Search

Build your ubuntu/debian public APT repository

Monday, March 16, 2020

In this post I will illustrate how to build a public ubuntu/debian APT repository, where you can make your packages publicly available in such a way that they can be installed with apt in the standard way. For this purpose, I will use a tool called reprepro. I assume that you already know how to build deb packages. If not, you can find a very nice basic tutorial here:

https://ubuntuforums.org/showthread.php?t=910717

In one of my github repositories you can find an example of script for automatic building of a deb package in a autotools environment:

https://github.com/golosio/NeuronGPU/blob/master/deb/build_package.sh

First of all, install all the necessary tools:

sudo apt install reprepro gpg

In order to be able to sign the deb packages, if you have not already done so you should create a GPG key.

gpg --gen-key

After following the instructions, in the output there should be a line like:

gpg: key CAF404E7379E2A0E marked as ultimately trusted

Take note of the key ID (CAF404E7379E2A0E in this example). In any case, you can retrieve it with the command:

gpg --keyid-format long --list-secret-keys

which yields something like:

sec rsa3072/CAF404E7379E2A0E 2020-03-16 [SC] [expires: 2022-03-16]
63EAA1AA6B332DB9496D1A17CAF404E7379E2A0E

Then upload the public key:

gpg --send-keys CAF404E7379E2A0E
gpg: sending key CAF404E7379E2A0E to hkp server keys.gnupg.net

In your home or in any other directory build the main folder:

mkdir -p ~/www/repo/{debian,ubuntu}/{conf,dists,incoming,indices,logs,pool,project,tmp}

Put a copy of the public part of the GPG key in the repo folder:

cd ~/www/repo
gpg --armor --export mikey@gmail.com > pubkey.gpg

where you should use the same email address that you used to generate the key.

With emacs or with your favorite editor open the main configuration file:

emacs ~/www/repo/distributions

and write something like:

Origin: Scientific Software
Label: deb.scisoft.net
Codename: bionic
Architectures: amd64
Components: main
Description: Debian/Ubuntu Packages for scientific software maintained by Bruno Golosio
SignWith: CAF404E7379E2A0E

Origin: Scientific Software
Label: deb.scisoft.net
Codename: eoan
Architectures: amd64
Components: main
Description: Debian/Ubuntu Packages for scientific software maintained by Bruno Golosio
SignWith: CAF404E7379E2A0E

with one block for each release, changing the Origin, Label and Description according to your needs, and replacing the SignWith field with the GPG key ID that you created before. For a description of all fields see for instance:

https://blog.packagecloud.io/eng/2017/03/23/create-debian-repository-reprepro/

Now you can use reprepro to create the initial structure, symbolic links and initial Packages files:

cd ~/www/repo/ubuntu
reprepro -Vb . createsymlinks
reprepro -Vb . export

Follow the same procedure for the www/deb/debian folder if you need it.

now you can start signing and adding your deb packages to the repository. When you import the first package, reprepro wil automatically generate the repository. To sign a package, type:

dpkg-sig --sign builder package-name.deb

Then use reprepro to add the package to the repository:

reprepro -b ~/www/repo/ubuntu includedeb bionic package-name.deb
Exporting indices...

In order to make your repository publicly available, you should upload the directory www/deb with all its content in a web hosting server. There are many providers of such service, and you can choose the one that you prefere. Remember that you must synchronize your local folder with your hosted domain, so that every time you update a package or add a new package to the repo this package is available in the public repository. The way how to syncronize the folder depends on the web hosting provider and is not covered in this post.

In order to install your packages with apt, the users shoud type the following commands:

curl -sS http://deb.scisoft.net/pubkey.gpg | sudo apt-key add -
echo "deb [arch=amd64] https://deb.scisoft.net/ubuntu bionic main" | sudo tee /etc/apt/sources.list.d/scisoft.list
sudo apt-get update

where deb.scisoft.net must be replaced by the domain of your repository and bionic by the user's ubuntu release.

 

No comments yet