The gradual transfer of the enterprise to GNU / Linux necessitates a corresponding change in the infrastructure. Today we solve the problem of global update of client machines by creating a local repository. The process was initially documented as a reminder for the future, so I apologize in advance for any absurdities in the text. So.
First you need to decide how to do it. Internets distinguish two favorites rsync
. I chose the latter because of its greater flexibility.
1. Getting the keys
To create a repository mirror, you must obtain the key “Ubuntu Archive Automatic Signing Key <email@example.com>”. To do this, in the terminal from the superuser enter:
gpg --no-default-keyring --keyring trustedkeys.gpg --recv-keys 437D05B5
2 Space preparation
Create a folder for the repository:
sudo mkdir /path/to/repositoryIt is important!
Bother to trace the presence of free space in the specified path. Even the two architectures i386
will take a decent amount of it.
3. Receiving packages
Mirroring takes place in three stages:
- Download index files;
- Delete unknown files (disabled by --nocleanup option below);
- Building a list of index archives and checking for the presence in the local repository To create the above, create a file repo_update.sh with the following content.
# . ,
# cleanup. .
# source. .
# ), --no-source
#Host. , .
# Ubuntu. 10.04 .
# . Debmirror : http,
#hftp, ftp, rsync
#. 32 64 .
# . ,
# . , . 2.
debmirror --progress --verbose $clean $src --md5sums --host=$servername --root=$rdir \
--dist=$release -s=$section --method=$sync_protocol -a=$arch $path
Now put it in the / usr / local / bin directory
and make it executable.
chmod +x repo_update.sh
sudo cp repo_update.sh /usr/local/bin/
Next, run the resulting script and wait for the process to complete. The process is quite long. The execution time depends greatly on the width of your Internet channel.
The size of the download passes tens of gigabytes, and the official Internet is rarely unlimited. Moreover, debmirror is
sensitive to the stability of the connection, 120 seconds of downtime and everything will have to start over.
4. Set up a web server
In order not to make unnecessary pangs with a tambourine, we choose the http
protocol as the traditional method of providing access to the repository. The choice of web server is yours. Of the favorites, ngnix
, chose the latter due to lack of experience working with it (pleasant with useful, yes). So.
sudo apt-get install lighttpd
Everything is simple here. If you do not plan to use a directory other than the default as a www
directory, then the server does not need to be configured. All you need to do is create a symbolic link in the / var / www
ln -s /path/to/repository /var/www/ubuntu
Check the availability of the repository from the browser: http: // <ip_address_repository> / ubuntu /
5. Setting up clients
Here we will apply a little trick. In order not to make changes in /etc/apt/sources.list
(you never know what will happen). Add a couple of lines to the / etc / hosts file
Note If you have a DNS server, you can put all this in it, and on the repository server you can register the true addresses of the above names.
And now the sweetest. Make it all spinning on your own.
6.1 Server part
In point # 3 we created a script with which we received the packages. Configure its autorun by means of the cron daemon
sudo crontab -e
To which we add the treasured line:
0 0 * * * /usr/local/bin/repo_update.sh
Now, daily at 0:00, our script will do all the routine work for us.
6.2 Client part
On clients, create a script system_upd.sh
in the / usr / local / bin directory with the
apt-get -y update && apt-get -y upgrade && apt-get -y clean
Do not forget to make it executable.
sudo chmod +x /usr/local/bin/system_upd.sh
Then open cron
sudo crontab -e
And add the line:
40 17 * * * /usr/local/bin/system_upd.sh
Now, every day at 5:40 pm, the system will poll our repository for updates and be updated if they are found.Attention!
When working with crontab you
should not forget that after the lines with the tasks there must be an empty line, which is indicated by a ' #
: I apologize for the lack of attached images, but in this case I consider their presence simply inappropriate.