Thursday, August 3, 2017

Setting up an APT repository with Reprepro and Apache

Setting up an APT repository with Reprepro and Apache


This post can be considered a continuation of my previous ones:
  • How to create a Debian package
  • Debian packaging with Pbuilder
Following next steps we will set up a signed Debian repository, using Reprepro and Apache2.

1.- Installing the tools

 root@server:~# apt-get install apache2 dpkg-sig reprepro

2.- Configuring Apache2 with reprepro

 root@server:~# mkdir -p /var/www/repos/apt/debian
Then we need to edit /etc/apache2/apache2.conf file, adding the following line:
 ServerName localhost
Now we need to create /etc/apache2/conf-availabe/repos.conf with this content:
 <Directory /var/www/repos/ > 
 # We want the user to be able to browse the directory manually 
 Options Indexes FollowSymLinks Multiviews 
 Order allow,deny 
 Allow from all 
 </Directory> 
 # This syntax supports several repositories, e.g. one for Debian, one for Ubuntu. 
 # Replace * with debian, if you intend to support one distribution only. 
 <Directory "/var/www/repos/apt/*/db/"> 
 Order allow,deny 
 Deny from all 
 </Directory> 
 <Directory "/var/www/repos/apt/*/conf/"> 
 Order allow,deny 
 Deny from all 
 </Directory> 
 <Directory "/var/www/repos/apt/*/incoming/"> 
 Order allow,deny 
 Deny from all 
 </Directory>
At last, we need to enable repos site configuration in Apache:
 root@server:/etc/apache2/conf-available# a2enconf repos 
 root@server:/etc/apache2/conf-enabled# apache2ctl configtest 
 Syntax OK 
 root@server:/etc/apache2/conf-enabled# service apache2 restart

3.- Configuring Reprepro

 root@server:~# mkdir -p /var/www/repos/apt/debian/conf
Now we create the file /var/www/repos/apt/debian/conf/distributions, with the following content:
 Origin: Debian 
 Label: Sid apt repository 
 Codename: sid 
 Architectures: i386 amd64 
 Components: main 
 Description: Apt repository for Debian unstable - Sid 
 DebOverride: override.sid 
 DscOverride: override.sid 
 SignWith: 870B8E2D 

 Origin: Debian 
 Label: Jessie apt repository 
 Codename: jessie 
 Architectures: i386 amd64 
 Components: main 
 Description: Apt repository for Debian testing - Jessie 
 DebOverride: override.jessie 
 DscOverride: override.jessie 
 SignWith: 870B8E2D 

 Origin: Debian 
 Label: Wheezy apt repository 
 Codename: wheezy 
 Architectures: i386 amd64 
 Components: main 
 Description: Apt repository for Debian stable - Wheezy 
 DebOverride: override.wheezy 
 DscOverride: override.wheezy 
 SignWith: 870B8E2D
SingWith value, included above, needs to be taken from gpg --list-keys. This will be the key used to sign our packages.
 root@server:~# gpg --list-keys 
 pub 2048R/489CD644 2014-07-15 
 uid Your Name <your_email_address@domain.com> 
 sub 2048R/870B8E2D 2014-07-15
At last, we create the options file at /var/www/repos/apt/debian/conf/options:
 verbose 
 basedir /var/www/repos/apt/debian 
 ask-passphrase
Note: We can also override Debian packages control file fields, by creating override files. In our case, for example, we could create /var/www/repos/apt/debian/conf/override.jessie with this content (used for our package named hello):
 hello Priority extra 
 hello Section admin

4.- Adding a package to the repository

 root@server:/var/www/repos/apt/debian# reprepro includedeb jessie /opt/hello_0.1-1_i386.deb
This will add our package hello_0.1-1_i386.deb to the APT repository. The command above will ask to insert a password, which is the same we used to sign the package. And, in case we want to remove the package from the repository we can use the following command:
 root@server:/var/www/repos/apt/debian# reprepro remove jessie hello

5.- Providing the public key to repository users

We need to export our public GPG key to a file, and make it available at the web server so users can download it:
 root@server:~# gpg --armor --output public.gpg.key --export Your Name 
 root@server:~# mkdir /var/www/repos/apt/conf 
 root@server:~# cp public.gpg.key /var/www/repos/apt/conf/

6.- Installing packages using the repository

 wget -O - http://YOUR_REPO_SERVER/repos/apt/conf/public.gpg.key | apt-key add - 
 echo "deb http://YOUR_REPO_SERVER/repos/apt/debian jessie main" >> /etc/apt/sources.list 
 apt-get update && apt-get install YOUR_PACKAGE

7.- Useful commands

  • List packages of a specific distribution: reprepro list DISTRIBUTION_CODENAME
  • List packages matching a specific name: reprepro ls PACKAGE_NAME
As well, in case we want to remove a distribution from the repository, we need to:
  • Remove it from /var/www/repos/apt/debian/conf/distributions
  • Run reprepro delete clearvanished

References

https://wiki.debian.org/SettingUpSignedAptRepositoryWithReprepro
http://www.debian-administration.org/articles/286
https://wikitech.wikimedia.org/wiki/Reprepro
http://blog.jonliv.es/2011/04/26/creating-your-own-signed-apt-repository-and-debian-packages/

download file now

Posted by at

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Subscribe to: Post Comments (Atom)