Setup Squid Deb Proxy

You may find yourself in a situation where you need to cache, but not mirror, Apt packages on your network. To do this, you have two main options: apt-cacher-ng or squid-deb-proxy. I have tried both and found that squid-deb-proxy works better for me; it is easier to set up, and it handles concurrent connections better, such as when updating many machines on the network at the same time.

To install:

sudo apt install squid-deb-proxy
sudo ufw allow 8000/tcp # if using ufw

Edit /etc/squid-deb-proxy/squid-deb-proxy.conf to have the following, so each source doesn’t have to be listed on each client machine:

# allow access only to official archive mirrors
# uncomment the third and fouth line to permit any unlisted domain
http_access allow to_archive_mirrors
http_access allow !to_archive_mirrors # commented by default

# don't cache domains not listed in the mirrors file
# uncomment the third and fourth line to cache any unlisted domains
cache allow to_archive_mirrors
cache allow !to_archive_mirrors # commented by default

Next, run the following on your client machines:

cat <<EOT | sudo tee /etc/apt/apt.conf.d/02cache
Acquire::http::Proxy "http://<hostname_of_squid_deb_proxy>:8000";
Acquire::https::Proxy "http://<hostname_of_squid_deb_proxy>:8000";
EOT

Finally, on one client machine, try running sudo apt update && sudo apt upgrade. It will take the usual amount of time the first time you use the cache, as the cache still needs to pull packages from upstream, but for other machines the cache will serve package upgrades that it has seen before directly from its cache, saving time and data usage.