Debian, debian-packaging

Managing Debian APT Repository via Aptly

In my previous blog, i’ve explained how to build a Debian pacakge from source. In this blog i’m to explain how to create and manage our own apt repository. Enter aptly,is a swiss army knife for Debian repository management: it allows us to mirror remote repositories, manage local package repositories, take snapshots, pull new versions of packages along with dependencies, publish as Debian repository. Aptly can upload the repo to Amazon S3, but we need to install APT S3 support, in order to use it from S3.

First, let’s install aptly on our build server. A more detailed documentation on installation is available in the website

$ echo "deb squeeze main" > /etc/apt/sources.list

$ gpg --keyserver --recv-keys 2A194991

$ gpg -a --export 2A194991 | sudo apt-key add -

$ apt-get update && apt-get install aptly

Let’s create a repo,

$ aptly repo create -distribution=wheezy -component=main my-repo    # where my-repo is the name of the repository

Once the repo is created, we can start adding our newly created packages to our new repo.

$ aptly repo add <repo name> <your debian file>    # in my case aptly repo add myrepo openvpn_2.3.6_amd64.deb

The above command will add the new package to the repo. Now in order to make this repo usable, we need to publish this repo. A valid GPG key is required for publishing the repo. So let’s create the gpg key for aptly.

$ gpg --gen-key

$ gpg --export --armor <email-id-used-fo-gpg-key-creation> > myrepo-pubkey.asc   # creates a pubkey that distributed

$ gpg --send-key KEYNAME     # This command can be used if we want to send the key to a public server, we can also pass --keyserver <server-url>, if we want to specifiy a specific keyserver

Once we have our GPG key, we can publish our repo. By default aptly can publish the repo to S3 or it can publish it locally and we can use any webserver to servce this repo.

$ aptly publish --distribution="wheezy" repo my-repo

Once published, we can point the webserver to “~/.aptly/”, where our repo files will be created. Aptly also comes with an embedded webserver which can be invoked by running aptly serve. Aptly really makes the repo management so easy. We can actually integrate this into our jenkins job so that each time when we build a package, we can directly add and upload the same to our repository.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s