Aptly: Difference between revisions
No edit summary |
|||
Line 126: | Line 126: | ||
gpg --gen-key | gpg --gen-key | ||
</source> | </source> | ||
=== Tarkvarahoidla tõmmise kasutusele võtmine === | |||
'''9. Käivita avalikustamise käsk. Juhul kui kasutasid võtmepaari loomisel salasõna (passphrase), siis nüüd on vaja see sisestada''' | |||
<source lang="bash"> | |||
aptly publish snapshot nginx | |||
</source> | |||
Käsu väljund autori testkeskkonnas: | |||
<source lang="bash"> | |||
root@aptly:~# aptly publish snapshot nginx | |||
Loading packages... | |||
Generating metadata files and linking package files... | |||
Finalizing metadata files... | |||
Signing file 'Release' with gpg, please enter your passphrase when prompted: | |||
You need a passphrase to unlock the secret key for | |||
user: "Kristjan Hinn <kristjan.hinn@gmail.com>" | |||
2048-bit RSA key, ID A4553395, created 2015-06-10 | |||
gpg: gpg-agent is not available in this session | |||
Clearsigning file 'Release' with gpg, please enter your passphrase when prompted: | |||
You need a passphrase to unlock the secret key for | |||
user: "Kristjan Hinn <kristjan.hinn@gmail.com>" | |||
2048-bit RSA key, ID A4553395, created 2015-06-10 | |||
gpg: gpg-agent is not available in this session | |||
Snapshot nginx has been successfully published. | |||
Please setup your webserver to serve directory '/root/.aptly/public' with autoindexing. | |||
Now you can add following line to apt sources: | |||
deb http://your-server/ trusty main | |||
Don't forget to add your GPG key to apt with apt-key. | |||
'''9. ''' | '''9. ''' |
Revision as of 12:53, 10 June 2015
Autor
Kristjan Hinn, AK31
Sissejuhatus
Paigaldamine ja näidisseadistus
Autor tegi läbi testkeskkonas näidisseadistuse. Näidisena loob autor ngnix tarkvara pakile ning tema sõltuvusprogrammidele peegel tarkvara hoidla (repository) ning näitab kuidas klient server tarkvara paki ning sõltuvusprogrammid paigaldada saab.
Eeldused
Autori testkeskkond:
Aptly server: Ubuntu LTS 14.04
IP: 172.16.8.85
Klient server: Ubuntu LTS 14.04
IP: 172.16.8.87
Vaike väärtustega eelseadistatud Apache2 veebiserver aptly serveril.
Seadistamine
Aptly
1. Paigaldame aptly
apt-get update
apt-get install aptly
2. Muudame ära vaike kodukataloogi "rootDir": asukoha failis /root/.aptly.conf
nano /root/.aptly.conf
"rootDir": "/var/www/html",
"downloadConcurrency": 4,
"downloadSpeedLimit": 0,
"architectures": [],
"dependencyFollowSuggests": false,
"dependencyFollowRecommends": false,
"dependencyFollowAllVariants": false,
"dependencyFollowSource": false,
"gpgDisableSign": false,
"gpgDisableVerify": false,
"downloadSourcePackages": false,
"ppaDistributorID": "ubuntu",
"ppaCodename": "",
"S3PublishEndpoints": {},
"SwiftPublishEndpoints": {}
}
3. Loome peegel tarkvarahoidla. Antud juhendi kiiremaks läbimiseks loome tarkvarahoidla, milles hoitakse ainult tarkvara nginx ning tema sõltuvusprogrammid
aptly -architectures="amd64" mirror create -filter="nginx" -filter-with-deps nginx-main http://ee.archive.ubuntu.com/ubuntu/ trusty main restricted
4. Tõenäolislet annab eelmine käsk vea kuna võtme paare pole tekitatud. Käivita veateate väljundis käsk.
Autori testkeskkonna puhul oli võtmepaar ja käsk selline:
gpg --no-default-keyring --keyring trustedkeys.gpg --keyserver keys.gnupg.net --recv-keys 437D05B5 C0B21F32
5. Käivitame uuesti peegel tarkvarahoidla loomise käsu
aptly -architectures="amd64" mirror create -filter="nginx" -filter-with-deps nginx-main http://ee.archive.ubuntu.com/ubuntu/ trusty main restricted
Jälgi käsu väljundit ning kui ühtegi veateadet ei teki, siis tuleb värskelt loodud peegel tarkvarahoidla uuendada
6. Uuendame peegel tarkvarahoidla (laeb alla vajaliku tarkvara ja tema sõltuvusprogrammid)
aptly mirror update nginx-main
7. Kuna autor tekitas peegel tarkvarahoidla, siis tuleb sellest tekitada omakorda tõmmis. Peegel tarkvarahoidlat ei saa otse avaldada .
aptly snapshot create nginx from mirror nginx-main
8. Kasutusele võtmiseks tuleb peegel tarkvarahoidla tõmmis avalikuks teha ehk avaldada (publish). Avalikustamise jaoks on aga vaja luua GPG võtme paar
GPG võtmepaari loomine
8.1 Paigaldame rng-tools tarkvara
apt-get update
apt-get install rng-tools
Peale paigaldamist ava konfiguratsiooni fail
nano /etc/default/rng-tools
lisa faili lõppu rida
HRNGDEVICE=/dev/urandom
Käivita suvalise numbri generaatori daemon
/etc/init.d/rng-tools start
8.2 Loome võtmepaarid.
gpg --gen-key
Tarkvarahoidla tõmmise kasutusele võtmine
9. Käivita avalikustamise käsk. Juhul kui kasutasid võtmepaari loomisel salasõna (passphrase), siis nüüd on vaja see sisestada
aptly publish snapshot nginx
Käsu väljund autori testkeskkonnas: <source lang="bash"> root@aptly:~# aptly publish snapshot nginx Loading packages... Generating metadata files and linking package files... Finalizing metadata files... Signing file 'Release' with gpg, please enter your passphrase when prompted:
You need a passphrase to unlock the secret key for user: "Kristjan Hinn <kristjan.hinn@gmail.com>" 2048-bit RSA key, ID A4553395, created 2015-06-10
gpg: gpg-agent is not available in this session Clearsigning file 'Release' with gpg, please enter your passphrase when prompted:
You need a passphrase to unlock the secret key for user: "Kristjan Hinn <kristjan.hinn@gmail.com>" 2048-bit RSA key, ID A4553395, created 2015-06-10
gpg: gpg-agent is not available in this session
Snapshot nginx has been successfully published. Please setup your webserver to serve directory '/root/.aptly/public' with autoindexing. Now you can add following line to apt sources:
deb http://your-server/ trusty main
Don't forget to add your GPG key to apt with apt-key.
9.