部署
拉取镜像:
docker pull iomoss/reprepro:latest
生成SSH密钥
ssh-keygen -t rsa -C "xxx@xxx.com"
三个回车
cat ~/.ssh/id_rsa.pub
cat ~/.ssh/id_rsa
编辑docker-compose.yml
version: "3.0"
services:
reprepro-server:
image: iomoss/reprepro:latest
container_name: "reprepro"
#env_file:
# - .env
ports:
- "9778:80"
- "2322:22"
volumes:
- ./data:/srv
启动容器,将reprepro容器的/srv目录映射出来 docker-compose up
[root@localhost reprepro]# docker-compose up
Recreating nfs-reprepro ... done
Attaching to nfs-reprepro
nfs-reprepro | ---SSH-KEYS---
nfs-reprepro | Warning: No authorized_keys file found!
nfs-reprepro | Please provide one to: $CONFIG_DIR/home/debian/.ssh/authorized_keys
nfs-reprepro |
nfs-reprepro | ---GPG-KEYS---
nfs-reprepro | Warning: No GPG keys found!
nfs-reprepro | Please provide a pair to: $CONFIG_DIR/srv/home/debian/.gnupg
nfs-reprepro |
nfs-reprepro | Auto: Generating keys in batch-mode;
nfs-reprepro | --------------------------------------------------------------------------------
nfs-reprepro | gpg: keyring `/home/debian/.gnupg/secring.gpg' created
nfs-reprepro | gpg: keyring `/home/debian/.gnupg/pubring.gpg' created
nfs-reprepro | gpg: skipping control `%no-protection' ()
nfs-reprepro | ....+++++
nfs-reprepro | ..+++++
nfs-reprepro | gpg: keysize invalid; using 2048 bits
nfs-reprepro | ..+++++
nfs-reprepro | ...+++++
nfs-reprepro | gpg: /home/debian/.gnupg/trustdb.gpg: trustdb created
nfs-reprepro | gpg: key 202F19E5 marked as ultimately trusted
nfs-reprepro | --------------------------------------------------------------------------------
nfs-reprepro | Key generation done!
nfs-reprepro |
nfs-reprepro | ---NGINX---
nfs-reprepro | Warning: No nginx configuration file found
nfs-reprepro | Please provide one to: $CONFIG_DIR/etc/nginx/sites-enabled/reprepro-repository
nfs-reprepro |
nfs-reprepro | Auto: Generating configuration in batch-mode.
nfs-reprepro | Configuration file created!
nfs-reprepro |
nfs-reprepro | ---REPREPRO---
nfs-reprepro | Warning: No reprepro distributions configuration file found
nfs-reprepro | Please provide one to: $CONFIG_DIR/var/www/repos/apt/debian/conf/distributions
nfs-reprepro |
nfs-reprepro | Auto: Generating configuration in batch-mode.
nfs-reprepro | Configuration file created!
nfs-reprepro |
nfs-reprepro | ---REPREPRO---
nfs-reprepro | Warning: No reprepro distributions configuration file found
nfs-reprepro | Please provide one to: $CONFIG_DIR/var/www/repos/apt/debian/conf/options
nfs-reprepro |
nfs-reprepro | Auto: Generating configuration; default
nfs-reprepro | Configuration file created!
nfs-reprepro |
nfs-reprepro | Running sshd and nginx
出现问题不要慌:
Please provide one to: $CONFIG_DIR/home/debian/.ssh/authorized_keys
解决:将SSH密钥复制过去
cp ~/.ssh/id_rsa.pub data/home/debian/.ssh/authorized_keys
# 注意:是复制到了挂载目录 data 下
再次启动容器,会出现如下问题:
nfs-reprepro | gpg: can't open `/home/debian/.gnupg/pubring.gpg'
nfs-reprepro | gpg: keydb_search_first failed: file open error
nfs-reprepro | gpg: can't open `/home/debian/.gnupg/pubring.gpg'
nfs-reprepro | gpg: WARNING: nothing exported
nfs-reprepro | gpg: key export failed: file open error
nfs-reprepro | mv: cannot stat '172.30.38.104.gpg.key': No such file or directory
nfs-reprepro | Running sshd and nginx
解决:修改pubring.gpg文件权限
chmod 777 data/home/debian/.gnupg/pubring.gpg data/home/debian/.gnupg/secring.gpg
最后再次启动容器,可以启动成功,web页面访问验证一下
最终目录结构如下:
配置多仓库
将 var/www/repos/apt/debian 目录复制一份
cp var/www/repos/apt/debian var/www/repos/apt/mydebian
修改 distributions
vim distributions
Origin: mydeb # ***
Label: mydeb # ***
Codename: mydeb # ***
Architectures: amd64
Components: main
Description: Apt repository for mydeb
DebOverride: override.stretch
DscOverride: override.stretch
SignWith: 4F01D409
修改ngxin配置,增加仓库地址映射
server {
listen 80;
server_name 172.30.38.104;
access_log /var/log/nginx/packages-access.log;
error_log /var/log/nginx/packages-error.log;
location / { # 默认仓库地址
root /var/www/repos/apt/debian;
index index.html;
}
location /mydebian/ { # 此处增加 自定义仓库地址
root /var/www/repos/apt/mydebian;
index index.html;
}
location ~ /(.*)/conf {
deny all;
}
location ~ /(.*)/db {
deny all;
}
}
载入包(吃包)
先确认可免密登录
ssh -p 2322 debian@172.30.38.104
>>>:
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Tue Jul 26 09:57:26 2022 from 172.30.38.104
debian@a94a2fbec8a9:~$ pwd
/home/debian
debian@a94a2fbec8a9:~$
ssh -p 2322 debian@172.30.38.104 "sudo chmod -R 777 /var/www/repos/"
将包上传到仓库
docker cp nginx_1.22.0-1~buster_amd64.deb nfs-reprepro:/home/debian/pkgs
或:
scp -P 2322 nginx_1.14.2-2+deb10u4_all.deb debian@172.30.38.104:/home/debian/
# 注意:deb包要到 /home/debian 目录下
将包载入仓库
ssh -p 2322 debian@172.30.38.104 "reprepro -b /var/www/repos/apt/debian includedeb stretch pkg/nginx*.deb"
查看仓库的包列表
ssh -p 2322 debian@172.30.38.104 "reprepro -b /var/www/repos/apt/debian list stretch"
>>>:
stretch|main|amd64: nginx 1.22.0-1~buster
客户端使用reprepro源
wget -O - http://172.30.38.104:9778/172.30.38.104.gpg.key | apt-key add -
sudo echo "deb [trusted=yes] http://172.30.38.104:9778/ stretch main" > /etc/apt/sources.list.d/172.30.38.104.list
或
sudo echo "deb [trusted=yes] http://172.30.38.104:9778/mydebian mydeb main" > /etc/apt/sources.list.d/172.30.38.104.list
sudo update
sudo search nginx