pkg(5): Reverse proxying your depot with Apache HTTPD
As part of the changes to get Developer Preview 2 ready, we decided to rejigger the HTTP handling on pkg.opensolaris.org
so that we could have more options as more people attempt to use the early versions of image packaging. Previously, we ran pkg.depotd
directly on port 80, in its read-only mode; now we use Apache HTTPD to listen on port 80, and use mod_proxy
to proxy those incoming requests to a pkg.depotd
instance listening on a separate port. With a couple of different approaches
Proxying and rewriting is one of those endlessly fun activities that somehow actually ends up being productive. Last time, proxying fun led Steve and I to fiddling around such that we ended up with proxy and rewrite patterns to enable the country portals for opensolaris.org.
If you want to share the top-level component of your URL space, you’ll need to watch pkg
(5) developments, as you have to map the list of operations one-by-one—and I know there are some new operations forthcoming. That would involve adding something like the following to a VirtualHost directive in your Apache configuration.
ProxyRequests On Redirect /index.html http://pkg.opensolaris.org/status ProxyPass /abandon http://pkg.opensolaris.org:10000/abandon ProxyPass /add http://pkg.opensolaris.org:10000/add ProxyPass /catalog http://pkg.opensolaris.org:10000/catalog ProxyPass /close http://pkg.opensolaris.org:10000/close ProxyPass /feed http://pkg.opensolaris.org:10000/feed ProxyPass /file http://pkg.opensolaris.org:10000/file ProxyPass /filelist http://pkg.opensolaris.org:10000/filelist ProxyPass /manifest http://pkg.opensolaris.org:10000/manifest ProxyPass /open http://pkg.opensolaris.org:10000/open ProxyPass /search http://pkg.opensolaris.org:10000/search ProxyPass /versions http://pkg.opensolaris.org:10000/versions ProxyPass /css http://pkg.opensolaris.org:10000/css ProxyPass /logo http://pkg.opensolaris.org:10000/logo ProxyPass /icon http://pkg.opensolaris.org:10000/icon ProxyPass /status http://pkg.opensolaris.org:10000/
Configuring your server in this fashion allows you to mix an image packaging server in with your other site content. You can easily deliver static content alongside your depot, for example.
If you don’t mind pushing your package repository down one level in your URL space, then the above simplifies to
ProxyRequests On ProxyPass /pkg/ http://pkg.opensolaris.org:10000/
(which should be a hint on how to create a repository farm under a single URL). To use the latter, you would use pkg
(1)’s image-create
subcommand
$ pkg image-create -F -a mypkgs.com=http://www.myserver.com/pkg /path/to/image
to connect your image to your reverse-proxied packaging depot.
In the two examples above, you should of course replace machine names like pkg.opensolaris.org
and port numbers like 10000 with values appropriate to your own installation.
Happy proxied package serving!
Feel free to share your alternative configurations or approaches with other HTTP servers here, or on pkg-discuss@opensolaris.org
.
[ T: OpenSolaris Solaris pkg httpd ]