NuGet loads the service index of EVERY listed source, so a 500 from the
Liara fallback aborted the whole restore (NU1301) even though Nexus was
healthy. Mirror cert chain is fixed now, so use our Nexus mirror as the
single source of truth.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Both the CI restore (/tmp/nuget.ci.config) and the Docker image build
(nuget.docker.config) now use https://mirror.soroushasadi.com/repository/
nuget-group/ as the primary source with Liara as fallback, so a single
mirror returning 500 no longer breaks restore.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
mirror.soroushasadi.com serves a leaf-only TLS chain (no intermediate).
.NET on Linux does not auto-fetch the intermediate via AIA like Windows
does, so CI/Docker restores fail with NU1301 PartialChain. Switch the
Linux build configs (CI inline config + nuget.docker.config) to the
Liara mirror, which serves a complete chain. Also disable NuGetAudit to
avoid the api.nuget.org (filtered) 100s timeout + NU1900 noise.
Local dev nuget.config keeps Nexus primary (Windows resolves the chain).
Re-add Nexus to the Linux configs once nginx serves fullchain.pem.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
soroush.asadi