Cacher (Apt-cacher-ng): issues with fedora updates

User Support
,
69

I’m having issues with the fedora-cisco-openh264 repository in particular and have read through everything I could find related to that repo, mirrors, apt-cacher-ng, 403 errors, curl 18 errors, etc. and this thread. I thought I’d try to summarize everything to try to centralize troubleshooting steps.

  1. Make sure the Fedora TemplateVM can update outside of cacher/apt-cacher-ng before complicating things.
    • From Dom0, inspect
      • The Fedora TemplateVM’s tags via qvm-tags <TemplateVM name> to ensure it doesn’t have any tags that might interfere with Updates.Proxy routing
      • Dom0’s /etc/qubes/policy.d/50-config-updates.policy and /etc/qubes/policy.d/30-user.policy (if it exists) to ensure the Fedora TemplateVM is set to update through a known-working Update qube and not cacher (yet).
    • From the Fedora TemplateVM,
      • Make sure the repos start with https:// and not the cacher proxy prefix of http://HTTPS/// via sed -i 's^http://HTTPS///^https://^' /etc/yum.repos.d/*
      • Attempt to update via dnf update to verify functionality. If it doesn’t, troubleshoot and resolve those issues before proceeding.
  2. Make sure the template-cacher TemplateVM is healthy
    • Complete the steps above for the template-cacher TemplateVM and monitor for and resolve any issues during apt update like missing or damaged packages.
    • Shutdown template-cacher; also shutdown cacher, if it was running, to ensure any changes propagate down to it.
  3. Configure the Fedora TemplateVM’s repos for cacher’s proxy prefix via sed -i 's|https://|http://HTTPS///|' /etc/yum.repos.d/*
  4. Prepare cacher for Fedora updates and troubleshooting
    • Clear the logs via rm -r /var/log/apt-cacher-ng/*
    • Clear the cache via rm -r /var/cache/apt-cacher-ng/*
    • Modify the following properties in /etc/apt-cacher-ng/acng.conf
      • VfilePatternEx: .*fedora.*updateinfo.*xml.zck$|^/\?release=[0-9]+&arch=.*|.*/RPM-GPG-KEY.*|.*\?repo=fedora|.*pkg.tar.zst.sig
      • DontCache: .*fedora.*updates.*updateinfo.xml.zck .*fedora.*repomd.xml
    • Restart the apt-cacher-ng service via systemctl restart apt-cacher-ng
  5. Attempt to update the Fedora TemplateVM via dnf update to verify functionality. If it doesn’t, troubleshoot and resolve those issues.

I’m not very clear on:

  • When to modify /etc/apt-cacher-ng/fedora_mirrors_extra and the expected syntax
  • The appropriate syntax for metalink or baseurl in the /etc/yum.repos.d/ repo files.

Hope I got this right and helps move us all toward speedy resolutions!

1 Like