apt-proxy is a program that caches the packages you download from the Internet, to your hard disk. Because apt-proxy behaves as if it were a HTTP server with a full copy of the repositories you select, you can access the packages from other computers on your network. If a package is not in the cache, apt-proxy automatically downloads and caches it. This can significantly decrease download bandwidth and installation time when you have to install the same packages repeatedly (i.e. an upgrade of multiple machines).


apt-proxy is available from the Universe archive. To install it, run this command from a terminal:

sudo apt-get install apt-proxy

Configuring apt-proxy Server

Default settings

You should change the default port to 9998 instead of 9999 while bug 154494 isn`t fixed in order to apt-proxy to work.

The first section of the apt-proxy configuration file, located at /etc/apt-proxy/apt-proxy-v2.conf, contains the default settings for the apt-proxy and its cache.

The first step is to check the address parameter to the IP of your apt-proxy server in the internal network. If it is commented out, apt-proxy will listen on all the IP addresses of your server. The port parameter specifies the port apt-proxy listens on for requests and defaults to 9999, which is generally a good value to use.

If you wish to change the directory that apt-proxy stores its cached packages, change the cache_dir parameter. The cache directory defaults to /var/cache/apt-proxy.

If you are using a web proxy server (such as Squid), you can configure apt-proxy to be aware of it with http_proxy = proxy_server:port. If you are behind a firewall you may experience problems with active FTP connections when trying to connect to a FTP backend. passive_ftp = on should solve this problem.

The other values control the time a package remains in the cache, how old a package must be at least before apt-proxy checks for newer versions or how often the cache is checked for old packages. They can safely be left on their default values.


apt-proxy has to know where to find remote repositories, which it refers to as backends. This is done via backend sections in /etc/apt-proxy/apt-proxy-v2.conf. A backend entry for Ubuntu may look like this:

;; Ubuntu archive
backends =

As you can see, it is possible to specify more than one server, separated by blank space. If the first server is down, apt-proxy tries to get the data from the second server and so on. Note: If the first server is up, but does not have a required file, apt-proxy will not fall back to a second server.You can also override values set in the [default-section. For instance, if you know that a special server takes very long to answer a request, you can increase the timeout value:

timeout = 60 ;wait 1 Minute
backends = prot://

A complete example apt-proxy-v2.conf may look like this:

;; All times are in seconds, but you can add a suffix
;; for minutes(m), hours(h) or days(d)

address =
port = 9999
cache_dir = /var/cache/apt-proxy

;; Control files (Packages/Sources/Contents) refresh rate
min_refresh_delay = 1s
complete_clientless_downloads = 1

;; Debugging settings.
debug = all:4 db:0

timeout = 30
passive_ftp = on

;; Cache housekeeping

cleanup_freq = 1d
max_age = 120d
max_versions = 3

;; Backend servers
;; Place each server in its own [section]

; Ubuntu archive
backends =

; Ubuntu security updates
backends =

backends =

; Backend servers, in order of preference
backends =

; Debian debian-non-US archive
backends =

; Debian security archive
backends =

; packages
backends =

; Apt-proxy new versions
backends =

Note that you don't specify versions of distributions in this file; by enabling Ubuntu, you gain the ability to proxy for all versions (Hoary, Breezy, Dapper etc). What is downloaded depends on what is configured in the sources.list file on each client.

Initializing apt-proxy

After changing the apt-proxy configuration file, restart apt-proxy and update the list by running the following:

$ sudo /etc/init.d/apt-proxy restart

Your apt-proxy is ready for use.

Importing apt Cache

Note: In the current version of apt-proxy in the repositories (1.9.33ubuntu1), this might not work correctly. This is a known bug. Regardless, attempting this should not negatively impact your system.

Packages already downloaded with apt-get, are cached in /var/cache/apt/archives. These packages can be imported into the apt-proxy cache with apt-proxy-import from the current package list. aptitude update should be run prior to apt-proxy-import to get a fresh list as follows:

$ sudo aptitude update
$ sudo apt-proxy-import -r /var/cache/apt/archives

Updating clients to use your proxy server

apt clients need the /etc/apt/sources.list file to be reconfigured to point to the new apt-proxy server instead of the outside world. Configuration of the sources.list file looks similar to the config for normal apt repositories with the exception that the backend section has to be appended to the path:

deb http://apt-proxy:port/backend dist component

Replace mentions of specific repository URL with references to your server and the backend for it; such as:

deb dapper main restricted
deb dapper-security main restricted universe

would become

deb http://server:9999/ubuntu dapper main restricted
deb http://server:9999/ubuntu-security dapper-security main restricted universe

A sources.list corresponding to the apt-proxy-v2.conf above may look like this:

# apt-proxy entries for standard modules
deb http://localhost:9999/ubuntu dapper main restricted universe multiverse
deb-src http://localhost:9999/ubuntu dapper main restricted universe multiverse

# apt-proxy entries for security patches
deb http://localhost:9999/ubuntu-security dapper-security main restricted universe multiverse
deb-src http://localhost:9999/ubuntu-security dapper-security main restricted universe multiverse


Problems with acquiring packages

In Dapper Drake, other Ubuntu computers connecting to the proxy may have problems receiving the file headers of the repository list. If this happens to you, on the computers connecting to the proxy, edit /etc/apt/apt.conf, with:

sudo nano /etc/apt/apt.conf

or your choice of text editor. It will likely be

Acquire::http::Proxy "false";

change this to

Acquire::Proxy "false";

and save, exit, and try updating the repositories file list again with

sudo apt-get update

or any other method that updates the repositories (such as Check in Update Manager or Reload in Synaptic). It should load correctly now.

Connection Refused

On some setups, the proxy is not available to external machines. The proxy works very well on localhost, but fails to cooperate with external machines.


AptProxy (last edited 2011-04-08 14:52:04 by D9784B24)