Apt Repository HOWTO
Some reference notes for how to setup and use your own apt repository for Ubuntu. The hardwork is done by the program reprepro. Instructions for Debian are mostly the same with some minor tweaks to the configuration file. See the references section for a link to the Debian Administration article.
Reprepro Setup
Install the package reprepro.
Configuration
Create a directory structure for reprepro. Likely, you'll want to do this inside your web hierarchy.
mkdir /var/www/packages mkdir /var/www/packages/ubuntu/conf mkdir /var/www/packages/ubuntu/override mkdir /var/www/packages/ubuntu/incoming
Inside the conf directory, you'll create a couple of files. distributions tells reprepro which distro versions you are setting up. For exmaple, you'll have stanzas for dapper, edgy, feisty, etc. DO NOT mix Debian and Ubuntu together. Each major distribution should have its own setup (one of the reasons we are doing things inside the directory "ubuntu"). options is a convenience file so you don't have to pass command-line options.
/var/www/packages/ubuntu/conf/distributions:
Origin: Bitchin' Apt Repository Label: Bitchin' Apt Repository Codename: edgy Architectures: i386 amd64 source Components: main Description: A most kicking, bitchin apt repository. Love it. SignWith: yes DebOverride: override.edgy DscOverride: override.edgy
/var/www/packages/ubuntu/conf/options:
verbose ask-passphrase basedir .
Signing key
Create a gpg signing key. This will be used to sign your packages and make it so apt doesn't complain when you install packages from this repository.
gpg --key-gen
It's a good idea to export the key and make it publically accessible so machines can download it and add it to their apt keychain.
gpg --export -a > signing-key.asc mv signing-key.asc /var/www/packages/ubuntu
Importing debs
If you haven't already, build a package you want to add to the repository.
Copy your package's dsc, deb, and original tarball files to /incoming. The incoming dir serves as a convenient place to put things for import. If you are only providing the binary, then you just need the .deb. However, if you are serving GPL code, you'll need to provide the source to comply with the GPL license (besides, it's good practice to keep your source mods available).
For source to import right, you need to tell reprepro a couple of things about the package. Edit override/override.edgy and fill in the needed info similar to this:
apticron Priority extra
apticron Section admin
psycopg Priority optional
psycopg Section python
python-psycopg Priority optional
python-psycopg Section python
python-imaging Priority optional
python-imaging Section python
To get these values you can see what 'dpkg -s packagename' says (i assume you've installed the package when testing it). Otherwise, you can dig up this info from looking at the package diff file.
Import the files! The proper directory structures will be built on the fly. When things stand still, it's probably time for you to enter your gpg key password. There isn't any sort of clarifying prompt.
cd /var/www/packages/ubuntu sudo reprepro includedsc edgy incoming/packagename.dsc sudo reprepro includedeb edgy incoming/packagename.deb
That's it. If you have a lot of packages to import, you may want to use this convenience script:
#! /bin/sh
echo -e "\n!! You will need to supply the gpg password for each item. !!\n"
for type in dsc deb ; do
for file in incoming/*$type ; do
reprepro include$type edge $file
done
done
Privacy & security
I prefer to lock down the directories I don't think the world needs to see.
chmod 0700 db conf override
A nice side effect is Apache2 won't even show them in a directory listing.
Apache2 Setup
You don't need anything fancy here. Supply access and enable directory indexing.
<VirtualHost *:80>
ServerName "yoursite"
ServerAdmin "you@yoursite"
DocumentRoot "/var/www/packages"
<Directory "/var/www/packages">
Options FollowSymLinks Indexes
AllowOverride None
Order Allow,Deny
Allow from All
</Directory>
</VirtualHost>
Using the Repository
For security (and to stop apt from complaining), grab the signing key and import it into your apt keychain.
wget http://yoursite/ubuntu/signing-key.asc sudo apt-key add signing-key.asc
Point apt to your repository. Add the following deb line to your /etc/apt/sources.list.
deb http://yoursite/ubuntu edgy main
Update apt and you are good to go!