├── DOC.md
├── Dockerfile
├── LICENSE.BSD
├── Makefile
├── README.md
├── configs
    ├── nginx-default.conf
    ├── reprepro-distributions
    ├── supervisor-cron.conf
    ├── supervisor-nginx.conf
    ├── supervisor-ssh.conf
    └── supervisord.conf
└── scripts
    ├── reprepro-import.sh
    └── start.sh


/DOC.md:
--------------------------------------------------------------------------------
 1 | 
 2 | References
 3 | ----------
 4 | 
 5 | ### Tutorials
 6 | 
 7 | * https://www.isalo.org/wiki.debian-fr/Reprepro
 8 | * http://www.howtoforge.com/setting-up-an-apt-repository-with-reprepro-and-nginx-on-debian-wheezy
 9 | * http://doc.ubuntu-fr.org/tutoriel/comment_creer_depot
10 | * http://mirrorer.alioth.debian.org/
11 | * https://wiki.debian.org/SettingUpSignedAptRepositoryWithReprepro
12 | * https://www.isalo.org/wiki.debian-fr/Reprepro
13 | 


--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM debian:latest
 2 | LABEL maintainer="Glenn Y. Rolland <glenux@glenux.net>"
 3 | LABEL contributors="Dmitrii Zolotov <dzolotov@herzen.spb.ru>"
 4 | 
 5 | ENV DEBIAN_FRONTEND noninteractive
 6 | RUN apt-get update
 7 | 
 8 | 
 9 | # Install supervisor for managing services
10 | RUN apt-get install -q -y supervisor cron openssh-server pwgen reprepro screen vim-tiny nginx
11 | 
12 | 
13 | # Configure cron
14 | # Install cron for managing regular tasks
15 | RUN sed -i 's/\(session *required *pam_loginuid.so\)/#\1/' /etc/pam.d/cron
16 | 
17 | 
18 | # Install ssh (run/stop to create required directories)
19 | RUN mkdir /var/run/sshd
20 | #RUN service ssh start ; sleep 1
21 | RUN service ssh stop
22 | 
23 | 
24 | # Configure reprepro
25 | ADD scripts/reprepro-import.sh /usr/local/sbin/reprepro-import
26 | RUN chmod 755 /usr/local/sbin/reprepro-import
27 | RUN mkdir -p /var/lib/reprepro/conf
28 | ADD configs/reprepro-distributions /var/lib/reprepro/conf/distributions
29 | 
30 | # Configure nginx
31 | RUN echo "daemon off;" >> /etc/nginx/nginx.conf
32 | RUN rm -f /etc/nginx/sites-enabled/default
33 | ADD configs/nginx-default.conf /etc/nginx/sites-enabled/default
34 | 
35 | # Setup root access
36 | RUN echo "root:docker" | chpasswd
37 | 
38 | # Configure supervisor
39 | RUN service supervisor stop
40 | ADD configs/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
41 | ADD configs/supervisor-cron.conf /etc/supervisor/conf.d/cron.conf
42 | ADD configs/supervisor-ssh.conf /etc/supervisor/conf.d/ssh.conf
43 | ADD configs/supervisor-nginx.conf /etc/supervisor/conf.d/nginx.conf
44 | 
45 | # Finalize
46 | ENV DEBIAN_FRONTEND newt
47 | 
48 | ADD scripts/start.sh /usr/local/sbin/start
49 | RUN chmod 755 /usr/local/sbin/start
50 | 
51 | VOLUME ["/docker/keys", "/docker/incoming", "/repository"]
52 | 
53 | EXPOSE 80
54 | EXPOSE 22
55 | CMD ["/usr/local/sbin/start"]
56 | 


--------------------------------------------------------------------------------
/LICENSE.BSD:
--------------------------------------------------------------------------------
 1 | Copyright (c) The Regents of the University of California.
 2 | All rights reserved.
 3 | 
 4 | Redistribution and use in source and binary forms, with or without
 5 | modification, are permitted provided that the following conditions
 6 | are met:
 7 | 1. Redistributions of source code must retain the above copyright
 8 |    notice, this list of conditions and the following disclaimer.
 9 | 2. Redistributions in binary form must reproduce the above copyright
10 |    notice, this list of conditions and the following disclaimer in the
11 |    documentation and/or other materials provided with the distribution.
12 | 3. Neither the name of the University nor the names of its contributors
13 |    may be used to endorse or promote products derived from this software
14 |    without specific prior written permission.
15 | 
16 | THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17 | ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 | ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 | OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 | HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 | LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 | OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 | SUCH DAMAGE.
27 | 


