Since you did not identify the root cause of the issue this is almost
useless, and of little help to other users.
You did not say, (and no one asked), what qube you were using to update.
You could get this information from /etc/qubes/policy/30-user.policy,
/etc/qubes/policy/90-default.policy, and /etc/qubes-rpc/policy/qubes.UpdatesProxy
You did say that you had a template-cacher
You did not say if you had a cacher qube.
The error message you reported is inconsistent with use of cacher,
since it references https access to the repositories.
As explained in the “info” for cacher, it cannot use https access, and
has to rewrite this to http://HTTPS/// - this is because https access
means that the traffic is encrypted when it reaches the caching proxy
and so cannot be dealt with.
If you were using cacher, then you would have seen a different error
message, relating to use of https repositories.
If you were using cacher, then (since other templates seemingly worked fine),
when you changed the update proxy those other templates would have
stopped working. This is because they would have repo definitions that
used http://HTTPS/// and other proxies would not know what to do with that*.
To summarise:
We don’t know what proxy you were using.
We don’t know what templates you were able to update.
We don’t know what caused the problem.
The problem was resolved by changing the update proxy to either sys-net or
sys-firewall, but we don’t know which, or what template that qube
used.
What is mysterious to me is why @fsflover liked this post, especially when we now know that the user choose one post as a solution and then finally explained that he actually used tips from another.
I was unable to update Fedora templates when using sys-whonix as update proxy.
I decided to change the update proxy used by templates.
I did this by:
deleting /etc/qubes-rpc/policy/qubes.UpdatesProxy
copying the config file from /etc/qubes/policy.d/90-default.policy to /etc/qubes/policy.d/30-user.policy
editing /etc/qubes/policy.d/30-user.policy to show:
`qubes.UpdatesProxy * @type:TemplateVM @default allow target=sys-firewall
Step 2 is unnecessary, and makes it more difficult to see what user
changes have been made.
You could have simply copied the qubes.UpdatesProxy lines from
90-default.policy to 30-user.policy, and edited them to show:
As a “solution” this is like taking your Tesla in to the garage
with a problem and leaving with an Impala.
Or perhaps, taking your laptop in because you are having problems with
Qubes, and leaving with a shiny installation of Windows 11.
But you said -
all the templates were failing to update until I deleted qubes.UpdatesProxy and copied the config file from
90-default.policy and pasted it into /etc/qubes/policy/30-user.policy
Since the qubes.UpdatesProxy lines have been in 90-default.policy since
creation of that file, either you removed them from there, or you
removed them from 30-user.policy.
Either way, this is another important detail that you missed out.