Welcome to the Inedo Forums! Check out the Forums Guide for help getting started.
If you are experiencing any issues with the forum software, please visit the Contact Form on our website and let us know!
Debian feed instructions are incorrect
-
The Debian feed client configuration currently is shown as follows:
Client Configuration
In order to actually install packages from ProGet, each client must perform the following steps:
1. Add the signing key
To add the key to apt, run the following commands:wget -O "deb.gpg" http://{proget-server}/debian-feeds/{feed-name}.pub && sudo apt-key add "{feed-name}.gpg"
echo "deb http://{proget-server}/ {feed-name} {component-name}" | sudo tee /etc/apt/sources.list.d/{proget-deb}.list
Only the first command is used to add the key - the second command adds the repository to the system.
It should read something along the lines of this (kept the info about the two commands in one line - didn't seem to flow well with it on one command each):
1. Add the signing key and repository information
To add the repository information and signing key to your system, run the following commands:wget -O "deb.gpg" http://{proget-server}/debian-feeds/{feed-name}.pub && sudo apt-key add "{feed-name}.gpg"
echo "deb http://{proget-server}/ {feed-name} {component-name}" | sudo tee /etc/apt/sources.list.d/{proget-deb}.list
...
2. Update apt
In order to actually install packages from a ProGet feed, the package cache must be updated by running:sudo apt update
-
Thanks for letting us know @hwittenborn! That wasn't very clear that it was two separate commands....
I updated the docs to hopefully be clearer, and break out these into three steps.
-
Thanks!
On a side note, it looks like the
wget
command for the key saves the file todeb.gpg
, but theadd-apt
command uses{feed-name}.gpg
. If I'm not mistaken,add-apt
should read fromdeb.gpg
then, right?I'm also seeing this being used, which prints to
stdout
, pipes to theapt-key
command, and then tellsapt-key
to read fromstdin
, thus avoiding the need to write to a file at all:wget -qO http://{proget-server}/debian-feeds/{feed-name}.pub | sudo apt-key add -
If it can influence any changes in the future, there's also this note in the manual for
apt-key
:Note: Instead of using this command a keyring should be placed directly in the /etc/apt/trusted.gpg.d/ directory with a descriptive name and either "gpg" or "asc" as file extension.
If you were to go that route, the file would probably be placed like so (ideally with the
.asc
extension, as ProGet's keys are ASCII-armored):/etc/apt/trusted.gpg.d/{feed-name}.asc
-
Great, thanks @hwittenborn -- where's pull requests for our docs when we need it ;)
I'm not familiar enough with Linux or Debian to understand or make the second changes you suggested (I'll leave it to @rhessinger), but I replaced the
wget
command with yours, which avoids creating that file.Cheers!
-
Just noticing it now - it looks like I forgot a hyphen in the wget command right before the URL. It should look like this:
wget -qO - http://{proget-server}/debian-feeds/{feed-name}.pub | sudo apt-key add -
The previous command returns an error saying a URL wasn't specified, as I'm pretty sure
wget
is interpretinghttp://{proget-server}/debian-feeds/{feed-name}.pub
as the output file.
Also - were you saying there was a place to submit PRs for stuff like this?
-
Hi @hwittenborn,
I recently ran into similar problems in the latest version of apt on Ubuntu. This didn't actually seem to be an issue in the older versions of apt. I determined that naming is very important when using Debian and this is how I was able to get this to work:
wget -O "{feed-name}.gpg" http://{proget-server}/debian-feeds/{feed-name}.pub && sudo apt-key add "{feed-name}.gpg" echo "deb http://{proget-server}/ {feed-name} {component-name}" | sudo tee /etc/apt/sources.list.d/{feed-name}.list
Basically, I had to add download the pub as a
{feed-name}.gpg
then add that key to apt. Then when registering it in thesources.list.d
I had to name it{feed-name}.list
. In my experience, if they are not all named the same way, when you try to runsudo apt update
you will get a bunch of warnings and the packages will never actually show up as available to install.I'm not sure if this is the same thing you were seeing, but I was waiting on a couple of customers to confirm that running the commands this way it all worked before updating the documentation.
My guess is that using
wget -qO - http://{proget-server}/debian-feeds/{feed-name}.pub | sudo apt-key add -
, it added the key with the name of{feed-name}.gpg
or whatever extensions apt converts it to. When you ranecho "deb http://{proget-server}/ {feed-name} {component-name}" | sudo tee /etc/apt/sources.list.d/{proget-deb}.list
what did your use of{proget-deb}.list
? Was it your feed name?Thanks,
Rich
-
Hi!
determined that naming is very important when using Debian and this is how I was able to get this to work:
wget -O "{feed-name}.gpg" http://{proget-server}/debian-feeds/{feed-name}.pub && sudo apt-key add "{feed-name}.gpg"
Are you saying the file fails to get added if you save it under the filename
{feed-name}.pub
?
My guess is that using wget -qO -
http://{proget-server}/debian-feeds/{feed-name}.pub | sudo apt-key add -
, it added the key with the name of{feed-name}.gpg
or whatever extensions apt converts it to.This adds the key in the ASCII-formatted version (which is what ProGet is using), which is just a base64-encoded version of a binary GPG key.
When using pipes (the
|
symbol in the above command), the filename doesn't get sent to theapt-key
command, only the output of the previous command does, here being the content of the remote filewget
downloaded.apt-key
supports ASCII-formatted keys though (again, which ProGet is using), so it has no problem adding it.I imagine GPG, which APT uses for keys, is handling checking or converting the content of the key when necessary.
When you ran
echo "deb http://{proget-server}/ {feed-name} {component-name}" | sudo tee /etc/apt/sources.list.d/{proget-deb}.list
what did your use of {proget-deb}.list? Was it your feed name?Yep, that just saves to the feed name.
In the
tee
command, it should readsudo tee /etc/apt/sources.list.d/{feed-name}.list
though.More specifically, it'll create a file at
/etc/apt/sources.list.d/{feed-name}.list
that containsdeb http://{proget-server}/ {feed-name} {component-name}
.
Hope that helps! Let me know if you need any clarification.
-
Hi @hwittenborn,
Thanks for the extra information. It is very much appreciated!
Are you saying the file fails to get added if you save it under the filename
{feed-name}.pub
?I actually used it as a gpg file extension, but honestly, your solution much better. The file extension doesn't actually matter that much. Once it is added using apt-key, it just extract to contents and stores them in their keyring. You can see this by running
sudo apt-key list
.I was more stating that in order for it to work for me on Ubuntu 20.04, I had to have everything named as the lowercase feed name in order for it to work for me. Although, I'm not sure if the lower case part matters. For example, for a feed name
defaultdebian
, I ran this:wget -qO - http://proget.localhost/debian-feeds/defaultdebian.pub | sudo apt-key add - echo "deb http://proget.localhost/ defaultdebian main" | sudo tee /etc/apt/sources.list.d/defaultdebian.list sudo apt update
As a test I changed
echo "deb http://proget.localhost/ defaultdebian main" | sudo tee /etc/apt/sources.list.d/defaultdebian.list
to beecho "deb http://proget.localhost/ defaultdebian main" | sudo tee /etc/apt/sources.list.d/proget-defaultdebian.list
and that actually wouldn't work for me. This caused a bunch of warnings when I ran sudo apt update. For some reason this only mattered in newer versions of apt though.All in all, I will update the documentation to correct your command (adding the missing '-' ) and to include the updates to the naming. Hopefully, this will be clearer going forward for other users.
Thanks for all of your help!
Thanks,
Rich