Serving an Arch Linux Package Cache with Caddy

Introduction

A guide for the intermediate to advanced Arch Linux user. In this post, we will be sharing a local repository on the system with other systems using the Caddy server, a simple-to-use web server that can also serve as a reverse proxy. I use the aurutils AUR helper, which requires the setup and use of a custom repository on the local system. By having a setup like this, we can download and build packages from the AUR on one system and then have them accessible on other Arch-based systems, eliminating the need for us to perform any duplicate work.

Scope of this article

I won’t go into setting up the server machine itself because it is outside the scope of this article. Consult your distro’s guide on setting up your machine.

Setup

What you’ll need:

Basic networking knowledge
Basic command-line skills
An unused network port on your system. In this case, we will be running this example on port 8080
A custom repository set up on your local system

repository: a directory with a db.tar.xz file and the associated package tarballs

Install caddy server on your system

To install the server on Arch, use the following command:

sudo pacman -S caddy

Create the repository

Follow the instructions on the Arch Wiki to create a repository with its package tarballs.

It also helps to name the directory the same thing you would name the repository on pacman.conf.

Configure the server

Add this code snippet to either /etc/caddy/Caddyfile or /etc/caddy/conf.d/pkgserver

webserver_address {
  root * /var/cache/pacman
  file_server
}

I use this specific path, because with multiple custom repositories, I can use a trick which we will see later to make configuration simple

Replace /path/to/pacman_cache to the parent directory of the repository you just made. On Arch Linux and several other distributions, the caddy server runs under the caddy user. If caddy can’t read the directory and files within, it will return an HTTP 403 error. To make sure everything runs correctly, make sure that the caddy user can read the files.

(Optional) Open the port on the firewall

Dont’ forget to expose this to the appropriate networks if this server is firewalled. In my case, I am running with firewalld so in each zone, I need to run the following command:

firewall-cmd --permanent --zone <zone> --add-port=8080/tcp

Edit /etc/pacman.conf

[custom]
# Change below option as required
SigLevel = Optional TrustedOnly
Server = http://host-of-server:8080/$repo

For more information about how to set up a caddy server, visit the caddy documentation.

Introduction¶

Scope of this article¶

Setup¶

Install caddy server on your system¶

Create the repository¶

Configure the server¶

(Optional) Open the port on the firewall¶

Edit /etc/pacman.conf¶