Forge Home

reprepro

Set up APT repositories with autosigning of packages

5,453 downloads

4,835 latest version

5.0 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 1.1.1 (latest)
  • 1.1.0
  • 1.0.0
released Nov 5th 2018
This version is compatible with:
  • Puppet Enterprise 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 4.7.0 < 6.0.0
  • ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'pinguinag-reprepro', '1.1.1'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add pinguinag-reprepro
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install pinguinag-reprepro --version 1.1.1

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

pinguinag/reprepro — version 1.1.1 Nov 5th 2018

Table of Contents

  1. Description
  2. Setup - The basics of getting started with reprepro
  3. Usage - Configuration options and additional functionality

Description

Creates repos using reprepro. Automatically signs packages dropped into incoming folder.

Follows: https://wiki.debian.org/DebianRepository/SetupWithReprepro

Setup

What reprepro affects

If manage_web_server => true:

  • places one config file in /etc/apache2/conf.d/ per repo
  • creates main config file in /etc/apache2/sites-enabled/
  • creates cronjob signing everything in the incoming folder every 5 minutes this uses flock so you can cluster multiple servers together

Setup Requirements

You have to be in posession of a GPG key without passphrase:

gpg --gen-key

This key has to be installed for a user on the system. Example shown below.

Usage

Reprepro classes and resources below show all available parameters.

Example including automatic installation of GPG key.

$key_id           = 'ABCDEF12345'
$private_key_path = '/root/priv.gpg'
$public_key_path  = '/root/pub.pub'

file { $public_key_path:
  ensure => present,
  source => ...,
}
file { $private_key_path:
  ensure => present,
  source => ...,
}
-> exec { 'install gpg key':
  command => "/usr/bin/gpg --import ${private_key_path}",
  unless  => "/usr/bin/gpg --list-keys | grep -q ${key_id}"
}

class { 'reprepro':
  manage_web_server => true,
  main_folder       => '/var/www/reprepro',
  www_group         => 'www-data',
  www_user          => 'www-data',
  fqdn              => $facts['networking']['hostname']
}

reprepro::repo { 'my-first-repository':
  architectures       => 'amd64',
  codenames           => ['stretch', 'sid']
  components          => ['main', 'sources'],
  description         => 'my first repo',
  dist                => 'debian',
  folder_per_resource => true,
  key_id              => $key_id,
  label               => 'apt.example.com',
  origin              => 'apt.example.com',
  public_key          => file('.../pub.gpg'),
  signing_user        => root, # this user needs the gpg key
  manage_web_server   => true,
  main_folder         => '/var/www/reprepro',
  www_group           => 'www-data',
  www_user            => 'www-data'
}

This creates a folder structure like this: ${main_folder}/${title}/${dist}

By setting folder_per_resource to false, it will instead create this: ${main_folder}/${dist}

Breaking changes:

1.1.0:

codename is now codenameS, and an array.