May 18, 2018

Caching Ubuntu updates using Squid

Using Squid Deb Proxy to cache updates and save bandwidth.


  • VM or bare metal machine running Ubuntu 16.04 server
  • Bridged or exposed IP for VM to talk to clients using AVAHI/broadcast
    NOTE: By default deb proxy uses a 40gb allocation on /, for this setup I've increased the VM to a 50gb / disk.


# Update APT sources
sudo apt update && \
# Install squid deb server and client
sudo apt install -y squid-deb-proxy squid-deb-proxy-client


Allow your ipv6/v4 local ranges

sudo nano /etc/squid-deb-proxy/allowed-networks-src.acl.d/10-default
Edit to match local network private addresses: 192.168.X.X/24, 10.0.0.X, etc.

Add additonal package sources

Edit list of cached source locations:
sudo nano /etc/squid-deb-proxy/mirror-dstdomain.acl.d/10-default
If you don't add all your sources, you may see 403 forbidden when clients try to apt update.

URL matching for Launchpad PPA:


Client Installation

sudo apt update && \
sudo apt install -y squid-deb-proxy-client

Test updates while watching log

sudo apt update && sudo apt upgrade

Verify cache

On the server, watch the squid log to check if clients are hitting cache:
tail -F /var/log/squid-deb-proxy/access.log

You should see requests in the server access.log, everytime you see HIT your cache is serving file requests!