aptly is a swiss army knife for Debian repository management: it allows you to mirror remote repositories, manage local package repositories, take snapshots, pull new versions of packages along with dependencies, publish as Debian repository. You can try it right now just for free.
aptly is available both as CLI tool and HTTP REST service.
Nuff said, we want this ☺
Aptly provides a repo (with an outdated key, do not wonder) to install the single binary (written in Go).
First, we create a dedicated aptly user (real user, as we want to use it later for CLI actions):
useradd -m -s /bin/bash -G sudo aptly
Now lets create and publish a repo, causing aptly to initialize a few things:
aptly repo create ubuntu
aptly publish repo -distribution="trusty" ubuntu :ubuntu
:ubuntu is a just prefix, more info here.
For signing everything, we would also need a GPG key. You can use one with a passphrase and pass the passphrase with the API later or just use one without a passphrase. If you do it another machine (e.g. not the remote server), you’ll need to export/import the pair.
Import can be done like this:
gpg --import /tmp/aptly-secret-key.asc
Now we should have some files and directories in our aptly home folder:
. |-- .aptly | |-- db | | |-- 000002.ldb | | |-- 000005.ldb | | |-- 000018.log | | |-- CURRENT | | |-- LOCK | | |-- LOG | | |-- LOG.old | | `-- MANIFEST-000019 | `-- public | |-- ubuntu | |-- dists | | `-- trusty | `-- pool |-- .aptly.conf `-- .gnupg |-- gpg.conf |-- pubring.gpg |-- pubring.gpg~ |-- secring.gpg `-- trustdb.gpg
To start the API server automatically, here’s an upstart script (/etc/init/aptly-api.conf) doing things fine:
description "aptly-api" start on filesystem or runlevel  stop on runlevel [!2345] respawn umask 022 chdir /home/aptly setuid aptly setgid aptly console log # log stdout/stderr to /var/log/upstart/aptly-api.log exec /usr/bin/aptly api serve -no-lock
Create the run-dir and the log file:
chown aptly: var/log/upstart/aptly-api.log
mkdir /var/run/aptly && chown aptly: /var/run/aptly
Start & Test
If everything went fine, we can now issue an
service aptly-api start and test the API:
should result in some JSON output like