Using an apt cache will greatly improve build speed when building several times in a row (e.g. when debugging, during development). {{project_name_short}} build script sets up an apt cache by default.
If you are interested in a torified apt-cacher-ng or host apt-cacher-ng, click on Expand on the right.
{{Box|text=
'''torified apt-cacher-ng'''
{{Box|text=
Notes:
* The following torified apt-cacher-ng setup only has to be applied, if you are building using onion apt sources using
--connection onion
.
* When building inside {{project_name_workstation_long}}, this is not required.
{{mbox
| image = [[File:Ambox_warning_pn.svg.png|40px]]
| text =
Note, this neither torifies all of the build script's connections nor hides Tor from your ISP! See [[Dev/Build Anonymity|Build Anonymity]].
}}
The goal of this is to torify
apt-cacher-ng
using
torsocks
so it will be able to connect to onions.
'''Note:'''
This is currently broken. No fix available. [[Undocumented]].
'''1.''' Install
apt-cacher-ng
,
torsocks
and
tor
.
sudo apt install apt-cacher-ng torsocks tor
'''2.''' Create folder apt-cacher-ng systemd drop-in folder
/lib/systemd/system/apt-cacher-ng.service.d
.
sudo mkdir -p /lib/systemd/system/apt-cacher-ng.service.d
'''3.''' {{Open with root rights|
filename=/lib/systemd/system/apt-cacher-ng.service.d/50_user.conf
}}
'''4.''' Add.
[
* The first {{CodeSelect|code=ExecStart=|inline=true}} is to disable the default ]ExecStart
in /lib/systemd/system/apt-cacher-ng.service
.
* This is based on {{CodeSelect|code=/lib/systemd/system/apt-cacher-ng.service|inline=true}}.
* Only {{CodeSelect|code=torsocks|inline=true}} is prepended in front of {{CodeSelect|code=/usr/sbin/apt-cacher-ng|inline=true}}
* No other changes.
{{CodeSelect|code=
[Service]
ExecStart=
ExecStart=torsocks /usr/sbin/apt-cacher-ng SocketPath=/run/apt-cacher-ng/socket -c /etc/apt-cacher-ng ForeGround=1
}}
'''5.''' Save.
'''6.''' Reload systemd.
{{CodeSelect|code=
sudo systemctl daemon-reload
}}
'''7.''' Restart apt-cacher-ng.
{{CodeSelect|code=
sudo systemctl restart apt-cacher-ng
}}
'''8.''' Done.
The process of torification of apt-cacher-ng has been completed.
'''9.''' Broken!
{{CodeSelect|code=/etc/tor/torsocks.conf}} add:
{{CodeSelect|code=
AllowInbound 1
AllowOutboundLocalhost 1
}}
But this is also insufficient.
{{CodeSelect|code=sudo journalctl -f -u apt-cacher-ng}}
shows errors:
WARNING torsocks[17645]: Config file not found: /etc/tor/torsocks.conf. Using default for Tor (in config_file_read() at config-file.c:583)
Couldn't listen on socket: Operation not permitted
Error creating socket: Function not implemented
No fix available. Help welcome.
}}
}}
{{Box|text=
'''host apt-cacher-ng'''
This is probably only useful for developers. Most users will not need the complexity of an apt-cacher-ng running outside of the VM which runs derivative-maker or on another computer.
{{Box|text=
Be sure to have a firewall, so the whole internet cannot use the apt-cacher-ng service.
When building inside a non-Whonix VM, an apt cache can be used on the host. In that case, adjust the IP accordingly and manually test that it is reachable. When building inside a ({{project_name_short}}) VM, just install the apt cache inside the VM and point to a localhost apt cache.
Prepend
REPO_PROXY=http://127.0.0.1:3142
before the build command.
Replace the IP
127.0.0.1
with the IP address of your host. For security reasons, this should only be done over LAN and not over the internet.
sudo REPO_PROXY=http://127.0.0.1:3142 ./derivative-maker ...
}}
}}