sameersbn / docker-apt-cacher-ng Goto Github PK

View Code? Open in Web Editor NEW

195.0 195.0 71.0 127 KB

Dockerfile to create a Docker container image for Apt-Cacher NG

License: MIT License

Makefile 1.89% Shell 71.27% Dockerfile 26.85%

docker-apt-cacher-ng's People

Contributors

Stargazers

Watchers

docker-apt-cacher-ng's Issues

NFS File Systems with Mismatched UID/GID don't work due to how the cache dir is set up.

I'm often having to run chmod and chown to get it working properly. However because of this I have to rerun this every time I restart the docker container. These folders shouldn't be handled on the image. They should be mountpoints that you should have to pass to the image.

I can fix this. Please let me know and I'll work on a MR.

Permission Issues

Hi Sameer
When I use you image in virtualbox with sharing ntfs drive and create my volume on the shared ntfs drive I get permission issues. Maybe there is someway around this. Let me know.

Thx
Jas99

Update apt-cacher-ng version

Could you please update the version of apt-cacher-ng?

What is the difference between docker-apt-cacher-ng and the official tutorial

This is the official tutorial: https://docs.docker.com/engine/examples/apt-cacher-ng/

I want to know the difference. Does docker-apt-cacher-ng add some extra features?

Possibility of editing config files either via volume or ...

Possibility of editing config files either via volume mapping or adding nano in the container so it can be edited within the container.

precaching

When I try to enable active mirroring I always get the following error:

Maintenance task Archive Mirroring, apt-cacher-ng version: 3.3.1 (Cancel)
PrecacheFor not set, check configuration!

I cannot find a config file within the /config folder

Missing documentation.

The page for Apt-Cacher NG maintenance page http://localhost:3142/acng-report.html has a section for "Configuration Instructions" and it has some links for the documentation such as http://localhost:3142/acng-doc/html/index.html for the manual but this documentation is not "included" in the docker container.

Thank you for your time.

Refusing connections

$ sudo docker ps | grep apt-cacher
0849e7a7b65a        sameersbn/apt-cacher-ng:latest   "/sbin/entrypoint...."   21 minutes ago      Up 21 minutes       0.0.0.0:3142->3142/tcp                                     apt-cacher-ng

$ cat Dockerfile 
FROM ubuntu:16.04

MAINTAINER Jaipradeesh Janarthanan <[email protected]>

RUN echo 'Acquire::HTTP::Proxy "http://localhost:3142";' >> /etc/apt/apt.conf.d/01proxy \
 && echo 'Acquire::HTTPS::Proxy "false";' >> /etc/apt/apt.conf.d/01proxy

RUN apt-get update \
    && apt-get install -y --no-install-recommends python python-pip

$  netstat -plant | grep 3142
tcp6       0      0 :::3142                 :::*                    LISTEN      2926/docker-proxy

$  docker build .
Sending build context to Docker daemon 33.79 kB
Step 1/9 : FROM ubuntu:16.04
 ---> 6a2f32de169d
Step 2/9 : MAINTAINER Jaipradeesh Janarthanan <[email protected]>
 ---> Using cache
 ---> 7618794cd1d3
Step 3/9 : RUN echo 'Acquire::HTTP::Proxy "http://localhost:3142";' >> /etc/apt/apt.conf.d/01proxy  && echo 'Acquire::HTTPS::Proxy "false";' >> /etc/apt/apt.conf.d/01proxy
 ---> Using cache
 ---> 85b2e1f86600
Step 4/9 : RUN apt-get update     && apt-get install -y --no-install-recommends python python-pip
 ---> Running in 1061395de079
Err:1 http://archive.ubuntu.com/ubuntu xenial InRelease
  Could not connect to localhost:3142 (127.0.0.1). - connect (111: Connection refused) [IP: 127.0.0.1 3142]
Err:2 http://security.ubuntu.com/ubuntu xenial-security InRelease
  Could not connect to localhost:3142 (127.0.0.1). - connect (111: Connection refused) [IP: 127.0.0.1 3142]
Err:3 http://archive.ubuntu.com/ubuntu xenial-updates InRelease
  Unable to connect to localhost:3142: [IP: 127.0.0.1 3142]
Err:4 http://archive.ubuntu.com/ubuntu xenial-backports InRelease
  Unable to connect to localhost:3142: [IP: 127.0.0.1 3142]
Reading package lists...
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/xenial/InRelease  Could not connect to localhost:3142 (127.0.0.1). - connect (111: Connection refused) [IP: 127.0.0.1 3142]
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/xenial-updates/InRelease  Unable to connect to localhost:3142: [IP: 127.0.0.1 3142]
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/xenial-backports/InRelease  Unable to connect to localhost:3142: [IP: 127.0.0.1 3142]
W: Failed to fetch http://security.ubuntu.com/ubuntu/dists/xenial-security/InRelease  Could not connect to localhost:3142 (127.0.0.1). - connect (111: Connection refused) [IP: 127.0.0.1 3142]
W: Some index files failed to download. They have been ignored, or old ones used instead.
Reading package lists...
Building dependency tree...
Reading state information...
E: Unable to locate package python
E: Unable to locate package python-pip

automatic cache expiry?

