Hi folks. Qubes newbie here (qewbie?). I just built and installed the Arch Linux template. I’m able to install Arch software and updates in the template but I can’t get to the AUR. I assume the updates proxy is blocking me. Where/how do I tell it that aur.archlinux.org is okay?
Thanks.
Hi @moy,
welcome to the Qubes-OS world!
I don’t use AUR with my ArchLinux Qubes-OS VMs, but AUR uses makepkg, so I think that a good entry point is : Makepkg#Makepkg_fails_to_download_dependencies_when_behind_proxy
Thanks @ludovic. I’m still not able to get it working.
Attempt 1
I don’t really understand the proxy config, so I first tried the following in the arch template VM (getting the IP address from the updates-proxy doc):
XferCommand = /usr/bin/curl -x http://10.137.255.254:8082 -L -C - -f -o %o %u
But makepkg -si gives this error
curl: (7) Couldn't connect to server
It’s not timing out, it’s very quick, so that’s probably the wrong address for the proxy.
Attempt 2
I think the proxy service might be listening on 127.0.0.1:8082? That would make more sense since lo is the only interface in the template VM. So then I tried the following instead:
XferCommand = /usr/bin/curl -x http://127.0.0.1:8082 -L -C - -f -o %o %u
This time makepkg -si gets a little further. It’s able to download dependencies from the regular arch repos, but when it tries to download the source from github it’s not able to resolve github.com.
Attempt 3
The other suggestion on the makepkg doc is to use the env_keep option in /etc/sudoers. That doesn’t work either (same error resolving github.com).
Attempt 3.5
tinyproxy is not actually running in the template VM. I started it manually and retried attempts 2 and 3 above, and it still can’t resolve github.com.
Any other ideas? Thanks again.
@ludovic’s tip worked, with additions and full details below. Thanks again, @ludovic.
pacman.conf:sed -i 's/^#XferCommand.*curl.*/XferCommand = \/usr\/bin\/curl -x http:\/\/127.0.0.1:8082 -L -C - -f -o %o %u/' /etc/pacman.conf
makepkg.conf:sed -i 's/curl/curl -x 127.0.0.1:8082/' /etc/makepkg.conf
makepkg -si manually once you have the PKGBUILD for a package, but AUR-helpers like yay still won’t work because they don’t know about the proxy. I found pikaur to be the easiest AUR-helper to configure for use with a proxy. Get its PKGBUILD and install it with makepkg -si. Then the following config in ~/.config/pikaur.conf works (note: you need the blank sections too):[sync]
[build]
[review]
[colors]
[ui]
[misc]
[network]
aurhttpproxy = 127.0.0.1:8082
aurhttpsproxy = 127.0.0.1:8082
Alternate solution: change either the tinyproxy config or the iptables routing to send everything through the proxy, but of course that would defeat the purpose of this careful proxy construction (i.e. this: “This is meant to mitigate user errors (like using browser in the template), rather than some real isolation”).