RETIRED, Collection of common tools for the Airship projects
Go to file
2018-10-24 14:21:09 -07:00
assets Add shellcheck 2018-10-24 11:43:05 -07:00
tools Add tests target 2018-10-24 14:21:09 -07:00
Dockerfile Add hadolint 2018-10-24 11:46:45 -07:00
LICENSE Initial commit 2016-02-02 02:26:59 -08:00
Makefile Add tests target 2018-10-24 14:21:09 -07:00
NOTICE Little fix after merge 2018-09-14 00:56:38 +03:00
README.md Update readme 2018-10-23 14:54:39 -07:00
Vagrantfile Alternative cmd for nginx only 2018-10-24 08:35:02 -07:00

docker-aptly

Features

  • Packages are downloaded during the docker image build
  • GPG keys for signature may be generated during the docker image build or existing ones are used
  • Nginx blacklist support at runtime

Quickstart

The main difference with the upstream repo is packages saved inside a docker image. During the image building /opt/update_mirror_ubuntu.sh is called to create mirrors, update them, merge all in one snapshot and publish it. By default, a new GPG key is generated for making a signature for repo.

There are two modes: filtered build that fetches only packages specified in assets/packages and unfiltered build that fetches all packages. The filtered build is used by default.

To fetch all packages the following command can be used:

git clone https://github.com/urpylka/docker-aptly.git
docker build docker-aptly --build-arg MODE=all

By default GPG key for making package signature are generated during the build. You may configure GPG key params via build arguments: FULL_NAME, EMAIL_ADDRESS, and GPG_PASSWORD, like:

docker build docker-aptly \
  --build-arg FULL_NAME="First Last" \
  --build-arg EMAIL_ADDRESS="youremail@example.com" \
  --build-arg GPG_PASSWORD="PickAPassword"

If you have a GPG key already you can put private and public key in assets/gpg dir. Keys must have special names: aptly.sec and aptly.pub For example:

cp <my private key> docker-aptly/assets/gpg/aptly.sec
cp <my public key> docker-aptly/assets/gpg/aptly.pub

docker build docker-aptly \
  --build-arg GPG_PASSWORD="GPG passphrase for my private key"

To use the Nginx blacklist feature a volume with Nginx config has to be mounted at runtime. By default, the following keywords are blocked: telnet, ftp. If no volume is mounted then no blacklist will be used.

docker run \
  --name aptly \
  --detach \
  --publish 8080:80 \
  --volume $(pwd)/assets/nginx:/opt/nginx \
  aptly:test

For additional docs see https://github.com/amadev/docker-aptly

  • Copyright 2018 Artem B. Smirnov
  • Copyright 2016 Bryan J. Hong
  • Licensed under the Apache License, Version 2.0