Hi,

apt-cacher-ng distributes a cron script for daily cache expiry.

I don't think this docker image ever run it, I suppose because it would mean running cron on top of apt-cacher-ng…

It would be quite useful to do so…

New maintenance release

Is it possibile to have a new maintenance release, or at least a build tag that is not only latest to use in continuous deployment environments?
Something like
sameersbn/apt-cacher-ng:master-yyyyMMdd
If you want I can submit a PR to add this tag.

Support Pacman

The current container does not work with pacman (and ArchLinux, by extension), and has been broken for several months. This has been fixed upstream: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989347

As an alternative, there is a patch on that issue against 3.3.1, which could be applied.

A workaround is to add:

PFilePatternEx: .*\.pkg\.tar\.(gz|bz2|lzma|xz|zst)\.sig$

VFilePatternEx: .*\.(db|files|abs)(\.tar\.(gz|bz2|lzma|xz|zst))?\.sig$

to the acnf.conf.

Thanks again for this container!

Set "AllowUserPorts: 80 443" as default in acng.conf

Since the "acng.conf" is not exposed externally nor changes persisted. Would like to set AllowUserPorts: 80 443 in order address a bug introduced in apt-cacher-ng 3.74:

https://bugs.launchpad.net/ubuntu/+source/apt-cacher-ng/+bug/1993026

This bug prevents https caching when using the "tell-me-what-you-need method" for Access to SSL/TLS remotes on client side configuration.

deb http://HTTPS///get.docker.com/ubuntu docker main
# If apt-cacher-ng is configured as proxy in APT, this makes it
# switch internally to https://get.docker.com/ubuntu
deb http://acnghost:3142/HTTPS///get.docker.com/ubuntu docker main
# Basically the same just with access to apt-cacher-ng through
# URL rewritting instead of setting http proxy.

#38 would help with this as well.

Hash Sum mismatch failures

Does anybody else get "Hash Sum mismatch" errors when using this proxy? Restarting the aptcacherng container doesn't seem to help. Even deleting its data volume (it reached 1.4GB) and restarting the container does not fix it. Nor does docker system prune -f --volumes to clear docker image build layers. The docker server is 19.03.11 and ubuntu 16, but upgrading docker to 19.03.13 didn't help.

Finally the fix seemed to be adding apt-get clean && rm -rf /var/lib/apt/lists/* && apt-get update && to the beginning of every RUN command in my Dockerfile which used apt-get. Hopefully this helps someone.

% docker logs -t buildenv_aptcacherng_1
2020-10-22T20:29:19.464601561Z [warn] Epoll ADD(1) on fd 12 failed. Old events were 0; read change was 1 (add); write change was 0 (none); close change was 0 (none): Bad file descriptor

From my buildenv/docker-compose.yml:

  aptcacherng:
    image: sameersbn/apt-cacher-ng:3.3-20200524
    restart: always
    init: true
    deploy:
      resources:
        limits:
          memory: ${APT_CACHER_MEM-300m}
    volumes:
      - aptcache:/var/cache/apt-cacher-ng
    ports:
      - "${PUBLISH_IP-}3142:3142"

