vincent/aptly
1
0
Fork 0
mirror of https://github.com/aptly-dev/aptly.git synced 2026-04-20 19:38:39 +00:00
Code Issues Projects Releases Wiki Activity

update

Browse Source
This commit is contained in:
André Roth
2024-11-02 18:09:43 +01:00
parent c055611914
commit 8f8de4bd29
17 changed files with 107 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
docs/Publish.md
View File

@@ -1,10 +1,7 @@
# Aptly Publish Points
<div>
Publish snapshot or local repo as Debian repository which could be
served by HTTP/FTP/rsync server. Repository is signed by user's key with
GnuPG. Key should be created beforehand (see section GPG Keys below).
Published repository could be consumed directly by apt.
Publish snapshot or local repo as Debian repository which could be served by HTTP/FTP/rsync server. Repository is signed by user's key with GnuPG. Key should be created beforehand (see section GPG Keys below). Published repository could be consumed directly by apt.
Repositories could be published to Amazon S3 service: create bucket,
[configure publishing endpoint](/doc/feature/s3/) and use S3 endpoint when
@@ -13,25 +10,17 @@ publishing.
#### GPG Keys
GPG key is required to sign any published repository. Key should be
generated before publishing first repository.
GPG key is required to sign any published repository. Key should be generated before publishing first repository.
Key generation, storage, backup and revocation is out of scope of this
document, there are many tutorials available, e.g. [this one](http://fedoraproject.org/wiki/Creating_GPG_Keys).
Key generation, storage, backup and revocation is out of scope of this document, there are many tutorials available, e.g. [this one](http://fedoraproject.org/wiki/Creating_GPG_Keys).
Publiс part of the key should be exported from your keyring using `gpg --export --armor` and
imported into apt keyring using `apt-key` tool on all machines that would be using published
repositories.
Publiс part of the key should be exported from your keyring using `gpg --export --armor` and imported into apt keyring using `apt-key` tool on all machines that would be using published repositories.
Signing releases is highly recommended, but if you want to skip it, you
can either use `gpgDisableSign` configuration option or `--skip-signing`
flag.
Signing releases is highly recommended, but if you want to skip it, you can either use `gpgDisableSign` configuration option or `--skip-signing` flag.
#### Parameters
Publish APIs use following convention to identify published repositories: `/api/publish/:prefix/:distribution`.
`:distribution` is distribution name, while `:prefix` is `[<storage>:]<prefix>` (storage is optional, it defaults
to empty string), if publishing prefix contains slashes `/`, they should be replaced with underscores (`_`) and underscores
Publish APIs use following convention to identify published repositories: `/api/publish/:prefix/:distribution`. `:distribution` is distribution name, while `:prefix` is `[<storage>:]<prefix>` (storage is optional, it defaults to empty string), if publishing prefix contains slashes `/`, they should be replaced with underscores (`_`) and underscores
should be replaced with double underscore (`__`). To specify root `:prefix`, use `:.`, as `.` is ambigious in URLs.
</div>