How to exclude WSUS from Lancache/monolithic?
Closed this issue · 9 comments
Describe the issue you are having
I have a real WSUS server and have no need to cache anything from Microsoft in Lancache. This is effectively consuming 2x HDD space for WSUS content. At this time, I wish Lancache to cache Steam games only.
I've tried to delete the WSUS section from cache_domains.json and make it read only. I found that the cache_domains.json file is refreshed from source on rebooting the host which means Lancache continues to cache WSUS. Please could you advise how I can exclude WSUS caching from Lancache/monolithic?
Describe your setup?
This is a homelab. DNS order = Domain servers & clients -> forwarded to PiHole (for filtering and reporting) -> PiHole forwards to Domain Controllers -> Domain Controllers forwards to Steamcache -> Steamcache forwards to 1.1.1.1. All works perfectly (thank you!) as you've designed. Steamcache is running in a docker on Ubuntu.
Are you running sniproxy
Yes
DNS Configuration
I don't believe adding my DNS configuration adds value to my query but will do if deemed necessary
### Sniproxy output
I don't believe adding Sniproxy configuration/logs adds value to my query.
I forgot to ask, is there a method to clean up the cache as keeping Windows Updates for perhaps 10 years is a bit excessive.
The best way to do this is to exclude it from your DNS container.
For lancache-dns, the best way to do this is to take advantage of the CACHE_DOMAINS_REPO flag
By default, the flag on the lancache-dns container is set to this repo. If you were to fork it and remove the wsus entry from cache_domains.json, the DNS container would not load those hostnames.
The relevant section in the lancache-dns README is called "Custom forks and branches", which gives far more detail on this. The additional argumet you would need, copied and pasted from there is:
-e CACHE_DOMAINS_REPO="https://github.com/your-username/cache-domains.git"
As for cleaning up, not really at the moment. I have been playing with writing a "cache interrogator", to let advanced users take a peek at what is in their cache, but it's nowhere near ready.
It's worth noting that every cached file contains a KEY:
header, which will begin KEY: wsus/
and will continue with the rest of the URL, but this can be quite an intensive operation to seek out and identify.
Could I work around it by manually entering the WSUS domains in windowsupdates.txt into the Windows DNS Conditional Forwarders section? ie: Effectively getting an earlier-in-the-chain DNS resolver to answer the client before Lancache intercepts the client query?
If you are using lancache-dns somewhere in your chain just specify -e DISABLE_WSUS
and it not intercept the data. If you are using your own DNS interception then remove the wsus domains (https://github.com/uklans/cache-domains/blob/master/windowsupdates.txt).
You don't need to remove the mapping from monolithic itself that just helps to categorise data to prevent collisions.
@VibroAxe
First time user of LanCache here. When you said "If you are using lancache-dns somewhere in your chain just specify -e DISABLE_WSUS", did you mean put DISABLE_WSUS=true in the .env file? This should disable that list?
Correct, the -e is for a docker run, the .env format is as you suggested
@VibroAxe
Thank you! This issue was the first time I have seen the DISABLE_WSUS environmental variable. Is there a list of "hidden" variables and accepted values that can be shared? Maybe also a description of what each variable does?
Yup, in the documentation 🤣 https://lancache.net/docs/containers/dns/