linux4noobs @programming.dev petrescatraian @libranet.de 9 mo. ago

Is there any online service that I could use in order to have a private Debian repository?

Or maybe a way to use existing cloud services like Google Drive or OneDrive or Dropbox for this purpose?

I just have a bunch of .deb files and I think this could be really useful. Plus I will be offloading some of my storage 😁

16 comments

You could use github https://assafmo.github.io/2019/05/02/ppa-repo-hosted-on-github.html
Use a standard Webserver like nginx and enable access protection with username + password. For that you can use your favorite web hoster.

You can specify the credentials like this in sources.list format: deb https://user:password@your-server.tld
- @petrescatraian@libranet.de to add on to this, you can also use apt_auth.conf (man doc) to define the passwords for accessing your stuff. The repo has to be behind HTTP basic auth.
  
  So, the steps are:
  
  Follow @vimium@programming.dev's post to setup a repo
  
  Put the repo behind HTTP basic auth (NGINX has a guide on how to set that up)
  
  Setup HTTPS for the server (https://letsencrypt.org/docs/)
  
  Create apt_auth.conf with the username and password
  
  Anti Commercial-AI license
- Thanks. I was looking into self hosting as well. Do I need to also own a domain for this or can I point my system to the IP address only?
  
  As long as it's the only (or primary) site in the IP, IP address will work just fine.
JFrog is probably overkill but what I use. Yes there are lighter weight ways but it's easy.
This is something companies do, but I believe acess control is by firewall/VPN not the repo tools. As far as I can tell, if you can access the IP address of the URL assets you can get the assets. So making it private is a matter of setting up access to the server(s) not a configuration of the tools that manage the repository.

I'd ask on a debian focused irc/chat room/ mailing list to find out more.
- @ericjmorey Thanks!
Hi. You have two main ways to achieve this: use an artifact store such as Pulp and https://github.com/pulp/pulp_deb plugin or basically do it yourself by creating the APT repo manually and delivering it over HTTP similar to https://linuxopsys.com/topics/create-your-own-repository-for-packages-on-debian#Step_4_Create_the_Required_Repository_Package_Meta_for_APT

There is no magic. Creating Yum or APT repos boils down to having packages and their metadata in a structured format and making it consumable over HTTP. To get started, you can also inspect any upstream repo in your browser.

Good luck. Feel free to report back if you have more specific questions.
- I don't think this gets at what they are trying to set up. The want to set up access control to the repo such that someone with the URL of the repo can't get access it without being on an allowlist. In other words, they want private access to the repo they set up.
  
  Maybe I'm not reading their description accurately, but that's how I took it.
- I don't think this gets at what they are trying to do. I think they want to set up access control to the repo. They want access to the repo to be private but also use it for themselves like any other repo.
Gitea supports Debian and other formats. https://docs.gitea.com/usage/packages/debian
Unsure if this is what you're looking for, but I've seen some FOSS projects use https://www.makedeb.org/ and https://openbuildservice.org/ to create public Debian repos.
- @ipacialsection I already have the debs, just looking for a repo for them to store them in a kind of more useful way. I was looking at openbuildservice.org, but I'm unsure about their terms. If I have a few games as debs that I legally got, and add them there, will they risk being taken down because of piracy? Or would I be able to set a private repo as well so only I could access it?
  
  I honestly have only passing knowledge of it, but my understanding is that Open Build Service is more for sharing software whose source code you are allowed to distribute. If you aren't looking to distribute at all, the solutions other users suggested might be better.
  
  There's also a way to create an APT repository entirely on your own system, without a web server, which I haven't tried myself, but a DuckDuckGo search found this: https://help.ubuntu.com/community/Repositories/Personal
apt repositories are just http severs with some metadata generated.

There are some services, like metioned jfrog and maybe nexus that will set it up for you with some additional tooling to aid in package releases.

For a private use, a static file hosting + metadata is all you need.

Here's instructions from Debian docs. It seems fairly straightforward on a cursory look through.

https://wiki.debian.org/DebianRepository/Setup#Debian_Repository_Types

You've viewed 16 comments.