Signed Personal Debian Repository

Hi all,

That was long, but here is my signed debian repository !

Investigations:

  • Debian Repository HOWTO mostly describes trivial repository setup.
    After some trial it appeared to me that trivial repositories cannot be signed (well at least will not be verified by atp)
  • mini-dinstall does basically only trivial repository to.
  • This article about Unofficial Debian repository describe a setup with debarchiver however this has special user, cronjob… it seamed quite complex to me
  • Basically what I wanted was like a trivial repository but secured, and the solution was on the debian wiki, it first confirm that trivial repository are not compatible with apt-secure. And it give the solution:

    Even with an “official archive”, you can create a much simpler archive than the real official one. This is explained in Debian Reference (lenny) using apt-ftparchive in apt-utils and dupload. All uploaded packages are located in a directory and no database server is needed. This may be good enough for people hosting a few packages.

Well this was good enough for me, also I’m currently not using dupload but I put the commands suggested as postupload in a script.
The update script, apt-ftparchive configuration and pgp public keys are on the root of the repository.

to use it:

#add in source.list
deb http://silicone.homelinux.org/repository/ unstable main
deb-src http://silicone.homelinux.org/repository/ unstable main

#for gpg signature verification get siliconerepositorykey.asc
# sudo apt-key add siliconerepositorykey.asc

The actual content of the repository is currently just one program: a hacked xrootconsole with ANSI color support, but this will be the subject of a next post ;)