The rolling apt repo with pre-built packages is not confidential and the packages are signed, so the extra protection by https is not necessary and consumes extra CPU power.
When more people start building their own rolling images (because LTS can't be built anymore), it might cause an overload and repeat of the recent situation with LTS.
Simple change (see below for a patch) to do what Debian does (use plain http instead of https) and save the planet (OK, really just some electricity and download time).
Using plain http also helps cache web traffic with caching web proxies, speeding up repeated downloads and reducing usage for people with slow/metered Internet connections.
Note, the change is not ready to apply yet - I have tried to build rolling with it and there seems to be an issue with the server.
Sometimes error 521 is returned for http while https works. Google search finds it's some Cloudflare-specific error when the origin server is down.
But http works sometimes, while https works always - not sure what exactly triggers the http 521 error, for now please just look into it if possible.
diff --git a/data/defaults.toml b/data/defaults.toml index 67154cd..83b1c4c 100644 --- a/data/defaults.toml +++ b/data/defaults.toml @@ -9,7 +9,7 @@ debian_security_mirror = "http://deb.debian.org/debian-security" debian_archive_areas = "main contrib non-free non-free-firmware" -vyos_mirror = "https://rolling-packages.vyos.net/current" +vyos_mirror = "http://rolling-packages.vyos.net/current" vyos_branch = "current" release_train = "current"