Tag Archives: sysadmin

Cache deb packages with apt-cacher-ng

I’m playing with Docker and I’m constantly tuning my Dockerfile to install the needed packages.

This continuous refinement forces the build process to download the same deb packages every time and it becomes an actual waste of time and bandwidth.

Solution

apt-cacher-ng is a service which can be run on a Debian or Ubuntu host and will serve as a local cache for deb packages from Debian or Ubuntu repositories.

That’s what I need because I’m on an Ubuntu machine emulating a Debian container.

Host setup

The setup is really easy:

# aptitude install apt-cacher-ng

After the installation I changed the bind address of the service to keep it local (I don’t need LAN exposure), I added my local proxy to reach the internet and I disabled ReuseConnections (see Problems):

root@yoda:/etc/apt-cacher-ng# diff acng.conf acng.conf.old 
28d27
< BindAddress: localhost 172.17.42.1
35d33
< proxy: http://127.0.0.1:5865
322d319
< ReuseConnections: 0

Client setup

On the client side it’s necessary to force apt requests to use the proxy.
In the Dockerfile I added

RUN echo 'Acquire::http::Proxy "http://172.17.42.1:3142";' > /etc/apt/apt.conf.d/90-apt-cacher.conf

which creates the configuration file read by apt-get or aptitude when downloading packages.

Problems

The apt-cacher-ng server seems buggy at least when used in conjunction with a regular proxy. Sometimes I get errors like these on the client side

Err http://http.debian.net/debian/ wheezy/main netbase all 5.0
500  Invalid header

one possible solution is to perform a

# apt-get update

on the host machine (it seems to help). Another useful setting is

ReuseConnections: 0

as explained before.

Postfix with gmail as relay on Debian Squeeze

My Situation

A server running Debian Squeeze.
A valid Gmail account.

Procedure

Make sure you have the right packages installed
# aptitude install postfix libsasl2 ca-certificates libsasl2-modules

Make a backup of your original files
# tar cfz /var/backups/etc-postfix_20121105.tgz /etc/postfix/

Modify /etc/postfix/main.cf
relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl/passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_use_tls = yes

Create /etc/postfix/sasl/passwd with your “user” and “password” values
[smtp.gmail.com]:587 theuser@gmail.com:thesecretpassword

Secure your new file and make it usable for Postfix
# chmod 400 /etc/postfix/sasl/passwd
# postmap /etc/postfix/sasl/passwd
# ls -l /etc/postfix/sasl/
total 12
-r-------- 1 root root 57 Nov 5 00:39 passwd
-rw------- 1 root root 12288 Nov 5 00:40 passwd.db

Make sure you have the right certification authorities available to Postfix
# cat /etc/ssl/certs/Thawte_Premium_Server_CA.pem >> /etc/postfix/cacert.pem
# cat /etc/ssl/certs/Equifax_Secure_Global_eBusiness_CA.pem >> /etc/postfix/cacert.pem

Restart Postfix
/etc/init.d/postfix restart

done