Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
Sean
@seaninspace
@smira thanks, that's what I figured but I just wanted to be sure
Ludea
@Ludea
Hello, there is an issue when downloading aptly
GPG error: http://repo.aptly.info squeeze InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY ED75B5A4483DA07C
Andrey Smirnov
@smira
@Ludea previous key got expired, so you need to obtain and install new key as described on the download page (https://www.aptly.info/download/)
Ludea
@Ludea
Ok, thanks for your answers, it's working !
Denis Brækhus
@denisbr
If I want to remove packageX-3.0.0.deb from a published repository, what are the steps required to do so?
publish drop
snapshot drop
then?
Denis Brækhus
@denisbr
@smira I appreciate the effort you have put into aptly, and I'd like to provide some honest feedback on how to improve it
In order for it to provide less confused users, I do think the output of commands like "aptly publish list" should provide a lot better information about what the various bits are
Instead of : "debian/trusty (origin: repo.varnish-software.com) [all, amd64, i386, source] publishes {non-free: [trusty-non-free_2018-04-03T11:55:38]: Snapshot from local repo [trusty-non-free]}"
It could be something like: "prefix: debian distro: trusty (origin: repo.varnish-software.com) components: [all, amd64, i386, source] publishes {repo: non-free: [snapshot: ...
or even better, not in a long line, but on multiple lines
because as a newb to aptly, wrapping your head around what the various parts of the commands are supposed to be is very non-intuitive
and it's not very well documented either, which wouldn't be so bad if the CLI gave more info
Andrey Smirnov
@smira

@denisbr

If I want to remove packageX-3.0.0.deb from a published repository, what are the steps required to do so?

you would need to drop package from whatever is being published (snapshot/repo), if that's it snapshot you need to modify snapshot source and create new snapshot, after that depending on snapshot/repo you can do aptly publish switch or aptly publish update

@denisbr PRs are really welcome on that, probably better if that is optional (like -v flag)
Denis Brækhus
@denisbr
thanks
@smira yeah, an optional verbose output would be nice
I'll have a look and see if my skills are up to it
Jason "Manbeard" Al-Mansor
@jalmansor
i have a question. i’ve been working on setting up aptly with multi-component publishing to create distro/env repos (trusty-test, trusty-stage, etc…) and publish those to s3. i’ve got this working great publishing to different prefixes, but i’m curious if it’s possible to use the distro as the distro/env switch instead of a prefix and publish everything to the same endpoint/prefix?
Augusto Campos
@augcampos
Hi there from Portugal, Is there a Admin tool for Aptly?
Andrey Smirnov
@smira
@augcampos hi Augusto, there's a list of tools here: https://www.aptly.info/doc/integrations/
Jason "Manbeard" Al-Mansor
@jalmansor
@smira does my question make any sense? i realize it might not have been terribly clear.
Andrey Smirnov
@smira
@jalmansor sorry missed your question
yes, you can use different distributions under common prefix, the only limitation is that there should be no conflicting packages between distributions, as they all would share common package pool
so pros: common package pool, so if two or more distributions share same package, it will be stored only once in the package pool (less S3 storage, less upload bandwidth for you)
cons: if there's a package with same name, arch and version in two distributions but package files are different, on publishing this would lead to a race between two distributions for the same package file path. aptly would complain and abort publish if that condition is detected
Jason "Manbeard" Al-Mansor
@jalmansor
exactly what i needed to know! i’ve currently got a salt state running to publish all of them now, so i’ll have to see in the morning if anything failed. thanks for the info!
Jason "Manbeard" Al-Mansor
@jalmansor
@smira welp, that didn’t take long. oh well, it was worth a shot
Renato Marinho
@renatomarinho
This message was deleted
Ludea
@Ludea
Hello,
What is the way to sign package with gpg?
With debian? Gnupg gnupg2? ( i use latest version, 1.3.0)
I have gnupg1 key, but doesn't work
Ludea
@Ludea
I fix it, I have to use gpg1 command, not gpg command
Ivan Kurnosov
@zerkms
has anybody come with a strategy to rotate gpg keys?
Andrey Smirnov
@smira
This might be of some help https://ftp-master.debian.org/keys.html
Ivan Kurnosov
@zerkms
Thanks
Stable releases are signed by both the ftp-master automatic archive signing key in use at the time of the release, and a per-release stable key.
Ivan Kurnosov
@zerkms
hm, so they sign by both keys at once
Andrey Smirnov
@smira
simple key rotation is easy, you just need to make sure consumers have your new key
I don't think signing with two keys gives any benefit to key rotation procedure
Ivan Kurnosov
@zerkms
yep, maybe
eri!
@eri451
hello, I'm having a bit of a hassle with aptly here
We use aptly in office
where there is no ipv6
I tried -listen="0.0.0.0:80" but still the connection is refused
I tried -listen="192.168.178.17:80" (so with the internal ip of the lxc) but with the same result