--------------------------------------------------------------------------------
/Makefile:
--------------------------------------------------------------------------------
 1 | DEBUG=0
 2 | 
 3 | build:
 4 | 	docker build -t glenux/debian-repo .
 5 | 
 6 | run:
 7 | 	ID=$$(docker run -v $$(pwd)/keys:/docker/keys -d -i -t glenux/debian-repo); \
 8 | 	(docker inspect $$ID |sed -n -e 's/.*"IPAddress": "\(.*\)".*/\1/p'); \
 9 | 	docker logs -f $$ID 
10 | 
11 | test:
12 | 	docker run -v $$(pwd)/keys:/docker/keys \
13 | 		--rm=true \
14 | 		-i -t glenux/debian-repo \
15 | 		/bin/bash
16 | 
17 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | Debian-repository for Docker
 2 | ============================
 3 | 
 4 | A local repository for publishing deb files for use with apt.
 5 | 
 6 | This docker box provides an apt repository based on the tool reprepro. 
 7 | The repository is served by an nginx server.
 8 | 
 9 | 
10 | Usage
11 | -----
12 | 
13 | ### Running the box
14 | 
15 | Get the box from docker's automated builds
16 | 
17 | 	docker pull glenux/debian-repository
18 | 
19 | Run with 22 and 80 ports opened. Share a directory containing you public SSH keys.
20 | 
21 | 	docker run -d -v $(pwd)/keys:/docker/keys -p 49160:22 -p 49161:80 glenux/debian-repository
22 | 
23 | 
24 | ### Uploading packages
25 | 
26 | Fill your ``~/.dput.cf`` with the following content :
27 | 
28 | 	[DEFAULT]
29 | 	default_host_main = docker
30 | 
31 | 	[docker]
32 | 	fqdn = localhost
33 | 	method = scp
34 | 	login = user
35 | 	incoming = /docker/incoming
36 | 	ssh_config_options =
37 | 	        Port 49160
38 |         	StrictHostKeyChecking no
39 | 
40 | 
41 | Then upload the latest package you maintain :
42 | 
43 | 	$ dput ~/src/foobar_0.1.10_amd64.changes
44 | 	Trying to upload package to docker
45 | 	Uploading to docker (via scp to 172.17.0.152):
46 | 	foobar_0.1.10_all.deb              100%   39KB  39.3KB/s   00:00    
47 | 	foobar_0.1.10.dsc                  100%  488     0.5KB/s   00:00    
48 | 	foobar_0.1.10.tar.gz               100%  826KB 826.0KB/s   00:00    
49 | 	foobar_0.1.10_amd64.changes        100% 1488     1.5KB/s   00:00    
50 | 	Successfully uploaded packages.
51 | 
52 | 
53 | ### Accessing the repository
54 | 
55 | Add the following line to your source list
56 | 
57 | 	deb http://localhost:49161/debian unstable main contrib non-free
58 | 
59 | 
60 | Credits
61 | -------
62 | 
63 | <!-- ![Gnuside](http://www.gnuside.com/wp-content/themes/gnuside-ignition-0.2-1-g0d0a5ed/images/logo-whitebg-128.png) -->
64 | 
65 | Got questions? Need help? Tweet at [@glenux](http://twitter.com/glenux).
66 | 
67 | Debian-Repository for Docker is maintained and funded by [Glenn Y. Rolland, aka Glenux](http://www.glenux.net)
68 | 
69 | 
70 | License
71 | -------
72 | 
73 | Debian-Repository for Docker is Copyright © 2014 Glenn Y. Rolland.
74 | 
75 | It is free software, and may be redistributed under the terms specified in the LICENSE file.
76 | 
77 | 


--------------------------------------------------------------------------------
/configs/nginx-default.conf:
--------------------------------------------------------------------------------
 1 | server {
 2 |         listen 80 default_server;
 3 |         listen [::]:80 default_server ipv6only=on;
 4 | 
 5 |         root /repository/debian;
 6 |         index index.html index.htm;
 7 | 
 8 |         # Make site accessible from http://localhost/
 9 |         server_name localhost;
10 | 		autoindex on;
11 | 
12 |         location / {
13 |                 try_files $uri $uri/ =404;
14 |         }
15 | 
16 | }
17 | 


--------------------------------------------------------------------------------
/configs/reprepro-distributions:
--------------------------------------------------------------------------------
 1 | Origin: Glenn Y. Rolland
 2 | Label: Easy Debian Repository
 3 | Suite: unstable
 4 | Codename: sid
 5 | Version: 3.1
 6 | Architectures: i386 amd64 powerpc source
 7 | Components: main non-free contrib
 8 | Description: Easy Debian Repository Unstable
 9 | 
10 | Origin: Glenn Y. Rolland
11 | Label: Easy Debian Repository
12 | Suite: testing
13 | Codename: bullseye
14 | Version: 3.1
15 | Architectures: i386 amd64 powerpc source
16 | Components: main non-free contrib
17 | Description: Easy Debian Repository Testing
18 | 
19 | Origin: Glenn Y. Rolland
20 | Label: Easy Debian Repository
21 | Suite: stable
22 | Codename: buster
23 | Version: 3.1
24 | Architectures: i386 amd64 powerpc source
25 | Components: main non-free contrib
26 | Description: Easy Debian Repository Stable
27 | 


