I’ve setup a squid proxy for caching of install rpms for an entire LAN; I’m not interested in setting up / maintaining a local repo mirror.
The goal is to allow each machine on the LAN to independently exec zypper (up, dup, ref, etc), getting fresh/relevant metadata for its local state, and, at .rpm install, to check/use the central, squid cache for rpm source 1st, then check/dl from network as required.
Each machine has its own mix of repos – official distribution, official updates, 3rd party (devel, home:, local).
.rpm DLs are large, !.rpm (meta)data are small. Some sources are static (release/distro), and some are dynamic & frequently changing.
Different sources have different URL naming conventions, and, afaict, there’s no consistent indication that a source is dynamic, or not.
To maximize both caching and data freshness, I’ve configured the following cache policy in /etc/squid/squid.conf:
acl zypp url_regex repodata/.*\.xml
acl zypp url_regex repodata/.*\.xml\.asc
acl zypp url_regex repodata/.*\.xml\.key
acl zypp url_regex setup/descr/packages.*\.gz
cache deny zypp
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320
With that simple policy in place, and staring at logs for awhile, I think I successfully
(1) cache static metadata
(2) never cache dynamic metadata
(3) cache RPMs
Given the range of sources in d.o.o & packman, does that policy appear correct, and not overly aggressive, missing needed updates?
To keep zypper effective “through” this LAN cache, is there additional/different config that’s recommended?