# Week 6 - 7 This two week was dedicated to go-packaging and diving into debcrafter and gathering information about what the configuration packaging should contain, also how to utilize or not to utilize debmake. I finished my proposal and submitted it. I will be presenting it on week 8, as time didn't allow for everyone to do so. I have asked for vm on aws which was setup to host the debian repository, currently only available in unstable version. This week were also where I left the virtualbox and docker container for building packages and moved to digitalocean droplet as both virtualbox and docker were limited when it came to reproducible builds. ## Notes on reprepro ### Setting up nginx ``` bash apt-get update apt-get install nginx mv /etc/nginx/sites-available/default /etc/nginx/sites-available/default.bak touch /etc/nginx/sites-available/default ``` ``` text server { listen 80; access_log /var/log/nginx/repo-error.log; error_log /var/log/nginx/repo-error.log; location / { root /srv/repos/apt/debian; autoindex on; } location ~ /(.*)/conf { deny all; } location ~ /(.*)/db { deny all; } } ``` ### Install reprepo 1. Install reprepo ``` bash apt-get update apt-get install reprepro ``` 2. Make a directory for reprepo ``` bash mkdir -p /srv/repos/apt/debian mkdir -p /srv/repos/apt/debian/conf ``` /srv/repos/apt/debian/conf/distributions ``` text Origin: Your project name Label: Your project name Codename: <osrelease> Architectures: source i386 amd64 Components: main Description: Apt repository for project x SignWith: <key-id> ``` /srv/repos/apt/debian/conf/options ``` text verbose basedir /srv/repos/apt/debian ask-passphrase ``` ### Add/List/Remove a package with reprepo 1. Create temporary directory ``` bash mkdir -p /tmp/debs cd /tmp/debs ``` 2. Obtain source ``` bash wget https://github.com/Silvenga/examples/raw/master/example-helloworld_1.0.0.0_amd64.deb wget https://github.com/Silvenga/examples/raw/master/example-helloworld_1.0.0.0_i386.deb ``` 3. Add packages to your repository ``` bash reprepro -b /srv/repos/apt/debian includedeb <distroname> example-helloworld_1.0.0.0_* ``` 4. List your package ``` bash reprepro -b /var/repositories/ list <distroname> ``` 5. Delete your package ``` bash reprepro -b /var/repositories/ remove <distroname> example-helloworld ``` ### reprepo test repository ``` bash mkdir -p /path/to/testing-repo mkdir -p /path/to/main-repo/{dists,db,incoming} mkdir -p /path/to/testing-repo/{dists,db,incoming} ``` ### add packages from incoming ``` bash cp /path/to/package1.deb /path/to/main-repo/incoming/ reprepro -Vb /path/to/main-repo includedeb stretch /path/to/main-repo/incoming/*.deb reprepro -Vb /path/to/main-repo update ``` ### reprepo package structure ``` bash The mkdir -p /path/to/repository/{dists,db,incoming} command creates the main directories for your repository, but you should also create subdirectories based on the Debian components (such as "main", "contrib", "non-free") and distribution releases (like "stretch", "buster", "bullseye"). Here's a more detailed explanation of the directory structure: #+begin_src bash mkdir -p /path/to/repository/{dists,db,incoming} mkdir -p /path/to/repository/dists/stretch/main mkdir -p /path/to/repository/dists/stretch/contrib mkdir -p /path/to/repository/dists/stretch/non-free mkdir -p /path/to/repository/dists/buster/main mkdir -p /path/to/repository/dists/buster/contrib mkdir -p /path/to/repository/dists/buster/non-free # Repeat for other distribution releases ``` ### adding another way ``` bash reprepro -b /srv/repos/apt/debian includedeb bookworm /home/admin/go-ipa_0.0\~git20230821.c39f2ad-1_amd64.deb reprepro export ``` ### adding reprepro host to another machine ``` bash wget -O - http://13.251.85.193/conf/reprepro.gpg.key | apt-key add - add-apt-repository "deb http://13.251.85.193/debian bookworm unstable" ``` ## Gpg setup for signing with repos (TODO) ## Debcrafter questions - answers (TODO) This is pushed to next week. ## Debian reproducible builds I was working on the Debian way of packaging go-ethereum, which would require all dependent go library to be packaged as a debian package. Go-Ethereum would bring around 160+ as a dependency, so I don't think this approach will be followed. Go packaging was added before go modules were present, and looks to be not the way to do the go binaries for the following reasons - Packaging more than 160+ per package just for one executable seems overkill - Each package has multiple versions - Debian packages are not pinning versions, for security reasons and circular dependency reasons we need version pinning - Sometimes packages are downloaded, even do they are indirect dependencies