It takes all of about 10 minutes to set up, and about 12-72 hours to download the packages. Once it’s done, your updates and installs will happen in seconds, since the downloads are only limited by your local LAN. With my sources enabled (all of the official and community repos on the ubuntu mirror plus the wineHQ one) it was a 37 gig download. Assuming you have a running web server, all it takes is:

sudo apt-get install apt-mirror

After the install, open up your mirror.list and replace the lines that start with deb with the similar ones in your sources.list. here is mine:

sudo vim /etc/apt/mirror.list

############# config ##################
#
# set base_path /var/spool/apt-mirror
#
# if you change the base path you must create the directories below with write privlages
#
# set mirror_path $base_path/mirror
# set skel_path $base_path/skel
# set var_path $base_path/var
# set cleanscript $var_path/clean.sh
# set defaultarch
set nthreads 20
set tilde 0
#
############# end config ##############

deb http://us.archive.ubuntu.com/ubuntu/ feisty main restricted
deb-src http://us.archive.ubuntu.com/ubuntu/ feisty main restricted

deb http://us.archive.ubuntu.com/ubuntu/ feisty-updates main restricted
deb-src http://us.archive.ubuntu.com/ubuntu/ feisty-updates main restricted

deb http://us.archive.ubuntu.com/ubuntu/ feisty universe
deb-src http://us.archive.ubuntu.com/ubuntu/ feisty universe

deb http://us.archive.ubuntu.com/ubuntu/ feisty multiverse
deb-src http://us.archive.ubuntu.com/ubuntu/ feisty multiverse

deb http://security.ubuntu.com/ubuntu feisty-security main restricted
deb-src http://security.ubuntu.com/ubuntu feisty-security main restricted
deb http://security.ubuntu.com/ubuntu feisty-security universe
deb-src http://security.ubuntu.com/ubuntu feisty-security universe
deb http://security.ubuntu.com/ubuntu feisty-security multiverse
deb-src http://security.ubuntu.com/ubuntu feisty-security multiverse

clean http://us.archive.ubuntu.com/ubuntu

After that you just need to run the mirror updating command…
sudo su - apt-mirror -c apt-mirror
…and wait for several hours. Or days.

Once it has completed the first run, you can go into /etc/cron.d/apt-mirror and uncomment the line in there to make it run on it’s own every day.

With the files in hand, I opened up my httpd.conf to replace my self-signed certs with the real deal. I made the changes and restarted the server, only to find that the old certificate was still being used. At first I thought that the issue was in reloading the .conf file, but that proved not to be true after a reboot. I started googling to see what could be wrong, only to learn that name-based virtual hosting and SSL do not mix. Apparently the SSL handshake occurs before the http headers with the hostname (which is how Apache knows what page to serve you) so that you can only use one SSL cert per IP address.

I made myself another latte and sat down to figure the damage on switching everything over to ip-based hosting. Running Linux makes it trivial to use multiple ip addresses on one network card (I don’t know of any limit), but I was afraid I would run short on leased ips. After scanning half a dozen sites with bits and pieces about ip virtual on Apache, it dawned on me that I might be able to run both name-based and IP-based on the same daemon. I’m sure why I assumed I couldn’t (maybe because almost every howto contains something to the effect of “Name-Based vs. IP-Based” in the title), but the revelation was a cheering thought.

After backing up my old httpd.conf, I changed the virtual server in question to a IP based one (leaving the others in tact). A quick change in the DNS A records and I was ready to test it out. To my delight, everything worked as it should. Anyone who can read this–and comprehend it–knows that it’s never that easy, but lucky for me it was.

The power and flexibility of the LAMP stack continues to amaze me. No matter how messy the situation is, this winning combination will deliver in spades. It is no wonder that so many organizations use it.