How to setup local OPAM mirror

carlosdagos · January 7, 2020, 8:44am

I had a similar need and my solution to it might help you out. I didn’t create a local git repo within my org, instead I just use the provided repository by the default ocaml docker images, and I tweak them a bit to work for me. All builds I trigger at my job are airtight (ie they don’t reach out to the internet – at least not directly, more below). So I leveraged the following things:

An HTTP proxy that caches fetched artifacts (this is the only thing that can reach the internet), pointing only to opam.ocaml.org.
The OPAMFETCH environment variable. Which in the man page reads

OPAMFETCH specifies how to download files: either `wget', `curl' or a
custom command where variables %{url}%, %{out}%, %{retry}%,
%{compress}% and %{checksum}% will be replaced. Overrides the
'download-command' value from the main config file.

A custom script that uses my HTTP proxy instead of opam.ocaml.org, which I set to OPAMFETCH according to the docs. The checksum is in the form of something like md5=<md5sum>. So for example you can see the sha256 for merlin3.3.3 here:

github.com

ocaml/opam-repository/blob/master/packages/merlin/merlin.3.3.3/opam#L68




should take care of basic setup.
See https://github.com/OCamlPro/opam-user-setup
"
  {success & !user-setup:installed}
]
url {
  src:
    "https://github.com/ocaml/merlin/releases/download/v3.3.3/merlin-v3.3.3.tbz"
  checksum: [
    "sha256=72909ef47eea1f6fca13b4109a34dccf8fe3923a3c026f1ed1db9eb5ee9aae15"
    "sha512=2a5f39d966be56c1322982effc05bc98fd5f66cd12f1f76953f8daa9eca74a58c92a186854f4e601e2f0bb038720691446e7591b4613982accded3e579fedb23"
  ]
}

And you can see that it’s cached in opam.ocaml.org:

 $ curl --head https://opam.ocaml.org/cache/sha256/72/72909ef47eea1f6fca13b4109a34dccf8fe3923a3c026f1ed1db9eb5ee9aae15
HTTP/1.1 200 OK
...

The script I set to OPAMFETCH just replaces opam.ocaml.org with something like cache-proxy.my-big-enterprise.tld.

I noticed that what @avsm mentions is what they do in opam.ocaml.org (or something very similar, I don’t remember, I looked it up long ago), so by doing that you’d get a similar cache locally. I didn’t want to maintain that and I’m happy to just use the upstream opam.ocaml.org cache. I’m not assuming there’s any guarantees around that (nor do I expect that), but it’s a convenient way for me to fetch the sources defined by the default opam repository. Otherwise I’d have to set up all the different proxies to fetch sources and it would be a mess for me.

One thing I’d note however, please keep supporting OPAMFETCH! It was a life saver

Once that setup is done in my customized docker container, I just prefetch and install stuff like core, utop, etc.

I’m sure there’s a more convenient way of doing this, so if you end up documenting it then I’ll be very keen to read it.

Topic		Replies	Views
Best practices around using external libraries on opam? Ecosystem opam	6	1287	June 11, 2020
Opam local mirror Ecosystem opam	3	998	January 10, 2018
Opam init when opam.ocaml.org is blocked? Learning opam	2	606	April 30, 2021
Opam-ci: new distributions available Community opam	2	1080	November 28, 2018
[ANN] opam 2.1.0~rc2 Ecosystem opam , announce	3	1953	June 24, 2021

How to setup local OPAM mirror

Related Topics