I have an nginx in front of an apt-cacher-ng. The nginx's job is to terminate HTTPS and take care of authentication.
The issue is, that nginx will look in the Authorization header for credentials, but when I configure apt to use a proxy, it will send the credentials in the Proxy-Authorization header. So apt gets 401 as a response.
Is there a way to make nginx look for credentials in the Proxy-Authorization header?
I found a workaround:
Instead of using the http_proxy env-variable or Acquire::http::proxy in apt.conf, I can change the sources.list as described in the apt-cacher-ng documentation and apt will use the correct header.
For example: deb http://deb.debian.org/debian buster main becomes deb https://apt-cache.example.com/deb.debian.org/debian buster main
I would still be interested in the "clean" solution, though.