Repository

How to Set up a Repository for use with apt-get or Synaptic

  1. Arrange hosting. For free (as in speech) packages, tuxfamily.org is a great choice.
  2. Choose a distribution name (eg. etch or p701) and section names (eg. stable, unstable, testing or main, etch). Use your imagination.
  3. Use an FTP client to set up the directory structure. This assumes the i386 architecture. You can have more than one distribution. The pool can be split up any way you like. I split it by section, but Debian splits it alphabetically, with a sub-directory for each letter.
     - Home
         + dists
         |   + <distribution>
         |   |      + <section1>
         |   |      |     - binary-i386
         |   |      - <section2>
         |   |            - binary-i386
         |   - p701
         |          + main
         |          |     - binary-i386
         |          - etch
         |                - binary-i386
         - pool
             + main
             - etch 
  4. On your local storage, set up a directory called pool, with the same sub-directories that you'll have on your repository server (eg. ~/pool).
  5. Store your .deb packages in the correct location in the pool.
  6. Ensure you have the dpkg-dev package installed (apt-get install dpkg-dev).
  7. Go to the directory below pool (cd ~).
  8. For each subdirectory in the pool, run: dpkg-scanpackages <path> /dev/null | gzip -9c > <path>Packages.gz (eg. dpkg-scanpackages pool/main /dev/null | gzip -9c > dists/p701/main/Packages.gz) This will put the correct file names in the Packages.gz file.
  9. Upload the packages to the correct sub-directory of pool on your repository server (eg. pool/main).
  10. Upload the Packages.gz file for each distribution/section to the corresponding binary-i386 folder on the server (eg. dists/p701/main/binary-i386).
  11. Add your server to your sources.list (eg. http://download.tuxfamily.org/eeepcrepos/ p701 main etch)
  12. Use apt-get or synaptic to install your packages from your server.

For Secure Apt (signed repository)

  • You need to add a Release file. You can use http://ftp.debian.org/debian/dists/etch/Release as an example. Enter the first lines, before the checksums into a text file (eg. release.conf) in the form:
    APT
    {
     FTPArchive
     {
      Release
      {
       Origin "origin";
       Label "label";
      }
     }
    }
  • Run "apt-ftparchive release ./ > Release" in the distribution directory (eg. /dists/p701).
  • Create a gpg key to digitally sign the Release file, save the output in Release.gpg (gpg -abs -o Release.gpg Release)
  • Place the Release and Release.gpg files in the correct directory (eg. /dists/p701). You can find out where apt is looking by running "apt-get update" from the console.
  • Provide the public key in a place where users can import it to apt-key. (eg.
     
      wget http://download.tuxfamily.org/eeepcrepos/key.asc 
      sudo apt-key import key.asc 
    
    )
  • Make sure to back up the secret key, because if it's lost, you can't sign the repository!