How to separate crates index from files

oooo-ps · February 27, 2026, 11:20am

I'm using Kellnr proxy-cache server, that hosted on the remote machine in the local (Yggdrasil) network:

#~/.cargo/config.toml
[registries.kellnr]
index = "sparse+http://[202:68d0:f0d5:b88d:1d1a:555e:2f6b:3148]:8180/api/v1/cratesio/"

[source.crates-io]
replace-with = "kellnr"

[http]
timeout = 180

My problem in that I don't trust to provider to validate hash-sums from it, but ready to download the dependencies by using my self-hosted index version.

Is this possible? I know about the --locked option but this file is not always provided in source repos. Just security goals, to not download malformed packages when I'm using unofficial storage.

bjorn3 · February 27, 2026, 4:13pm

The registry contains a config.json file whose dl field points to where files are downloaded. I guess you could use a local clone of GitHub - rust-lang/crates.io-index: Registry index for crates.io with the config.json file pointing to the remote proxy-cache server as registry. Just be aware that this repo gets squashed every once in a while to keep the repo size under control.

Topic		Replies	Views
Setup local cargo registry help	13	4793	February 21, 2024
Cargo with local crates.io mirror help	10	445	February 5, 2026
Cargo registry behind proxy help	1	3400	January 12, 2023
Manully Download Crate from crates.io help	26	1454	December 31, 2024
How to transfer crates to a private registry help	9	613	February 16, 2025

How to separate crates index from files

Related topics