Apt Repository
(New page: It would be really nice to have our own apt repository to distribute our own packages. For example, we have customized versions of bacula that need to get to all of the servers. We coul...) |
|||
| Line 1: | Line 1: | ||
| − | + | We now have our own apt repository on hephaestus. We don't mirror the entire Debian repo; we just have our own packages. Cfengine places the appropriate line in sources.list on each machine. The archive is signed with the key apt@ugcs.caltech.edu; you can get it from [http://wwwkeys.eu.pgp.net a keyserver] | |
| − | + | It has packages under distribution "lenny", section "main". The origin is set to UGCS for easy pinning (use a line like "Pin: release o=UGCS"). Use | |
| − | The | + | deb http://hephaestus.ugcs.caltech.edu/debian lenny main |
| + | to use our packages on your system. | ||
| − | = | + | =Adding Packages= |
| − | + | We are using reprepro to maintain the repository. If you built a package correctly (with source and all), you can add it like: | |
| − | + | reprepro -Vb /var/local/reprepro include lenny package_version.changes | |
| − | [[Category: | + | Most packages should be built for both i386 and amd64. On one of the architectures, build with 'dpkg-buildpackge -B' to not include the architecture independent parts (reprepro will complain if you try to upload the same thing twice and it has a different checksum). |
| + | |||
| + | You can also include a .deb like: | ||
| + | reprepro -Vb /var/local/reprepro includedeb lenny package.deb | ||
| + | |||
| + | After adding a package, you should sign the release file. | ||
| + | cd /var/local/reprepro/dists/lenny | ||
| + | GNUPGHOME=/var/local/repository/conf/gnupg gpg --armor --detach-sign Release | ||
| + | mv Release.sig Release.gpg | ||
| + | |||
| + | The base Release file contains md5's and sha1's of everything else, so it's the only thing you need to sign. Please don't forget to do it- otherwise aptitude will complain about installing packages from untrusted sources. | ||
| + | |||
| + | [[Category:Sysadmin_documentation]] | ||
Revision as of 06:02, 18 May 2008
We now have our own apt repository on hephaestus. We don't mirror the entire Debian repo; we just have our own packages. Cfengine places the appropriate line in sources.list on each machine. The archive is signed with the key apt@ugcs.caltech.edu; you can get it from a keyserver
It has packages under distribution "lenny", section "main". The origin is set to UGCS for easy pinning (use a line like "Pin: release o=UGCS"). Use
deb http://hephaestus.ugcs.caltech.edu/debian lenny main
to use our packages on your system.
Adding Packages
We are using reprepro to maintain the repository. If you built a package correctly (with source and all), you can add it like:
reprepro -Vb /var/local/reprepro include lenny package_version.changes
Most packages should be built for both i386 and amd64. On one of the architectures, build with 'dpkg-buildpackge -B' to not include the architecture independent parts (reprepro will complain if you try to upload the same thing twice and it has a different checksum).
You can also include a .deb like:
reprepro -Vb /var/local/reprepro includedeb lenny package.deb
After adding a package, you should sign the release file.
cd /var/local/reprepro/dists/lenny GNUPGHOME=/var/local/repository/conf/gnupg gpg --armor --detach-sign Release mv Release.sig Release.gpg
The base Release file contains md5's and sha1's of everything else, so it's the only thing you need to sign. Please don't forget to do it- otherwise aptitude will complain about installing packages from untrusted sources.