[2020-10-22 20:32:23+0000] [example:latest] #17 ERROR: executor failed running [/bin/sh -c apt-get update && apt-get install -y openjdk-8-jre-headless]: runc did not terminate sucessfully
...
[2020-10-22 20:31:37+0000] [example:latest] #17 16.30   openjdk-8-jre-headless
[2020-10-22 20:31:37+0000] [example:latest] #17 16.59 0 upgraded, 6 newly installed, 0 to remove and 0 not upgraded.
[2020-10-22 20:31:37+0000] [example:latest] #17 16.59 Need to get 28.9 MB of archives.
[2020-10-22 20:31:37+0000] [example:latest] #17 16.59 After this operation, 105 MB of additional disk space will be used.
[2020-10-22 20:31:37+0000] [example:latest] #17 16.59 Get:1 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 java-common all 0.68ubuntu1~18.04.1 [14.5 kB]
[2020-10-22 20:31:37+0000] [example:latest] #17 16.80 Get:2 http://archive.ubuntu.com/ubuntu bionic/main amd64 libnspr4 amd64 2:4.18-1ubuntu1 [112 kB]
[2020-10-22 20:32:23+0000] [example:latest] #17 17.66 Get:3 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 libnss3 amd64 2:3.35-2ubuntu2.12 [1220 kB]
[2020-10-22 20:32:23+0000] [example:latest] #17 22.18 Get:4 http://archive.ubuntu.com/ubuntu bionic/main amd64 libpcsclite1 amd64 1.8.23-1 [21.3 kB]
[2020-10-22 20:32:23+0000] [example:latest] #17 22.28 Get:5 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 openjdk-8-jre-headless amd64 8u265-b01-0ubuntu2~18.04 [27.5 MB]
[2020-10-22 20:32:23+0000] [example:latest] #17 24.16 Get:5 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 openjdk-8-jre-headless amd64 8u265-b01-0ubuntu2~18.04 [27.5 MB]
[2020-10-22 20:32:23+0000] [example:latest] #17 63.44 Err:5 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 openjdk-8-jre-headless amd64 8u265-b01-0ubuntu2~18.04
[2020-10-22 20:32:23+0000] [example:latest] #17 63.44   Hash Sum mismatch
[2020-10-22 20:32:23+0000] [example:latest] #17 63.44   Hashes of expected file:
[2020-10-22 20:32:23+0000] [example:latest] #17 63.44    - SHA512:49310887ca3d1ec4bb565fc84709c251b300577d729befd0ea4336eaed0b704c314b447d86da76077623e689cd8e77cff0281c43506a50d97657a1e0fa65578c
[2020-10-22 20:32:23+0000] [example:latest] #17 63.44    - SHA256:d0c708242898cce58076dca46245f69a9672ffe00e16120cc9b07c2e7102acba
[2020-10-22 20:32:23+0000] [example:latest] #17 63.44    - SHA1:6d1a84de5eea88e509a57e1c855cd331eb145e60 [weak]
[2020-10-22 20:32:23+0000] [example:latest] #17 63.44    - MD5Sum:3f026505370dff5fcbcc6e928f38ede3 [weak]
[2020-10-22 20:32:23+0000] [example:latest] #17 63.44    - Filesize:27519756 [weak]
[2020-10-22 20:32:23+0000] [example:latest] #17 63.44   Hashes of received file:
[2020-10-22 20:32:23+0000] [example:latest] #17 63.44    - SHA512:986e9328c5667acb803b8d612765f7d197e307650df907912f808aef512ed07f6ef816c7cd854da0e6f1722f1389ee92b49c29258ebcb08e41289834cb7162c0
[2020-10-22 20:32:23+0000] [example:latest] #17 63.44    - SHA256:4d0baf168b060ed29c5fa195b1d292b89410d7314f83ddba1a9b1088cc6476f6
[2020-10-22 20:32:23+0000] [example:latest] #17 63.44    - SHA1:81eafe83a04e02cfecbdfd364fc82662d91b5485 [weak]
[2020-10-22 20:32:23+0000] [example:latest] #17 63.44    - MD5Sum:1069da1d5ee7f28504554e6f8428b841 [weak]
[2020-10-22 20:32:23+0000] [example:latest] #17 63.44    - Filesize:27519756 [weak]
[2020-10-22 20:32:23+0000] [example:latest] #17 63.44   Last modification reported: Wed, 05 Aug 2020 15:33:45 +0000

Health check is failing because of invalid wget options

The health check needs to be updated. docker-compose ps always reports it's unhealthy:

buildenv_aptcacherng_1   /sbin/entrypoint.sh /usr/s ...   Up (unhealthy)   0.0.0.0:3142->3142/tcp

because -0 is no longer supported by wget and there is a stray - argument being passed. The container is otherwise working fine.
You can verify by exec'ing into the container.

root@d06e973fc467:/# wget -q0 - http://localhost:3142/acng-report.html
wget: invalid option -- '0'
Usage: wget [OPTION]... [URL]...

Try `wget --help' for more options.

Just change the Dockerfile to (updated to not write an .html file ever 2s!):

HEALTHCHECK --interval=90s --timeout=5s --retries=3 \
    CMD wget -q -o /dev/null http://localhost:3142/acng-report.html || exit 1

Users of docker-compose.yml can do this themselves with:

version: '3.7'

volumes:
  aptcache:

x-common: &common
  restart: always
  init: true

services:

  aptcacherng:
    image: sameersbn/apt-cacher-ng
    <<: *common
    deploy:
      resources:
        limits:
          memory: ${CACHER_MEM-256m}
    volumes:
      - aptcache:/var/cache/apt-cacher-ng
    ports:
      - "${PUBLISH_IP}3142:3142"
    healthcheck:
      test:  wget -q  http://localhost:3142/acng-report.html || exit 1
      interval: 10s
      timeout: 2s
      retries: 3

Signal handling

Currently apt-cacher-ng is run as PID 1. Therefore it doesn't have default signal handlers installed, e.g. as explained in krallin/tini#8

This prevents a clean shutdown of the container with docker stop, and at least makes stopping the container take longer.

