Difference between revisions of "Apt repository hosting"
Jump to navigation
Jump to search
Line 6: | Line 6: | ||
Things I'm still unsure of: | Things I'm still unsure of: | ||
* Will CloudFront work OK? Caching can be a pain. | * Will CloudFront work OK? Caching can be a pain. | ||
* Automating publishing of packages with Aptly, and an easy way to control which packages are published. | * Automating publishing of packages with Aptly, and an easy way to control which packages are published. | ||
* Maybe there's a simpler solution than using s3-apt-transport? | * Maybe there's a simpler solution than using s3-apt-transport? | ||
* Safe distribution of the AWS Access and Secret keys to users. | * Safe distribution of the AWS Access and Secret keys to users. | ||
* How do I choose which fork to fix the documentation of the apt-transport-s3 dependency? | * How do I choose on github on which fork to fix the documentation of the apt-transport-s3 dependency? | ||
<s>* Publishing my public keys.</s> | |||
My aptly configuration and some commands: | My aptly configuration and some commands: | ||
Line 61: | Line 61: | ||
aptly snapshot create eburcat-0.01 from repo eburcat-release | aptly snapshot create eburcat-0.01 from repo eburcat-release | ||
aptly publish snapshot eburcat-0.01 s3:eburcat.private: | aptly publish snapshot eburcat-0.01 s3:eburcat.private: | ||
</pre> | |||
To publish my public key, I put it on S3, and then I can install it on any machine: | |||
<pre> | |||
gpg --export --armor > /tmp/eburcat.pub | |||
aws --region="eu-west-1" s3 cp --acl="public-read" /tmp/eburcat.pub s3://repo.eburcat.com/ | |||
wget -qO - https://s3-eu-west-1.amazonaws.com/repo.eburcat.com/eburcat.pub | sudo apt-key add - | |||
</pre> | </pre> |
Revision as of 23:55, 31 August 2015
Aptly looks promising.
Had quirk with publishing to us-east-1 on S3: http://www.aptly.info/doc/feature/s3/. Bypassed by using eu-west-1. Troubleshooting S3 with GoLang was interesting :)
For a private repository, I borrowed an idea from here: http://skife.org/apt/aws/2012/10/12/private-apt-repos-in-s3.html (apt-transport-s3 - depended on cdbs on my machine, which was not mentioned in its docs).
Things I'm still unsure of:
- Will CloudFront work OK? Caching can be a pain.
- Automating publishing of packages with Aptly, and an easy way to control which packages are published.
- Maybe there's a simpler solution than using s3-apt-transport?
- Safe distribution of the AWS Access and Secret keys to users.
- How do I choose on github on which fork to fix the documentation of the apt-transport-s3 dependency?
* Publishing my public keys.
My aptly configuration and some commands:
{ "rootDir": "/home/eburcat/.aptly", "downloadConcurrency": 4, "downloadSpeedLimit": 0, "architectures": [], "dependencyFollowSuggests": false, "dependencyFollowRecommends": false, "dependencyFollowAllVariants": false, "dependencyFollowSource": false, "gpgDisableSign": false, "gpgDisableVerify": false, "downloadSourcePackages": false, "ppaDistributorID": "ubuntu", "ppaCodename": "", "S3PublishEndpoints": { "eburcat.private":{ "awsAccessKeyID":"", "awsSecretAccessKey":"", "region":"eu-west-1", "bucket":"repo.eburcat.com", "prefix":"private", "acl":"private", "encryptionMethod":"AES256" }, "eburcat.public":{ "awsAccessKeyID":"", "awsSecretAccessKey":"", "region":"eu-west-1", "bucket":"repo.eburcat.com", "prefix":"public", "acl":"public-read" } }, "SwiftPublishEndpoints": {} } aptly repo create -distribution=precise -component=main eburcat-public aptly repo add eburcat-public apt-transport-s3_1.1.1ubuntu2_amd64.deb aptly repo add eburcat-public apt-transport-s3_1.1.1ubuntu2.dsc aptly snapshot create eburcat-public-0.01 from repo eburcat-public aptly publish snapshot eburcat-public-0.01 s3:eburcat.public: aptly repo create -distribution=precise -component=main eburcat-release aptly repo add eburcat-release my-package_1.0_amd64.deb aptly snapshot create eburcat-0.01 from repo eburcat-release aptly publish snapshot eburcat-0.01 s3:eburcat.private:
To publish my public key, I put it on S3, and then I can install it on any machine:
gpg --export --armor > /tmp/eburcat.pub aws --region="eu-west-1" s3 cp --acl="public-read" /tmp/eburcat.pub s3://repo.eburcat.com/ wget -qO - https://s3-eu-west-1.amazonaws.com/repo.eburcat.com/eburcat.pub | sudo apt-key add -