Setup your own deb repository

It is difficult to setup a Debian repository that is signed and can handle multiple versions of any single package. I went through many different packages and tutorials in how to setup my own Debian repository and it was a pain to find a method that works. My two requirements might be specific to my needs but they give the user the ability to do these two things.

The signed part allows automated scripts to upgrade a package as it allows the following.

sudo apt-get -y install <package>

The ability to handle multiple versions of the same package would allow the user to install which ever version of the package with the following command example

sudo apt-get -y install <package>=<version>

Generate a gpg key

We need a gpg key to sign our packages and repository. So let’s generate one before setting up freight.

gpg –gen-key

Select option 4 RSA (sign only)

Fill out all the information that it asks.

Note: Be sure to add an email. It will be needed to configure freight.

One thing that will happen most likely is that there is not enough entropy to generate the key and it waits for entropy. I found a good way to generate some entropy is to run stress. Open another terminal to install and run stress while leaving the gen key running.

sudo apt-get install stress

stress –hdd 8 –io 8

If you want to watch the available entropy get generated, open another terminal and watch with this command

watch cat /proc/sys/kernel/random/entropy_avail

Installing Freight

The package that I found to handle both my requirements was freight. The instructions are there, but I will document what I did just to be complete.

I installed via apt-get and so I needed to add the third party source list before installing

echo “deb http://packages.rcrowley.org $(lsb_release -sc) main” | sudo tee /etc/apt/sources.list.d/rcrowley.list

sudo wget -O /etc/apt/trusted.gpg.d/rcrowley.gpg http://packages.rcrowley.org/keyring.gpg

sudo apt-get update

sudo apt-get -y install freight

Configuring Freight

Copy the example conf

sudo cp /etc/freight.conf.example /etc/freight.conf

Edit the freight.conf and add

GPG=”emailfromgpgkey@mydomain.com”

Add deb packages

Take a deb file you already created and added to the repository. The apt/squeeze, etc arguments are the different distros where the deb should be published.

freight add foobar_1.2.3-1_all.deb apt/squeeze apt/lucid apt/natty

Build the cache

freight cache

Setting up Nginx

Now we need to serve out the repository over http. You can use any web server to do this. I chose Nginx and here is the setup procedure.

sudo apt-get install nginx

Setup hosting file

cd /etc/nginx/sites-available

sudo vi mydomain.com

Put something like this into the site configuration file

server {
listen 80;
server_name mydomain.com;
access_log /var/log/nginx/mydoamin.com.access.log;
error_log /var/log/nginx/mydomain.com.error.log;

location / {
alias /var/cache/freight/;
}
}

Enable the new site

cd /etc/nginx/sites-enabled

sudo ln -s /etc/nginx/sites-available/mydomain.com mydomain.com

Restart Nginx

sudo service nginx restart

Consume packages

Now to install the packages from your new repository on a Debian machine, add the source list and the key

echo “deb http://mydomain.com $(lsb_release -sc) main” | sudo tee /etc/apt/sources.list.d/mydomain.list

sudo wget -O /etc/apt/trusted.gpg.d/mydomain.gpg http://mydomain.com/keyring.gpg

Now you can do the normal apt-get procedure to install a package

sudo apt-get update
sudo apt-get -y install foobar

Leave a Reply

Your email address will not be published.