To see the effect, start the image with the example config, i.e. docker-compose up, and stop it with CTRL-C. It takes a while to stop it, as docker kills the process only after a timeout.

One option is to use tini, a minimal init implementation, that besides other things, forwards signals correctly.

Cache expiry functionality in setting `docker-compose.yml`?

How can I achieve the following cache expiry functionality in setting docker-compose.yml? ChatGPT says "The -e argument does not have any associated value, which makes it unnecessary in this context. It appears to be a mistake or a typo.`

Cache expiry
Using the [Command-line arguments](https://github.com/sameersbn/docker-apt-cacher-ng#command-line-arguments) feature, you can specify the -e argument to initiate Apt-Cacher NG's cache expiry maintenance task.

docker run --name apt-cacher-ng --init -it --rm \
  --publish 3142:3142 \
  --volume /srv/docker/apt-cacher-ng:/var/cache/apt-cacher-ng \
  sameersbn/apt-cacher-ng:3.7.4-20220421 -e

CentOS and Rocky Linux Doesn't work properly

When attempting to point CentOS, Rocky Linux or otherwise RHEL based yum/dnf package managed OS'es, which are supported by apt-cacher-ng this implementation fails to work correctly. I'm unsure as to why. The only thing I can think of is file permissions. But I'm unable to test this well enough to say one way or the other.
Usually, this results in a 403 forbidden error, even though I can go to my file system and see that the files are there. For some reason they end up with a different UID/GID than all the other files. This makes me beleive it's a permission issue. However after manually changing the permissions it still doesn't work.
Does work however when I run the package without dockerization. So it is an issue in this implementation here.

Simple way to set nameserver?

We have a customn repository for our own packages, to find it I need to add our dns-server
as a nameserver. Is there a convenient way to do this?

Thanks
Simon

Question about networking

Hello,

I see you have hardcoded ip "172.17.42.1", is it possible to have a more generic solution instead?

I don't find documentation about network when building an image.

Thanks you,

Log to stdout/docker

It would be great if apt-cacher-ng could log to stdout so one can attach to the logs using docker logs
to view the current requests made to it for debugging.

Update to 3.3

I find the current version 3.1 is not compatible with epel7,

yum makecache
Loaded plugins: langpacks
base                                                                                                                                   | 3.6 kB  00:00:00     
epel                                                                                                                                   | 5.4 kB  00:00:00     
extras                                                                                                                                 | 2.9 kB  00:00:00     
updates                                                                                                                                | 2.9 kB  00:00:00     
(1/13): base/7/x86_64/filelists_db                                                                                                     | 7.3 MB  00:00:00     
(2/13): epel/x86_64/updateinfo                                                                                                         | 1.0 MB  00:00:00     
(3/13): base/7/x86_64/other_db                                                                                                         | 2.6 MB  00:00:00     
(4/13): epel/x86_64/prestodelta                                                                                                        | 2.4 kB  00:00:00     
(5/13): epel/x86_64/primary_db                                                                                                         | 6.7 MB  00:00:00     
(6/13): epel/x86_64/other_db                                                                                                           | 3.2 MB  00:00:00     
(7/13): epel/x86_64/filelists_db                                                                                                       |  11 MB  00:00:01     
epel/x86_64/updateinfo_zck     FAILED                                          
http://mirrors.aliyun.com/epel/7/x86_64/repodata/87c2b0b36935bb8d49213bb743cb0137a3cc42db8282d6d45969b42b1093e99a-updateinfo.xml.zck: [Errno 14] HTTP Error 403 - Forbidden
Trying other mirror.
To address this issue please refer to the below knowledge base article

https://access.redhat.com/solutions/69319

If above article doesn't help to resolve this issue please create a bug on https://bugs.centos.org/

It has been fixed in 3.3, see the bug at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928270

Could you update it to 3.3?

Since 3.3 is not in ubuntu bonic, can you change the base image to debian buster(and add buster-backports repo)?
https://packages.ubuntu.com/search?keywords=apt-cacher-ng
https://packages.debian.org/search?keywords=apt-cacher-ng

sameersbn / docker-apt-cacher-ng Goto Github PK

docker-apt-cacher-ng's People

Contributors

Stargazers

Watchers

Forkers

docker-apt-cacher-ng's Issues

Recommend Projects

Recommend Topics

Recommend Org