-
aptuses thehttpprotocol to grab repository metadata across multiple requests. -
No information is available to ensure consistency across resources, leading to errors such as:
Failed to fetch http://[...] Hash Sum mismatch
-
Whenever we don't have a session for a client yet, or when it grabs
InReleaseorRelease.gpg, we create a new session identified by reading a symlink. Sessions are per client, distribution and suite. -
We ask
nginx(which does the heavy lifting of serving the data) to serve the files from a path created using this symlink. -
This only affects
dists;poolis meant to be served as-is.
-
Deploy behind nginx, with a configuration like:
server { server_name repository.foo.com; listen 80; location / { proxy_pass http://127.0.0.1:8080; proxy_set_header X-Real-IP $remote_addr; } location /direct/ { internal; alias /var/lib/debian-repository/; } } -
Put an
application.confin your classpath overwriting any configuration you do not like (seesrc/resources/reference.conf).
- NAT sucks. In short, you need to make sure that
nginxwill provide a unique enoughX-Real-IPheader for each client.