Skip to main content

PyPI caching mirror

Project description

proxpi

Build status codecov

PyPI caching mirror

  • Host a proxy PyPI mirror server with caching
    • Cache the index (project list and projects' file list)
    • Cache the project files
  • Support multiple indices
  • Set index cache times-to-live (individually for each index)
  • Set files cache max-size on disk
  • Manually invalidate index cache

See Alternatives.

Usage

Start server

Choose between running inside Docker container if you want to run in a known-working environment, or outside via a Python app (instructions here are for the Flask development server) if you want more control over the environment.

Docker

Uses a Gunicorn WSGI server

docker run -p 5000:5000 epicwink/proxpi

Without arguments, runs with 2 threads. If passing arguments, make sure to bind to an exported address (or all with 0.0.0.0) on port 5000 (ie --bind 0.0.0.0:5000).

Compose

Alternatively, use Docker Compose

docker compose up

Local

Install
pip install proxpi

Install coloredlogs as well to get coloured logging

Run server
FLASK_APP=proxpi.server flask run

See flask run --help for more information on address and port binding, and certificate specification to use HTTPS. Alternatively, bring your own WSGI server.

Use proxy

Use PIP's index-URL flag to install packages via the proxy

pip install --index-url http://127.0.0.1:5000/index/ simplejson

Cache invalidation

Either head to http://127.0.0.1:5000/ in the browser, or run:

curl -X DELETE http://127.0.0.1:5000/cache/simplejson
curl -X DELETE http://127.0.0.1:5000/cache/list

If you need to invalidate a locally cached file, restart the server: files should never change in a package index.

Environment variables

  • PROXPI_INDEX_URL: index URL, default: https://pypi.org/simple/
  • PROXPI_INDEX_TTL: index cache time-to-live in seconds, default: 30 minutes. Disable index-cache by setting this to 0
  • PROXPI_EXTRA_INDEX_URLS: extra index URLs (comma-separated)
  • PROXPI_EXTRA_INDEX_TTLS: corresponding extra index cache times-to-live in seconds (comma-separated), default: 3 minutes, cache disabled when 0
  • PROXPI_CACHE_SIZE: size of downloaded project files cache (bytes), default 5GB. Disable files-cache by setting this to 0
  • PROXPI_CACHE_DIR: downloaded project files cache directory path, default: a new temporary directory
  • PROXPI_BINARY_FILE_MIME_TYPE=1: force file-response content-type to "application/octet-stream" instead of letting Flask guess it. This may be needed if your package installer (eg Poetry) mishandles responses with declared encoding.
  • PROXPI_DISABLE_INDEX_SSL_VERIFICATION=1: don't verify any index SSL certificates
  • PROXPI_DOWNLOAD_TIMEOUT: time (in seconds) before proxpi will redirect to the proxied index server for file downloads instead of waiting for the download, default: 0.9
  • PROXPI_CONNECT_TIMEOUT: time (in seconds) proxpi will wait for a socket to connect to the index server before requests raises a ConnectTimeout error to prevent indefinite blocking, default: none, or 3.1 if read-timeout provided
  • PROXPI_READ_TIMEOUT: time (in seconds) proxpi will wait for chunks of data from the index server before requests raises a ReadTimeout error to prevent indefinite blocking, default: none, or 20 if connect-timeout provided

Considerations with CI

proxpi was designed with three goals (particularly for continuous integration (CI)):

  • to reduce load on PyPI package serving
  • to reduce pip install times
  • not require modification to the current workflow

Specifically, proxpi was designed to run for CI services such as Travis, Jenkins, GitLab CI, Azure Pipelines and GitHub Actions.

proxpi works by caching index requests (ie which versions, wheel-types, etc are available for a given project, the index cache) and the project files themselves (to a local directory, the package cache). This means they will cache identical requests after the first request, and will be useless for just one pip install.

Cache persistence

As a basic end-user of these services, for at least most of these services you won't be able to keep a proxpi server running between multiple invocations of your project(s) CI pipeline: CI invocations are designed to be independent. This means the best that you can do is start the cache for just the current job.

A more advanced user of these CI services can bring their own runner (personally, my needs are for running GitLab CI). This means you can run proxpi on a fully-controlled server (eg EC2 instance), and proxy PyPI requests (during a pip command) through the local cache. See the instructions below.

Hopefully, in the future these CI services will all implement their own transparent caching for PyPI. For example, Azure already has Azure Artifacts which provides much more functionality than proxpi, but won't reduce pip install times for CI services not using Azure.

GitLab CI instructions

This implementation leverages the index URL configurable of pip and Docker networks. This is to be run on a server you have console access to.

