Week 4 & 5

During this period, I was formulating user stories that aligned with my program objectives. Simultaneously, I've been dedicating time to studying security resources and configuration packages.

Over the past two weeks, I initially considered automating the packaging process through a pipeline. However, upon further reflection in subsequent weeks and following a call, I've realized that this approach is not suitable. It seems excessive for the current task at hand and diverts from the optimal path forward. Instead, I've come to understand that focusing on configuration and service packages should be the primary area of attention.

I discovered reprepro which makes repository management much more easier.

User stories

As a node runner
I want to use apt-get to dowload the software
So I can save time and cognitive resources

As a node admin
I want to be offered defaults or configurations
So I can simplify the admin tasks

As a developer
I want to distribute my software much more easily
So I can focus on much more important tasks related to the software I'm developing

As a community member
I want to know where to point people who want to run a node
So I can say running a node is easy

As a security auditor
I want to run tests or audits against the packages and settings
So I can advise for best practices or flag security vulneberalities or fix security holes by modifying the package (debian)

Automation of package creation (deprecated)

Automated process of creating debian packages
Per one package

1. Get the latest release
   curl -L
   -H "Accept: application/vnd.github+json"
   -H "Authorization: Bearer <YOUR-TOKEN>"
   -H "X-GitHub-Api-Version: 2022-11-28"
   https://api.github.com/repos/OWNER/REPO/releases/latest
2. Compare if latest we already have
3. Package it if needed (minimal for now), add debian dir if needed (patch it)
4. Test it (skip for now)
5. inform me that there is a new package that needs to be released
   upload it to the package server ?? maybe this step should be manual
   to push into the testing packages

Reprepro (path forward)

1. Set Up reprepro:

   Install reprepro on your local machine or a server where you plan to manage your Debian repository. You can typically install it using your package manager (e.g., apt on Debian/Ubuntu).

2. Create a Debian Repository:

   Set up the directory structure for your repository on your local machine or server. You'll need directories for "conf," "dists," "incoming," and "pool."

3. Configure reprepro:

   Inside the "conf" directory, create a file named "distributions" with the configuration for your repository. This file defines repository metadata such as components, architectures, and signing information. Here's a simplified example:

   ​​​Codename: yourcodename
   ​​​Components: main
   ​​​Architectures: amd64
   

   Adjust the settings based on your repository's specifics.

4. Import Packages:

   Copy or move your Debian package files (.deb files) to the "incoming" directory. Then, use the reprepro command to process the incoming packages and add them to the repository. For example:

   ​​​reprepro -Vb /path/to/repository/incoming includedeb yourcodename /path/to/package/package.deb
   

5. Generate Metadata:

   Generate repository metadata using the reprepro command:

   ​​​reprepro -Vb /path/to/repository export
   

6. Access the Repository:

Resources

Mastering Linux Security and Hardening: A practical guide to protecting your Linux system from cyber attacks, 3rd Edition