Stable releases are signed by both the ftp-master automatic archive signing key in use at the time of the release, and a per-release stable key.
hm, so they sign by both keys at once
simple key rotation is easy, you just need to make sure consumers have your new key
I don't think signing with two keys gives any benefit to key rotation procedure
hello, I'm having a bit of a hassle with aptly here
We use aptly in office
where there is no ipv6
I tried -listen="0.0.0.0:80" but still the connection is refused
I tried -listen="192.168.178.17:80" (so with the internal ip of the lxc) but with the same result
I could not find any switch or config option so I thought I ask here to ask what's wrong
anybody any ideas?
this is happening for aptly aptly-api
so both systemd services
okay I am truly sorry ... the problem was completely independent from aptly
thanks for that fine piece of software
Hello everybody. Maybe somebody know why I can't find software in Ubuntu Software (gnome-software) from new repository. I have repo with some packages, but I can't install this packages from gnome-software.
Jason "Manbeard" Al-Mansor
is this room still alive? the link to the new one is broken and i was hoping to find out what's going on with development and the next release.
hi guys, a fresher for aptly, super tool for ubuntu.thanks.
any best practise of aptly for multi-prod lines?
I know this issue must have be mentioned several times before, but ...
Generating metadata files and linking package files will take about 4 hours
Is it possible to do these actions with multi-threading?
hello the debian repo signing key seems expired
The following signatures were invalid: EXPKEYSIG ED75B5A4483DA07C Andrey Smirnov email@example.com
Hi! is there any way with aptly to mirror a remote repo, and then add my own packages? I can mirror but the only option I see is "update". But I don't want to import again the updates, I want to add my own new packages and do not import anymore updates from mirror.
you could add other repo to the host
second repo with packages managed by you
dont think you can mix it like that
but not sure maybe someone else knows
didnot have that use case
Good day everybody. I would like to mirror a repository, and pull any updated packages every day, but keep the history (e.g. older files) in my mirror somehow
what's the best way to do that?
can aptly tell me which files in the upstream repo have changed, and then I can copy the local versions to "safety" before pulling updates?
Hi all, I've been trying to set up aptly for internal use in our organisation. I think I had something working a while ago, but setting up for production now yields: "E: The repository 'http://<ip-address>:8000 stretch InRelease' provides only weak security information." when running apt update, and I'm having a hard time figuring out why that message is shown. Can someone point me in the right direction?
Nevermind, my architectures list got mangeled up ([ i386 ", "x64] instead of [ i386,x64]). Apparently this yields rather ominous error messages.
Hello, I was hoping to get some help regarding publishing..