自己创建DebianRepository

# 实验环境
```
ubuntu@build:~$ lsb_release -a
No LSB modules are available.
Distributor ID:	Ubuntu
Description:	Ubuntu 22.04.3 LTS
Release:	22.04
Codename:	jammy
```
# Repository
Repository(rɪˈpɑːzətɔːri) 是贮藏室，仓库的意思。在Debian系统中，它可以理解为存放deb包的仓库。
# 生成OpenPGP
PGP(Pretty Good Privacy)，优良保密协议。用于消息加密。
OpenPGP是一种加密标准，由IETF(Internet Engineering Task Force)制定, 它是由PGP衍生而来。
GnuPG(GPG)是一种软件，是OpenPGP协议的软件实现。
生成方法如下
```bash
$ gpg --gen-key
```
上面这条指令做了什么呢？
1. 输入自己的名字。
2. 输入自己的邮件地址。
3. 为你的Key设置一个保护密码。
4. 根据提示我们随便动鼠标或按键盘来生成随机数，让key更安全。
最终结果如下
```
/home/ubuntu/.gnupg/trustdb.gpg: trustdb created
gpg: key C6FF1DD22CD7B931 marked as ultimately trusted
gpg: directory '/home/ubuntu/.gnupg/openpgp-revocs.d' created: revocation certificate stored as '/home/ubuntu/.gnupg/openpgp-revocs.d/05FECAC01D80F1D04F3FBEE0C6FF1DD22CD7B931.rev'
public and secret key created and signed.
pub   rsa3072 2024-01-28 [SC] [expires: 2026-01-27]
      05FECAC01D80F1D04F3FBEE0C6FF1DD22CD7B931
uid                      Liu Xiaoqiang <leavs_o@126.com>
sub   rsa3072 2024-01-28 [E] [expires: 2026-01-27]
```
# 安装Apache
```bash
$ sudo apt install apache2
$ sudo systemctl status apache2
```
![](https://leanote.com/api/file/getImage?fileId=65b5b793ab64414eb620f609)
## 配置Apache
```bash
$ sudo mkdir -p /srv/repos/apt/debian
$ sudo vi /etc/apache2/conf.available/repos.conf
# Apache HTTP Server 2.4

Alias /repos/apt/debian /srv/repos/apt/debian

<Directory /srv/repos/ >
        # We want the user to be able to browse the directory manually
        Options Indexes FollowSymLinks Multiviews
        Require all granted
</Directory>

# This syntax supports several repositories, e.g. one for Debian, one for Ubuntu.
# Replace * with debian, if you intend to support one distribution only.
<Directory "/srv/repos/apt/*/db/">
        Require all denied
</Directory>

<Directory "/srv/repos/apt/*/conf/">
        Require all denied
</Directory>

<Directory "/srv/repos/apt/*/incoming/">
        Require all denied
</Directory>

# 修改默认主页
$ sudo vi /etc/apache2/sites-available/000-default.conf
    #DocumentRoot /var/www/html
    DocumentRoot /srv/repos/apt
//上面指网站根目录设置在/srv/repos/apt下

$ sudo a2enconf repos # enable repos conf
$ apache2ctl configtest # test the configuration
Syntax OK
$ sudo systemctl reload apache2 # enable the configuration
下面是reprepro includedeb <os-release> <deb package>之后的效果
```
![](https://leanote.com/api/file/getImage?fileId=65b5ccabab64414eb620f76b)
# reprepro
## 安装并配置reprepro
```bash
$ sudo apt install reprepro
```
## 创建reprepro配置目录及配置
```bash
$ sudo mkdir -p /srv/repos/apt/debian/conf
# 配置发行信息
$ sudo vi /srv/repos/apt/debian/conf/distributions

Origin: Your project name
Label: Your project name
Codename: <osrelease>
Architectures: source i386 amd64
Components: main
Description: Apt repository for project x
SignWith: <key-id>

# 获取key-id
$ gpg --list-secret-key --with-subkey-fingerprint
/home/ubuntu/.gnupg/pubring.kbx
-------------------------------
sec   rsa3072 2024-01-28 [SC] [expires: 2026-01-27]
      05FECAC01D80F1D04F3FBEE0C6FF1DD22CD7B931
uid           [ultimate] Liu Xiaoqiang <leavs_o@126.com>
ssb   rsa3072 2024-01-28 [E] [expires: 2026-01-27]
      F5C3D97285337656DF76F6AE1BD724420DBB53C1

其中key-id使用下面这个
ssb   rsa3072 2024-01-28 [E] [expires: 2026-01-27]
      F5C3D97285337656DF76F6AE1BD724420DBB53C1
# 配置option
$ sudo vi /srv/repos/apt/debian/conf/options
verbose
basedir /srv/repos/apt/debian
ask-passphrase
```
##添加软件包
从仓库的目录下运行下面这条指令
```bash
$ cd /srv/repos/apt/debian
$ sudo reprepro include <osrelease> <changesfile>
或者设置仓库环境变量(注意使用sudo来引出环境变量和不使用sudo，环境变量位置是不同的)
sudo REPREPRO_BASE_DIR=/srv/repos/apt/debian/ reprepro include <osrelease> <changesfile>
或者使用-b选项来指定仓库目录
$ sudo reprepro -b /srv/repos/apt/debian/ include <osrelease> <changesfile>
```
##导出GnuPG
注意我们之前是在普通用户下生成gpg的，所以也使用普通用户来导出,如果用sudo即root用户导出会出如下警告
```
gpg: WARNING: nothing exported
```
操作步骤：
```bash
# 获取key-id
$ gpg --list-secret-key --with-subkey-fingerprint
/home/ubuntu/.gnupg/pubring.kbx
-------------------------------
sec   rsa3072 2024-01-28 [SC] [expires: 2026-01-27]
      05FECAC01D80F1D04F3FBEE0C6FF1DD22CD7B931
uid           [ultimate] Liu Xiaoqiang <leavs_o@126.com>
ssb   rsa3072 2024-01-28 [E] [expires: 2026-01-27]
      F5C3D97285337656DF76F6AE1BD724420DBB53C1
# 导出chipsee.gpg.key
$ gpg --armor --output chipsee.gpg.key --export-options export-minimal --export F5C3D97285337656DF76F6AE1BD724420DBB53C1
# 复制到服务器上
$ sudo mv chipsee.gpg.key /srv/repos/apt/debian/conf/
# 配置Apache对chipsee.gpg.key的访问
$ sudo vi  /etc/apache2/conf-available/repos.conf
<Directory "/srv/repos/apt/*/conf/chipsee.gpg.key">
        Require all granted
</Directory>
$ sudo systemctl reload apache2
# 客户机上下载并安装
$ wget -O - http://127.0.0.1/conf/chipsee.gpg.key | apt-key add -
```

leavs's note

Navigation

Recent Posts

Friend Links