apologizes for the verbose test, but after some tests, I have found below issues that I would to report to improve the service.
I have also opened this other, to discuss about the cache behaviour here
After following the detailed setup of How to cache snap downloads and save bandwidth I found the following issues:
-
the snap-proxy.conf file suggested as part of the deploy, is not read due to the lack of include and due to the fact that if you load the URLs described there, always replied with not-found.
-
If you include the setup suggested to be in snap-prxy.conf in nginx.conf, the code suggested:
# Requires ngx_http_substitutions_filter_module that comes with nginx-extras in Debian/Ubuntu. subs_filter_types application/json; subs_filter https://api.snapcraft.io/api/v1/snaps/download/ https://snaps.goiba.net/api/v1/snaps/download/;
generates errors as follows:
nginx: [emerg] unknown directive “subs_filter_types”
I have installed manually the required packages suggested nginx-extra, despite it does not really contain the module, as well as libnginx-mod-http-subs-filter which is the real package that includes the module but I cannot find the way to load the module in the snap-proxy nginx
(I also tried including it manually by adding an include line with the module but then there is a mismatch in version between snap-nginx and the module installed).
The system nginx load the right module:
╰─○ /usr/sbin/nginx -V 2>&1 | tr ' ' '\n' | grep -i sub
--with-http_sub_module
but the module does not appear in the proxy nginx:
╰─○ /snap/snap-store-proxy/78/usr/bin/nginx -V 2>&1 | tr ’ ’ ‘\n’ | grep -i sub
Now couple of solutions to other issues:
- Another issue is the “Internal” dicrective, which looks has an issue with the capital I letter:
location @handle_cdn { Internal;
it shows the error:
nginx: [emerg] unknown directive “Internal”
Solution, change it without capital letter (internal)
- when the nginx service is running (without the snap-proxy.conf), you always see the below 3 errors:
snap-store-proxy.nginx[8645]: nginx: [alert] could not open error log file: open() “/var/log/nginx/error.log” failed (13: Permission denied)
and in system logs:
apparmor="DENIED" operation="open" profile="snap.snap-store-proxy.snaprevs" name="/etc/gss/mech.d/" pid=27380 comm="python3"
apparmor="DENIED" operation="capable" profile="snap.snap-store-proxy.nginx" pid=30844 comm="nginx" capability=6 capname="setgid"
That I have managed to solve by adding the following code in apparmour and restarting the service:
under /var/lib/snapd/apparmor/profiles/snap.snap-store-proxy.nginx
/var/log/nginx/* w,
/etc/gss/mech.d/* w,
capability setgid,
- Snap proxy services are not enable and some not stated…
Status just after finish the setup:
snap services snap-store-proxy
Service Startup Current Notes
snap-store-proxy.memcached disabled active -
snap-store-proxy.nginx enabled active -
snap-store-proxy.snapassert disabled inactive -
snap-store-proxy.snapauth disabled active -
snap-store-proxy.snapdevicegw disabled active -
snap-store-proxy.snapident disabled inactive -
snap-store-proxy.snapproxy disabled active -
snap-store-proxy.snaprevs disabled active -
Run this command to start and enabled the services.
╰─○ for i in `snap services snap-store-proxy snap-store-proxy.nginx | awk '{print $1}'`; do snap start --enable $i; done
Started.
Started.
Started.
Started.
Started.
Started.
Started.
Started.
any suggestion how to load the setup suggested the documentation included in snap-proxy.conf ?
OS is Ubuntu 20.4
Latest snap and proxy packages are installed and updated.
Packages:
snapd 2.51.1+18.04
╰─○ snap-proxy status
Store ID: BlabLaBLabLAblaBlaBLAbLa
Status: pending
Connected Devices (updated daily): 0
Device Limit: None
Internal Service Status:
memcached: running
nginx: running
snapauth: running
snapdevicegw: running
snapdevicegw-local: running
snapproxy: running
snaprevs: running