Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
On My Wishlist - Caching Proxy Option for Downloading Updates
« previous
next »
Print
Pages: [
1
]
Author
Topic: On My Wishlist - Caching Proxy Option for Downloading Updates (Read 2436 times)
abalsam
Newbie
Posts: 21
Karma: 0
On My Wishlist - Caching Proxy Option for Downloading Updates
«
on:
November 06, 2016, 05:21:53 pm »
I have found OPNSense to be a full featured, well documented and easy to use solution that can have a small memory/processor footprint (depending on what features are actively in use). I am therefore using it as my standard firewall not only for my home but also for my test labs. This means that when all of my labs are running, I have 10 to 20 OPNSense VMs running at once. When a series of patches are then released, I have to go through the update process on all of the instances. Since, at the end of the update process the downloaded files are deleted and I am unable to find a way to point to a dedicated caching proxy where the update files can be downloaded again locally, the same files need to be downloaded from the internet again and again (consuming bandwidth).
I was wondering if there are any plans to support configuring a dedicated caching proxy for updates only. Alternatively, is there a way to download and centrally maintain update files for select platforms (similar to what Ubuntu offers) so that I could have an internal mirror I could point my VMs to?
Thanks
Logged
fabian
Hero Member
Posts: 2410
Karma: 169
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: On My Wishlist - Caching Proxy Option for Downloading Updates
«
Reply #1 on:
November 06, 2016, 07:16:01 pm »
You should use an internal mirror for that - for example you can mirror
https://pkg.opnsense.org/
and make it available via a webserver (for example: nginx) by setting the webroot to your mirror directory. On the firmware page you will have to add the address of your mirror.
Note: you do not have to mirror all directories (for example you can omit i386 if you are not using it)
Franco may also have a working rsync command you can use to mirror the files.
Kind regards
Fabian
Logged
franco
Administrator
Hero Member
Posts: 9902
Karma: 723
Re: On My Wishlist - Caching Proxy Option for Downloading Updates
«
Reply #2 on:
November 07, 2016, 07:32:12 am »
Please don't mirror the main server... use one of
https://opnsense.org/download/
Use e.g. one of the LeaseWeb servers around the world and sync the main directory:
http://mirror.sfo12.us.leaseweb.net/opnsense/
You only need an HTTP host (all updates are signed) to publish your changes internally, then go to System: Firmware: Updates and change mirror to "(other)" and put your own URL in there (it can be an internal one, even DNS if the firewall can resolve it).
Cheers,
Franco
Logged
abalsam
Newbie
Posts: 21
Karma: 0
Re: On My Wishlist - Caching Proxy Option for Downloading Updates
«
Reply #3 on:
November 07, 2016, 05:20:03 pm »
When I reviewed the content of the mirror, it looks like some of the same packages are present in multiple locations (which implies symlinks on the source). If I just did a sync of the entire mirror, I am afraid I would be copying more than I would need to. Is there a document that I can refer to that would tell me how to set up a local mirror?
Thanks
Logged
franco
Administrator
Hero Member
Posts: 9902
Karma: 723
Re: On My Wishlist - Caching Proxy Option for Downloading Updates
«
Reply #4 on:
November 07, 2016, 07:46:40 pm »
LeaseWeb supports rsync, it's really simple
https://mirror.de.leaseweb.net/
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.1 Legacy Series
»
On My Wishlist - Caching Proxy Option for Downloading Updates
