RE: Ubuntu 24.04.1 InRelease Problem

@atripp hi,

i already searched the internet and found nothing helpful. this is why i turned to you .
as said, i will start over and try to give you the output.

thanks,
udi

@atripp hi,

will take some time. just to be clear, i had one installation that worked but i wasn't the 1 who installed it i do not know what he did before.
i am starting a from scratch and again, the only permitted network connection to the outside is through the proget server. dns, ntp all is through the local network.
can you simulate my configuration at your network ?
maybe i must allow an initial connection to ubuntu for downloading gpg keys or something like that.

thanks,
udi

@atripp hi,
do you want me to start from the beginning ?
just to let you know that i have upgraded proget to the latest version.

Hi @atripp ,

@ time of writing this post i used the 1 version before the last stable release and today i have noticed that another release was published so i will upgrade to it.

i have followed the given instructions before posting this and i have to say that the same version of ubuntu desktop worked. after reinstalling and connecting the OS only to proget, i can't seem to update the apt and i am always stuck at "InRelease".

thank you very much

Hello,

i have installed ubuntu desktop 24.04.1 on a virtual machine with no internet connection.
dns is allowed and i have configured the apt source to go to the proget server.
proget is connected to the internet and offer http and https and is working.
when i run apt update i get errors about InRelease and it does not update. i have tried importing the feed's gpg key but i am getting an error the proget's generated gpg key is an unsupported filetype and that i do not have the public key.
i have configured the source list of the proget to use the http with [trusted=yes] and i can't still update apt i do not see the package i want. searching proget for the package and i can see it is there and should be compatible to this version of ubuntu. btw, my connector is configured to archive.ubuntu.com

help is appreciated.

Hi @atripp ,
found this config. i remember seeing it and left it checked because the description recommended it for registries like microsoft and for some reason i didn't pay attention to this until i figured out that i need to add "library" prefix.
thank you very much for all the help.

Hi @atripp ,
i have managed to successfully pull an image to proget.
the syntax i used is like: "podman pull xxx:8625/docker/library/ubuntu"
and this i discovered from the podman's response. when i tried looking up the additional "library" in the client setup of the feed or the documentation, i didn't find any thing related to that.
i have tried replacing "library" with something else like "udi" and it didn't work.
i then, tried to download fluent/fluent-id with the syntax "podman pull xxx:8625/docker/library/fluent/fluent-id" and it didn't work. i then deleted the "library" part and it worked.

is this how it is suppose to work ?
images without a prefix will need the "library" prefix ?

thanks

Hi @atripp ,
i have successfully updated to the latest version 2024.19 and get the same error.
i have created a lab in another computer connected directly to the internet (no proxy because i thought that maybe it is blocking something that i can't see) and got the same result. in the lab i used oracle linux 9.4 with podman instead of docker. upon pulling an image directly from docker, the image and the manifest are downloaded correctly.
just to make sure it is possible, i can configure a docker feed and pair up to it docker connectors and it should pull images as proxy like other feeds such as npm, is it ?

thanks

@atripp thank you very much.
will try the update.

thanks

Hello,

i am using proget free v2023.
i have created a container feed and attached him to docker hub connectors according to the urls in docker documentation. the connectors are healthy.
the feed allows anonymous pulling and i have con figured the feed in docker as insecure registry.
when i try pulling an image i always get manifest unknown error with\without doing docker login.
i use a proxy to connect to the internet and i do not see any problem there. other feeds like npm works fine.

10x

Hi @atripp ,

thank you for the info and clarification.

Hello Team,
i have installed the free version and i have created a pypi feed with connector to pypi.org via proget standard configuration.
when i am trying to download a package through proget's pypi proxy i get timeout because the file is being scanned in my internet proxy's icap server.
is there a way to increase any timeout in proget to help me deal with this ? i do not want to disable the AV scanning.

Thank you,
Udi

Hi @atripp ,

thank you very much.

Hello @atripp ,

thank you very much for your answer.
i went through the licensing module for proget free in the documentation and i was under the impression that i can do this configuration, this is why i posted this. what was i missing ?
regarding the vulnerability db, i was able to perform download to the test server i have and it was successful and i want to copy that db to the airgapped server, is it possible ? from the tests i made, i saw vulnerabilities in reference to packages that i have downloaded and it is enough for me for now. i saves me the task of going to the internet and find this info myself.

Hi Alana,

thank you very much. will do.

Hi All,

would appreciate some pro's and com's for each web server.

Thanks,
Udi

hi,
i want to use the free edition in the following configuration:

1. dmz - will connect to internet for external repositories and vulnerability checks and oss and vulnerability db download.
2. lan - will connect to dmz
3. airgapped - will import everything from lan
   what i need to know is:
4. will the lan instance be able to download from the dmz instance (not directly from internet) all the db off the vulnerabilities and scan results ?
5. how can i transfer all the vulnerability db and oss index information to the airgapped server ?
6. if i want to retain all the vulnerability information on packages including scans and oss index and sonatype checks, what is the correct configuration ? should i create a self hosted feed which connect to a feed with a connector to npmjs.org for ex. ?
   Regards,
   Udi