  1. Create a Docker bridge network

    docker network create gitlab-runner-network
    
  2. Start a GitLab CI Docker runner using their documentation

  3. Run the proxpi Docker container

    docker run \
      --detach \
      --network gitlab-runner-network \
      --volume proxpi-cache:/var/cache/proxpi \
      --env PROXPI_CACHE_DIR=/var/cache/proxpi \
      --name proxpi epicwink/proxpi:latest
    

    You don't need to expose a port (the -p flag) as we'll be using an internal Docker network.

  4. Set pip's index URL to the proxpi server by setting it in the runner environment. Set runners[0].docker.network_mode to gitlab-runner-network. Add PIP_INDEX_URL=http://proxpi:5000/index/ and PIP_TRUSTED_HOST=proxpi to runners.environment in the GitLab CI runner configuration TOML. For example, you may end up with the following configuration:

    [[runners]]
      name = "awesome-ci-01"
      url = "https://gitlab.com/"
      token = "SECRET"
      executor = "docker"
      environment = [
        "DOCKER_TLS_CERTDIR=/certs",
        "PIP_INDEX_URL=http://proxpi:5000/index/",
        "PIP_TRUSTED_HOST=proxpi",
      ]
    
    [[runners.docker]]
      network_mode = "gitlab-runner-network"
      ...
    

This is designed to not require any changes to the GitLab CI project configuration (ie gitlab-ci.yml), unless it already sets the index URL for some reason (if that's the case, you're probably already using a cache).

Another option is to set up a proxy, but that's more effort than the above method.

Alternatives

  • simpleindex: routes URLs to multiple indices (including PyPI), supports local (or S3 with a plygin) directory of packages, no caching without custom plugins

  • bandersnatch: mirrors one index (eg PyPI), storing packages locally, or on S3 with a plugin. Manual update, no proxy

  • devpi: heavyweight, runs a full index (or multiple) in addition to mirroring (in place of proxying), supports proxying (with inheritance), supports package upload, server replication and fail-over

  • pypiserver: serves local directory of packages, proxy to PyPI when not-found, supports package upload, no caching

  • PyPI Cloud: serves local or cloud-storage directory of packages, with redirecting/cached proxying to indexes, authentication and authorisation.

  • pypiprivate: serves local (or S3-hosted) directory of packages, no proxy to package indices (including PyPI)

  • Pulp: generic content repository, can host multiple ecosystems' packages. Python package index plugin supports local/S3 mirrors, package upload, proxying to multiple indices, no caching

  • pip2pi: manual syncing of specific packages, no proxy

  • nginx_pypi_cache: caching proxy using nginx, single index

  • Flask-Pypi-Proxy: unmaintained, no cache size limit, no caching index pages

  • http.server: standard-library, hosts directory exactly as laid out, no proxy to package indices (eg PyPI)

  • Apache with mod_rewrite: I'm not familiar with Apache, but it likely has the capability to proxy and cache (with eg mod_cache_disk)

  • Gemfury: hosted, managed. Private index is not free, documentation doesn't say anything about proxying

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

proxpi-1.2.0.tar.gz (49.7 kB view details)

Uploaded Source

Built Distribution

proxpi-1.2.0-py3-none-any.whl (17.7 kB view details)

Uploaded Python 3

File details

Details for the file proxpi-1.2.0.tar.gz.

File metadata

  • Download URL: proxpi-1.2.0.tar.gz
  • Upload date:
  • Size: 49.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/5.1.0 CPython/3.12.4

File hashes

Hashes for proxpi-1.2.0.tar.gz
Algorithm Hash digest
SHA256 ed9e0d74126b40af5c7786434cb4987e3b30e183678a8f61bd4a6d6a6533ae36
MD5 a43901da86a4f788b2ae5426ced3195e
BLAKE2b-256 a08b8aed4eaf60c0de00c3cb40a8ff3ffe16e8fe1b90e4a64dc1355a12a3978e

See more details on using hashes here.

File details

Details for the file proxpi-1.2.0-py3-none-any.whl.

File metadata

  • Download URL: proxpi-1.2.0-py3-none-any.whl
  • Upload date:
  • Size: 17.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/5.1.0 CPython/3.12.4

File hashes

Hashes for proxpi-1.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 a5f0e2034e0cce946d268d7c1b586b02494279c872a5e0347beed634179c6f5d
MD5 a7dc36868aed8a769c72acd0553c55ac
BLAKE2b-256 e5aa81986e8b2d3d95b53017c5425e9112b1e7c8b903d4ae54b0871806ebb79f

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page