mlandres
commented
2 years ago In fact we discussed this a couple of years ago. The major concern is not the integrity of the packages, it are legal implications when offering package uploads. That's why we do not offer any builtin solution, not even one that is turned off per default.
But it should be possible for you to mirror the repos or to host the local package cache on a distributed filesystem (like e.g. extremeFS). For zypp it needs to appear as a local directory, where it can read/write it's files. Admitted, our cache handling is not designed to be shared between different systesm, but this is something we can enhance.
13werwolf13
RokeJulianLockhart
what I will write now will seem strange to oldfags. but I think that in today's world it might be a good idea. I’ll make a reservation right away that I offer an option and not a basic functionality. An option that will be disabled by default and enabled only by the user.
why not use the ability to preload packages for updates, as it is done in DC ++ and torrent networks. from users who have already downloaded these packages to themselves. the reality is that at home I have an Internet channel of one gigabit / second for ridiculous money, just like most of my friends. and mirrors can rarely give even 100 megabits / second. at the same time, in my local network I have as many as 5 devices with opensuse (server, router, computer, laptop, pinebookpro (the latter does not count because, due to its different architecture, it will not participate in this)). and at work in the server hundreds of servers. why do I need to milk one poor cow with packages with all this huge bunch of hungry mouths if you can optimize the software delivery process.
in addition, for the last couple of years, the local mirror (mirror.yandex.ru) has been constantly failing, it is impossible to use it on an ongoing basis. namely, it is selected automatically most often.
Of course, the question arises about the safety of this idea. but I see it as simple. the packages themselves can be taken from users in parts, and the metadata (including but not limited to their hashsums) via https from the main repository, which somehow guarantees that the package has not been changed.
an additional plus in preventive loading. when it comes time to update my device, since it works 24/7, it will be ready to install packages without waiting for download (users of countless texlive packages will definitely appreciate it), and a laptop that has not been turned on all day when turned on will receive the necessary packages faster on the local network than from a mirror , which at the same time will also unload the provider's channel.
P.S.: I'm sorry if I wrote something incomprehensibly, my level of English does not allow me to do it easily, I used an online translator.