Debian – Creating a Debian package repository for distributing multiple versions of a custom deb package

debdebianpackage-managementrepository

We are building an application, which will be packaged into a DEB package. We would like to be able to install and (in the future) update this application on a number of Linux servers with minimal manual interaction, using apt-get.

For this, we plan to deploy our own DEB package repository within the organization. (So we host our package ONLY, but do not mirror existing external repository ) This package repository then should be used by all Linux servers within the organization to install our single application package only.

Can someone please explain me how this should be done (including best practices)?

How to set up a minimal DEB package repository for our package (and
handle when a new version is released) ?
Setting up Debian servers so
that this single package would be fetched from our custom DEB package
repository server within the organization.

Best Answer

After spending some time digging around the a number of documentation sources, I came up with the following solution, which I am sharing:

On the machine used to host the repository, set up a personal repository according to the description of Ubuntu documentation, but do NOT add the sources.list entry on that machine.
Expose the directory with the DEB files and the Packages.gz file via a web server, e.g. with Nginx so that it is available all the machines that will consume the DEB file.
On the machines, which will fetch the DEB package, add an entry to the /etc/apt/sources.list file, which points to your server (replace foobar with your own URL): deb [trusted=yes] http://foobar/ /
Run sudo apt update
Run sudo apt install foobar to install your own package (replace foobar with your own package name)

NOTE: this setup hosts the DEB packages without any protection provided by signed packages/repositories. In case the repository is made available for a wider audience than your team's servers residing on a protected subnet behind a company firewall, you probably want to implement signing of the repository and packages.

Related Solutions

How to see if a .deb package inserts a repository

It's not fool-proof, but this will give a good indication:

dpkg-deb -c virtualbox-5.1_5.1.12-112440\~Debian\~stretch_amd64.deb|grep etc/apt

In this case nothing is found, so it looks like the package doesn't add a repository.

We're specifically looking for files in /etc/apt/sources.list.d. It's not fool-proof because packages could add a repository in their postinst. You can examine the latter using

dpkg-deb --ctrl-tarfile virtualbox-5.1_5.1.12-112440\~Debian\~stretch_amd64.deb|tar xf - ./postinst

then reading the extracted postinst (which confirms that the package doesn't add a repository).

debian systemd package-management – Debian Package with Combined Systemd Service and Executed Binary

Services and applications should be packaged together; at least, services should be packaged with the binaries implementing the service they manage.

In most cases, installing systemd units is transparent. If the main build installs units into the expected target directories (/lib/systemd/system), they will be picked up and enabled automatically. If the package ships units in debian, they will be installed in the right place and also enabled automatically. All this is handled by dh_systemd_enable and dh_systemd_start, which used to be shipped in dh-systemd but are now part of debhelper, and included in the default dh sequences.

So, if you take your existing application package, and add a service file in debian, you should find it “just works” (assuming you’re using dh).

Best Answer

Related Solutions

How to see if a .deb package inserts a repository

debian systemd package-management – Debian Package with Combined Systemd Service and Executed Binary

Related Question