2

How can I create local repository which will have sub repositories main, non-free and generate key.gpg for it?

I have prepared folder /srv/dists/buster

Delirium
  • 368
  • 1
  • 5
  • 22

1 Answers1

1

Please check out this related Stack Exchange post. If you think it applies we can mark this question as a duplicate. If not you can follow this answer:

Set up debmirror

This task is quite straightforward with the use of the tool debmirror, a cronjob, and a webserver.

I will be referencing this third party wiki for this answer. I would recommend you look at the manpage, as well as any additional manpages for tools you are not familiar with in this answer.

  1. Install debmirror and debian-keyring.

    apt install debmirror debian-keyring

  2. Create a directory for the mirror. (In your case, /srv/dists/buster)

  3. Create a mirror user to run the sync scripts and maintain the mirror.

    groupadd mirror
useradd -d /srv/dists/buster -c "Debmirror" -g mirror mirror
chown -R mirror.mirror /srv/dists/buster

  4. Set up gpg keys. Please make sure you understand that if something goes wrong it is because the official keyring has been updated and the new keys are missing locally. Take the necessary steps to update the keys, as you would encountering these types of issues. Check out this guide here for more information on how to fix gpg keys.

    # Become the mirror user
su - mirror
# Import the keys
gpg --no-default-keyring --keyring trustedkeys.gpg --import /usr/share/keyrings/debian-archive-keyring.gpg
# Periodically you will update keys, just like this: (Hint: its the same as before.)
gpg --no-default-keyring --keyring trustedkeys.gpg --import /usr/share/keyrings/debian-archive-keyring.gpg
#Verify that you have the right keyrings for your system. (Hint: they should mention Buster. Information on the Debian keyrings can be found here: https://ftp-master.debian.org/keys.html)
gpg --list-keys --keyring trustedkeys.gpg

If you have are missing ~/.gnupg/trustedkeys.gpg you can copy it over with this:

    cp /usr/share/keyrings/debian-archive-keyring.gpg ~/.gnupg/trustedkeys.gpg

  1. Setup a cronjob to sync the mirror.

    #!/bin/bash

# sourcehost: choose a mirror in your proximity!
HOST=ftp.us.debian.org;

# destination directory
DEST=/srv/dists/buster/localmirror

# Debian version(s) to mirror
DIST=buster

# architecture, use what is applicable here.
ARCH=amd64

# log timestamp
logger -t mirror[$$] updating Debian mirror

su mirror -c \
"debmirror ${DEST} \
 --nosource \
 --host=${HOST} \
 --root=/localmirror \
 --dist=${DIST} \
 --section=main,non-free \
 --i18n \
 --arch=${ARCH} \
 --passive --cleanup \
 $VERBOSE"

logger -t mirror[$$] finished updating Debian mirror

Cronjob file should look like this:

    #Edit /etc/cron.d/local-debmirror:
    # debmirror
    38 04 * * 1-5 root /root/scripts/mirror

  1. Make the mirror available via a web server. I will leave this to you what you need or works best. I like nginx and flask. I know python has a oneliner to spin up a site, but if you are more familiar with apache or already have some infrastructure or policy for web servers use that. Use a solution that fits your needs best, whether you need high availability, security, or something quick for a homelab/simple network. The wiki I linked provides a solution you can use.

  2. Add to your sources.list your mirror. For a client Debian server to pull from the mirror you will need to edit your Debian client's /etc/apt/sources.list file to reference your local mirror. Do not forget to run apt update to update apt.

    deb http://debmirror.example.com/localmirror/ buster main contrib non-free

Pay attention to what directories you are referencing. It should be the root where the mirror is being synced. In your case /srv/dists/buster/localmirror but whatever works best for you. It just needs to be consistent.

In Conclusion

Please read over each link I have provided carefully before doing this. Remember that this can be used for one Debian server to sync the mirror, run the web server to serve the content, and update itself, however this solution is more for running a local mirror that other Debian instances can update from.

Please check out the Official Debian Wiki for information about mirroring.

If you have any questions or there are any errors with my post please comment and I can edit this answer.

Best of Luck!

kemotep
  • 5,140
  • 7
  • 19
  • 35
  • That bash script fails on `cwd to /localmirror failed at /usr/bin/debmirror line 936.` – Delirium Sep 23 '19 at 09:20
  • @Delirium To be clear is that bash script in the answer or debmirror? Line 936 seems to indicate something else because my answer's script is only 30 lines. Can you give an additional information about the error? Have you tried setting up debmirror manually without the script? – kemotep Sep 23 '19 at 12:18
  • Well, issue is that the script calls `/usr/bin/debmirror` and there is seems like problem on line 936. – Delirium Sep 24 '19 at 08:44
  • @Delirium, That is not very descriptive of the issue. What does line 936 of `/usr/bin/debmirror` say? If `cwd /localmirror` failed does that mean that the `/localmirror` directory does not exist? If you attempt to _manually_ create the mirror, _not using the script in the answer_, do you have the same problems? – kemotep Sep 24 '19 at 12:23