--------------------------------------------------------------------------------
/configs/supervisor-cron.conf:
--------------------------------------------------------------------------------
1 | [program:cron]
2 | command=/usr/sbin/cron -f
3 | 


--------------------------------------------------------------------------------
/configs/supervisor-nginx.conf:
--------------------------------------------------------------------------------
1 | [program:nginx]
2 | command=/usr/sbin/nginx
3 | stdout_events_enabled=true
4 | stderr_events_enabled=true
5 | 


--------------------------------------------------------------------------------
/configs/supervisor-ssh.conf:
--------------------------------------------------------------------------------
1 | [program:ssh]
2 | command=/usr/sbin/sshd -D
3 | 


--------------------------------------------------------------------------------
/configs/supervisord.conf:
--------------------------------------------------------------------------------
1 | [supervisord]
2 | nodaemon=true
3 | 


--------------------------------------------------------------------------------
/scripts/reprepro-import.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | BASEDIR=/var/lib/reprepro
 4 | INCOMING=/docker/incoming
 5 | OUTDIR=/repository/debian
 6 | 
 7 | #
 8 | # Make sure we're in the apt/ directory
 9 | #
10 | cd $INCOMING
11 | cd ..
12 | 
13 | #set -x
14 | reprepro -V --basedir $BASEDIR --outdir $OUTDIR createsymlinks stable
15 | reprepro -V --basedir $BASEDIR --outdir $OUTDIR createsymlinks jessie
16 | reprepro -V --basedir $BASEDIR --outdir $OUTDIR createsymlinks unstable
17 | reprepro -V --basedir $BASEDIR --outdir $OUTDIR createsymlinks sid
18 | #
19 | #  See if we found any new packages
20 | #
21 | found=0
22 | for i in $INCOMING/*.changes; do
23 |   if [ -e $i ]; then
24 |     found=`expr $found + 1`
25 |   fi
26 | done
27 | #
28 | #  If we found none then exit
29 | #
30 | if [ "$found" -lt 1 ]; then
31 |    exit
32 | fi
33 | 
34 | 
35 | #
36 | #  Now import each new package that we *did* find
37 | #
38 | for i in $INCOMING/*.changes; do
39 | 
40 |   # Import package to 'sarge' distribution.
41 |   reprepro -V --basedir $BASEDIR \
42 |           --keepunreferencedfiles \
43 |           --outdir $OUTDIR include unstable $i
44 | 
45 |   # Delete the referenced files
46 |   sed '1,/Files:/d' $i | sed '/BEGIN PGP SIGNATURE/,$d' \
47 |        | while read MD SIZE SECTION PRIORITY NAME; do
48 |         
49 |       if [ -z "$NAME" ]; then
50 |            continue
51 |       fi
52 | 
53 | 
54 |       #
55 |       #  Delete the referenced file
56 |       #
57 |       if [ -f "$INCOMING/$NAME" ]; then
58 |           rm "$INCOMING/$NAME"  || exit 1
59 |       fi
60 |   done
61 | 
62 |   # Finally delete the .changes file itself.
63 |   rm  $i
64 | done
65 | chown -R www-data:www-data $OUTDIR
66 | 


--------------------------------------------------------------------------------
/scripts/start.sh:
--------------------------------------------------------------------------------
 1 | #!/bin/sh
 2 | 
 3 | # Many thanks to John Fink <john.fink@gmail.com> for the 
 4 | # inspiration and to his great work on docker-wordpress' 
 5 | 
 6 | # reset root password
 7 | 
 8 | # let's create a user to SSH into
 9 | SSH_USERPASS=`pwgen -c -n -1 8`
10 | mkdir /home/user
11 | useradd -d /home/user -s /bin/bash user
12 | chown -R user /home/user
13 | chown -R user /docker/incoming
14 | 	
15 | echo "user:$SSH_USERPASS" | chpasswd
16 | echo "ssh user password: $SSH_USERPASS"
17 | 
18 | # pre-fill with SSH keys
19 | echo "Pre-loading SSH keys from /docker/keys"
20 | mkdir -p /home/user/.ssh
21 | rm -f /home/user/.ssh/authorized_keys
22 | for key in /docker/keys/*.pub ; do
23 | 	echo "- adding key $key"
24 | 	cat $key >> /home/user/.ssh/authorized_keys
25 | 	printf \\\n >> /home/user/.ssh/authorized_keys
26 | done
27 | chown -R user /home/user/.ssh
28 | 
29 | # load crontab for root
30 | crontab <<EOF
31 | * * * * * /usr/local/sbin/reprepro-import >> /var/log/reprepro.log
32 | EOF
33 | 
34 | # run import once, to create the right directory structure
35 | /usr/local/sbin/reprepro-import
36 | 
37 | supervisord -n
38 | 


--------------------------------------------------------------------------------