Linux Featured

Build and Run Apt-Cacher-NG Proxy in a Docker Container

Speed up Your Network With This Caching Server

Nizar Jailane

Jul 4, 2021 • 4 min read

Contain It!

Apt-Cacher-NG is a write-through caching proxy that caches apt repositories metadata and packages for other hosts connected to it, the proxy is mostly used on the same network of the hosts to speed things up.

In this post, we will be building the Docker image and running the apt-cacher-ng server along with configuring the clients to use it as their apt caching proxy.

🌐

You can find the source code at the end of the post.

Requirements

Docker
Docker Compose
A text editor of your choice

Do We Need a Proxy?

The main use case is having multiple machines running systems that use apt as their package manager, where you want to speed up the process of updating and upgrading metadata and packages.

Why Use It Inside a Docker Container?

Mainly for the idea of isolating the host from the apps running on it and the ease of management of those apps, Docker fits perfectly for this.

Setup Dockerfile

In order to run the proxy in a Docker container, we need first to create a Dockerfile for it.

Let's start by creating a directory for the Docker file:

mkdir custom-apt-cacher-ng

Get into the directory and create the file:

cd custom-apt-cacher-ng && touch Dockerfile

Paste the following content into it:

FROM ubuntu:21.04

# Expose the cache directory for volume binding
VOLUME ["/var/cache/apt-cacher-ng"]

# Update apt-get cache
RUN apt-get update -y && \
        # Install apt-cacher-ng package
        apt-get install apt-cacher-ng -y && \
        # Clean up
        rm -rf /var/lib/apt/lists/*

# Expose the apt-cacher-ng port to be binded
EXPOSE 3142

# Set cache directory permissions
CMD chmod 777 /var/cache/apt-cacher-ng && \
        # Append PassThroughPattern config for SSL/TLS proxying (optional)
        echo "PassThroughPattern: .*" >> /etc/apt-cacher-ng/acng.conf && \
        # Start the service
        /etc/init.d/apt-cacher-ng start && \
        # Output all logs of apt-cacher-ng
        tail -f /var/log/apt-cacher-ng/*

Dockerfile

Dockerfile Breakdown

Let's explain this Dockerfile, we see that we are based on a stable version of Ubuntu with version 21.04 and, exposing the caching directory to be used for persistence, and running the main command which is installing the apt-cacher-ng package itself, then exposing the port the package uses, and finally, we are setting up permissions and appending the PassThroughPattern (we will get to this below) before starting the service.

What is PassThroughPattern?

This config allows us to proxy/tunnel everything including the secured repositories via SSL/TLS throw the apt-cacher-ng server, keep in mind that it will not cache the secured ones since the traffic is encrypted.

Setup Docker Compose file

Let's set up the Docker Compose file, now this is an optional part but it's very recommended.

Create the file in the same root directory:

touch docker-compose.yml

Paste the following content into it:

version: "3"

services:
  app:
    build: .
    image: custom-apt-cacher-ng
    container_name: apt-cacher-ng
    restart: unless-stopped
    ports:
      # To connect to apt-cacher-ng from outside of local host, change 127.0.0.1 to 0.0.0.0 or whatever interface you want
      - 127.0.0.1:3142:3142
    volumes:
      - ./cache:/var/cache/apt-cacher-ng

docker-compose.yml

This Docker Compose file will expose the 3142 port (feel free to change it to whatever you want) and bind the local directory cache in the host for the apt-cacher-ng caching directory.

Start and Verification

We can start the proxy in two ways, Docker or Docker Compose, we will cover both of them below.

The Docker way

Build the proxy image:

docker build -t custom-apt-cacher-ng .

Run an instance of that image in detached mode:

docker run -d -p 127.0.0.1:3142:3142 --name apt-cacher-ng custom-apt-cacher-ng

Now the container should be running, to verify run:

docker ps -a | grep "custom-apt-cacher-ng"

The Docker Compose way (recommended)

Build the proxy image:

docker-compose build

Run the service using:

docker-compose up -d

You can verify that the container is up using the same command as above.

We are done setting up the proxy, the next step will be setting up the clients to use the cache proxy.

Clients Setup

We can use the host where the server lives as a client for the proxy too, and that's what we will be doing here as a first step.

Create an apt proxy file:

sudo touch /etc/apt/apt.conf.d/01proxy

Paste the following in the proxy file

Acquire::http { Proxy "http://SERVER_IP:3142"; };

01proxy

Make sure to change the SERVER_IP before saving (It will be localhost or 127.0.0.1 in this client setup).

Now before we start installing packages with the proxy we need to reset the apt lists and cache.

Execute the following commands each at a time:

sudo apt-get clean
cd /var/lib/apt
sudo mv lists lists.bak # or delete it, preferred to keep a backup
sudo mkdir -p lists/partial
sudo apt-get clean
sudo apt-get update

That's it, we are done setting up the server and the client for the proxying process.

Setup Verification

Let's verify that the setup is working via a simple sudo apt-get update, then head to http://localhost:3142/acng-report.html and we should see some content being downloaded and cached for the next requests.

Conclusion

We just set up the apt proxy using either Docker or Docker Compose with ease, and we tested the setup using the local host.

As always, I hope you learned something.

Found this useful? feel free to share it with your friends.

Join the newsletter from here to notify you of new posts and updates.

Like the post? consider buying us a coffee ❤️.

Table of contents