Using Squid as a maven repository

apache-2.2mavensquid

Does someone know how to use Squid to proxify maven repositories ?

What are the configuration files for that ?

The main problem is that maven client issue HTTP request with headers which control the cache behavior (and I want to bypass that).

Here is a typical request :

GET /maven/proxy/jboss-public/org/richfaces/richfaces-bom/4.2.0.Final/richfaces-bom-4.2.0.Final.pom HTTP/1.1
Cache-control: no-cache
Cache-store: no-store
Pragma: no-cache
Expires: 0
Accept-Encoding: gzip
User-Agent: Apache-Maven/3.0.4 (Java 1.6.0_26; Linux 2.6.32-38-generic)
Host: 192.168.2.171
Connection: Keep-Alive

I'm already using Apache HTTPD (and disk_cache proxy_http modules enabled) for that, but I'm creating a mirror, not a proxy.

Here is the configuration (based on that site) :

<Proxy *>
Order deny,allow 
Allow from all 
</Proxy>

# central 
ProxyPass /maven/proxy/central http://repo1.maven.org/maven2
ProxyPassReverse /maven/proxy/central http://repo1.maven.org/maven2
CacheEnable disk /maven/proxy/central

# jboss-public-repository-group 
ProxyPass /maven/proxy/jboss-public http://repository.jboss.org/nexus/content/groups/public
ProxyPassReverse /maven/proxy/jboss-public http://repository.jboss.org/nexus/content/groups/public
ProxyPassReverseCookiePath /nexus /maven/proxy/jboss-public
CacheEnable disk /maven/proxy/jboss-public

# codehaus
ProxyPass /maven/proxy/codehaus http://repository.codehaus.org/
ProxyPassReverse /maven/proxy/codehaus http://repository.codehaus.org/
CacheEnable disk /maven/proxy/codehaus

CacheDirLength 2
CacheDirLevels 3

# Override default cache expiration and control 
CacheDefaultExpire 2419200
CacheMaxExpire 2419200

# Ignore requests to not serve from cache. Maven data never changes. 
CacheIgnoreCacheControl On
CacheIgnoreNoLastMod On
CacheStoreNoStore On

# Default max file size is 64K. Set to 1GB. 
CacheMaxFileSize 1073741824

Best Answer

I would recommend using a proper repository like Nexus which will enable much more flexibility such as combining central maven with your own local artifact into one repository, caching of artifacts downloaded from central upon first request (so you don't need to host all artifacts, only those you need), protects you from artifacts deletion in central (think NPM leftpad fiasco), enables you to prevent usage of certain artifacts (say there is a broken artifact that has a security flaw, you can block all users from using it).

And, above all that, your users don't have to waste time setting up proxy configurations for Maven/Gradle/etc. which can be tricky at times...

But if you must do it in Squid:

Put allowed domains in /etc/squid/mavendomains.list.

In squid.conf (or if you have include files...):

acl maven-domains dstdomain "/etc/squid/mavendomains.list"
acl allowed-networks src x.x.x.x/x
http_access allow allowed-networks maven-domains
Related Topic