title | author | date | geometry |
---|---|---|---|
Lab - Manage your own Debian packages |
Sylvain Reynaud |
21/02/2022 |
margin=1in |
In this lab, you will learn to:
- create your own Debian package,
- setup your own Debian repository,
- sign your package and your repository.
The lab uses a simple application called 'audioboard' for the example.
Goal: create a Debian package for the application 'audioboard'.
Audioboard is a small application that plays a mp3 file:
- it uses mpg123 to play the mp3 file -> it is a dependency of the package,
- it brings a terminal interface -> a simple bash script,
- it brings a mp3 file named 'audio.mp3' -> it is a data file of the package.
The debian package will:
- Install mpg123 package if needed,
- Setup the bash script
audioboard
in/usr/bin/
, - Setup
audio.mp3
inusr/local/audioboard/
Then we will build the package.
Let's describe the directory structure:
- A folder named
audioboard
will be the root folder, - Inside this
audioboard
folder there is aDEBIAN
folder which contains thecontrol
file, - All files that need to be copied onto the final machine are in the
audioboard
folder, the tree structure will be merge with the one on the machine.
Create the folder structure:
export PACKAGE_NAME=audioboard
mkdir ${PACKAGE_NAME}
mkdir -p ${PACKAGE_NAME}/DEBIAN
mkdir -p ${PACKAGE_NAME}/usr/local/${PACKAGE_NAME}
mkdir -p ${PACKAGE_NAME}/usr/bin/
Create a simple control
file:
echo "Package: ${PACKAGE_NAME}
Version: 0.0.1
Maintainer: Me Me <me@me.local>
Depends: mpg123
Architecture: amd64
Description: A program that play a sound
Section: utils
Priority: extra
" \
> ${PACKAGE_NAME}/DEBIAN/control
For additional informations about control
check out the documention
Copy your own audio.mp3
in /usr/local/${PACKAGE_NAME}
:
cp audio.mp3 ${PACKAGE_NAME}/usr/local/${PACKAGE_NAME}/audio.mp3
Copy your audioboard
in /usr/bin/
:
export BINAIRY_NAME=audioboard
# Place the binary/script at the right place
cp ${BINAIRY_NAME} ${PACKAGE_NAME}/usr/bin/${BINAIRY_NAME}
The default package name is <package-name>_<version>-<release-number>_<architecture>.deb
export VERSION=0.0.1
export RELEASE_NUMBER=1
export ARCH=amd64
export FINAL_PACKAGE_NAME=${PACKAGE_NAME}_${VERSION}-${RELEASE_NUMBER}_${ARCH}.deb
# apt-get install -y dpkg-dev
# if you are in the root directory do cd ..
dpkg-deb --build ${PACKAGE_NAME}
mv ${PACKAGE_NAME}.deb ${FINAL_PACKAGE_NAME}
You can check the package with dpkg -I ${FINAL_PACKAGE_NAME}
.
The next step is setting up your repository in order to test your package.
Goal : setup a debian repository for the package audioboard
, then install the package with apt.
Steps:
- Place your package in a directory (here
respository/
) exposed on the web , - Generate a compressed
Packages
file which contains the list of all available packages, - Expose
respository/
with a web server, - Add the repository to your
/etc/apt/sources.list.d
directory, - Install the package with
apt
.
On the developer machine
As root run apt install dpkg-dev -y
, then:
mkdir repository
cp ${FINAL_PACKAGE_NAME} repository/
On the developer machine
Do this at every updates:
cd repository
dpkg-scanpackages -m . | gzip -9c > Packages.gz
```lly :
`apt install reprepro`
## Expose the repository
**The server is supposed to be on another machine** but for the example we will use the same machine.
Expose the repository with a web server, here with a dockerized nginx on port 8000:
```sh
# In git root directory
cd nginx
docker-compose up -d
# Move the repository to the web server
mv ../repository/ ./src
On the developer machine
export REPO_HOST=http://localhost:8000/repository
# as root
echo "deb [trusted=yes] ${REPO_HOST} ./" > /etc/apt/sources.list.d/${PACKAGE_NAME}.list
On the developer machine
# as root
apt update
apt install ${PACKAGE_NAME} -y
We previously used a flat repository. Here we will use a signed repository, which is a repository that contains the signature of the packages. First, we need to generate our gpg key.
Configure gpg by editing ~/.gnupg/gpg.conf
. Set the following parameters:
# Prioritize stronger algorithms for new keys.
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed
# Use a stronger digest than the default SHA1 for certifications.
cert-digest-algo SHA512
Then generate a gpg key : gpg --gen-key
and finally export the key :
export EMAIL=john@example.com
gpg --armor --export ${EMAIL} > ${EMAIL}.gpg.key
Your packages will be automatically signed as long as the name and email address in your package’s control
file are the same as that of the GPG key you created.
Otherwise you will have to sign your packages manually :
apt install dpkg-sig
dpkg-sig --sign builder audioboard_0.0.1-1_amd64.deb
On the repository machine, create a distribution configuration in the repository directory:
mkdir conf
touch conf/distributions
Origin: <your-repository-host>
Label: apt repository
Codename: <osrelease>
Architectures: <arch>
Components: main
Description: My debian package repo
SignWith: yes
Pull: <osrelease>
In our case :
-
<your-repository-host>
: localhost -
<osrelease>
: bullseye -
<arch>
: amd64
Now, install reprepro
, the tool that will create the complete structure (like specified on the debian wiki) inside the repository automatically :
apt install reprepro
Then, sign the repository :
reprepro -Vb . -S utils includedeb bullseye $(pwd)/audioboard_0.0.1-1_amd64.deb
Use --ask-passphrase
is you have one on your gpg key.
utils
is the Section of the package (set in the control
file).
bullseye
is the distribution name.
Add the gpg key to your keyring, then install the package !
export REPO_HOST=http://localhost:8000/repository
wget -O - ${REPO_HOST}/john@example.com.gpg.key | sudo apt-key add -
echo "deb ${REPO_HOST} bullseye main" > /etc/apt/sources.list.d/${PACKAGE_NAME}.list
apt update
apt install ${PACKAGE_NAME} -y
- 18/02/2022 - LinuxHint - Debian Package Creation HowTo
- 18/02/2022 - LinuxConfig - Easy way to create a Debian package and local package repository
- 18/02/2022 - Eeathly - Creating and hosting your own deb packages and apt repo
- 18/02/2022 - Debian.org - 5. Control files and their fields
- 18/02/2022 - Debian.org - SetupWithReprepro
- 18/02/2022 - Jon Cowie's blog - Creating your own Signed APT Repository and Debian Packages