If you are syncing Package Manager to create your own CRAN repository (see the CRAN source section), the server will need access to the internet to download manifest and package data. If you need to use an outbound proxy server, Package Manager uses the
Proxy.URL configuration option to set the HTTP and HTTPS proxy behavior. For example:
To add basic authorization credentials and/or use an HTTPS proxy, provide a complete URL:
Package Manager does require that the proxy is enabled to perform SSL forwarding.
Secure Outbound Proxy Credentials#
Package Manager allows credentials to be used in a secure matter when configuring an outbound proxy. To do this, use the
Password configuration options like so:
For more information, see the
Proxy Settings section in the Appendix.
Running with a Proxy#
If you are running Package Manager behind a proxy server, you need to be sure to configure the proxy server so that it correctly handles all traffic to and from Package Manager. This section describes how to correctly configure a reverse proxy with Nginx or Apache HTTPD.
When Package Manager is behind a proxy, it is important to send the original request URL information to Package Manager so that it can generate fully qualified URLs and return them the requester. For this reason, when proxying to Package Manager, we recommend adding a header,
X-RSPM-Request, to the request. This header value should be the absolute URL of the original request made by the user or browser (i.e.
Some proxies (like AWS Elastic Load Balancer), do not make it possible to add custom headers. Because of this, if this header is not supplied, "best efforts" are made utilizing the standard headers
X-Forwarded-Port to parse the original request URL. If your proxy removes a server prefix from the path,
X-Forwarded headers will not work for your use case, and you should use
X-RSPM-Request. If both
X-Forwarded headers are supplied,
X-RSPM-Request takes precedence.
Using a Proxy for TLS/SSL#
See the secure proxy section for information on configuring a proxy to handle HTTPS requests.
A version of NGINX that supports reverse-proxying can be installed using the following command:
To enable an instance of Nginx running on the same server to act as a front-end proxy to Package Manager you would use a configuration like the following in your
nginx.conf file. This configuration assumes Package Manager is running on the same host as Nginx and listening for HTTP requests on the
:4242 port. If you are proxying to Package Manager on a different machine or port, replace the
localhost:4242 references with the correct address of the server where Package Manager is hosted.
If you want to serve Package Manager from a custom path (e.g.
/rspm) you would edit your
nginx.conf file as shown below:
After adding these entries you'll then need to reload Nginx so that the proxy settings take effect:
The Apache HTTPD server can act as a front-end proxy to Package Manager by first enabling three modules:
The following configuration will permit proxying to Package Manager from the
:3737 port. Depending on the layout of your Apache installation, you may need the
VirtualHost directives in different files.
You can serve Package Manager from a custom path (e.g.
/rspm) with a configuration like the following: