose names are derived from the relevant path_map key. So
# generally there will be a path_map key => server(s) setting for each
# distribution that is cached. Having enabled distinct_namespaces, existing
# packages can be imported into the correct directory by running (as root)
#
# /usr/share/apt-cacher/apt-cacher-import.pl -u {cache_dir}/packages
#
#distinct_namespaces = 0
# If the apt-cacher machine is directly exposed to the Internet and you are
# worried about unauthorised machines fetching packages through it, you can
# specify a list of IP addresses which are allowed to use it and another list of
# IP addresses which are prohibited.
#
# Localhost (127.0.0.1, ::1 and ::7f00:1) are always allowed. Other addresses
# must be matched by allowed_hosts and not by denied_hosts to be permitted to
# use the cache. Setting allowed_hosts to "*" means "allow all" (which was the
# default before version 1.7.0). The default is now ''.
#
# The format is a comma-separated list containing addresses, optionally with
# masks (like 10.0.0.0/24 or 10.0.0.0/255.255.255.0), or ranges of addresses
# (two addresses separated by a hyphen with no masks, specifying a valid subnet,
# like '192.168.0.0-63' or '192.168.0.0 - 192.168.0.63') or a DNS resolvable
# hostname. The corresponding IPv6 options allowed_hosts_6 and denied_hosts_6
# are deprecated (but will still be honoured, if set). IPv6 addresses can now be
# added directly to allowed_hosts and denied_hosts along with IPv4 addresses.
allowed_hosts = {{ apt_cacher.get('allowed_hosts', '*') }}
denied_hosts = {{ apt_cacher.get('denied_hosts', '') }}
# Only allow HTTPS/SSL proxy CONNECT to hosts or IPs which match an item in this
# list.
#
#allowed_ssl_locations =
# Only allow HTTPS/SSL proxy CONNECT to ports which match an item in this list.
# Adding further items to this option can pose a significant security risk. DO
# NOT do it unless you understand the full implications.
#
#allowed_ssl_ports = 443
# Optional setting to limit access to upstream mirrors based on server names in
# the URLs. This is matched before any path_map settings are expanded. If
# 'PATH_MAP' in included in this option, it will be expanded to the keys of the
# path_map setting. Note these items are strings, not regexps.
#
#allowed_locations = ftp.uni-kl.de, ftp.nerim.net, debian.tu-bs.de/debian
#allowed_locations = ftp.debian.org, PATH_MAP
#allowed_locations = PATH_MAP
# List of Ubuntu release names used to expand UBUNTU_RELEASE_NAMES in
# installer_files_regexp (see below). This is required to allow the Ubuntu
# installer to fetch upgrade information. As the naming scheme is unpredictable,
# new release names need to be added to this list.
#
#ubuntu_release_names = dapper, edgy, feisty, gutsy, hardy, intrepid, jaunty, karmic, lucid, maverick, natty, oneiric, precise
### HOUSEKEEPING ###
# Apt-cacher can generate usage reports every 24 hours if you set this directive
# to 1. You can view the reports in a web browser by pointing to your cache
# machine with 'report' on the end, like this:
#
# http://yourcache.example.com:3142/report
#
# Generating reports is very fast even with many thousands of logfile lines, so
# you can safely turn this on without creating much additional system load.
#
#generate_reports = 1
# Apt-cacher can clean up its cache directory every 24 hours if you set this
# directive to 1. Cleaning the cache can take some time to run (generally in the
# order of a few minutes) and removes all package files that are not mentioned
# in any existing 'Packages' lists. This has the effect of deleting packages
# that have been superseded by an updated 'Packages' list.
#
#clean_cache = 1
### INTERNALS ###
# Debug mode makes apt-cacher write a lot of extra debug information to the
# error log (whose location is defined with the 'log_dir' directive). Leave
# this off unless you need it, or your error log will get very big. Acceptable
# values are 0 or an integer up to 7. See man apt-cacher (1) for further
# details.
#
#debug = 0
# You shouldn't need to change anything below here. If you do, ensure you
# understand the full implications of doing so.
# Permitted package files -- this is a perl regular expression which matches all
# package-type files (files that are uniquely identified by their filename).
#
#package_files_regexp = (?:^[-+.a-z0-9]+_(?:\d:)?[-+.~a-zA-Z0-9]+(?:_[-a-z0-9]+\.(?:u|d)?deb|\.dsc|\.tar(?:\.gz|\.bz2|\.xz)|\.diff\.gz)|\.rpm|index\.db-.+\.gz|\.jigdo|\.template)$
# Permitted APT pdiff files -- this is a perl regular expression which matches
# APT pdiff files which are ed(1) scripts used to patch index files rather than
# redownloading the whole file afresh.
#
#pdiff_files_regexp = ^2\d{3}-\d{2}-\d{2}-\d{4}\.\d{2}\.gz$
# Permitted Index files -- this is the perl regular expression which matches all
# index-type files (files that are uniquely identified by their full path and
# need to be checked for freshness).
#
#index_files_regexp = ^(?:Index(?:\.bz2)?|Packages(?:\.gz|\.bz2)?|Release(?:\.gpg)?|InRelease|Sources(?:\.gz|\.bz2)?|Contents-(?:[a-z]+-)?[a-zA-Z0-9]+\.gz|(?:srclist|pkglist)\.[a-z-]+\.bz2|release(?:\.gz|\.bz2)?|Translation-[a-z]{2,3}(?:_[A-Z]{2})?(?:\.gz|\.bz2|\.xz)?)$
# Permitted installer files -- this is the perl regular expression which matches
# all installer-type files (files that are uniquely identified by their full
# path but dont need to be checked for freshness). These are typically files
# used by Debian/Ubuntu Installer, Debian Live and apt. Within this option, the
# shorthand 'UBUNTU_RELEASE_NAMES' will be expanded to the list configured in
# ubuntu_release_names as regexp alternatives.
#
installer_files_regexp = ^(?:vmlinuz|linux|initrd\.gz|changelog|NEWS.Debian|[a-z]+\.tar\.gz(?:\.gpg)?|UBUNTU_RELEASE_NAMES\.tar\.gz(?:\.gpg)?|(?:Devel|EOL)?ReleaseAnnouncement(?:\.html)?|meta-release(?:-lts)?(?:-(?:development|proposed))?)$
# Perl regular expression which matches Index files from which to read checksums
# if checksum is enabled.
#
#checksum_files_regexp = ^(?:Packages(?:\.gz|\.bz2)?|Sources(?:\.gz|\.bz2)?|(?:In)?Release|Index(?:\.bz2)?)$
# Perl regular expression which matches URLs to be permitted for Debian bugs
# SOAP requests as made by apt-listbugs(1).
#
#soap_url_regexp = ^(?:http://)?bugs\.debian\.org(?::80)?/cgi-bin/soap.cgi$