towc/.aptly.conf

## .aptly.conf
{
  "rootDir": "/root/.aptly",
  "downloadConcurrency": 4,
  "downloadSpeedLimit": 0,
  "architectures": [],
  "dependencyFollowSuggests": false,
  "dependencyFollowRecommends": false,
  "dependencyFollowAllVariants": false,
  "dependencyFollowSource": false,
  "dependencyVerboseResolve": false,
  "gpgDisableSign": false,
  "gpgDisableVerify": false,
  "gpgProvider": "gpg",
  "downloadSourcePackages": false,
  "skipLegacyPool": true,
  "ppaDistributorID": "ubuntu",
  "ppaCodename": "",
  "skipContentsPublishing": false,
  "FileSystemPublishEndpoints": {},
  "S3PublishEndpoints": {
    "%%BUCKET%%": {
      "region": "%%REGION%%",
      "bucket": "%%BUCKET%%"
    }
  },
  "SwiftPublishEndpoints": {}
}

## README.md

      
    Raw
  

              README.md
            
          
    arguments needed:
AWS_BUCKET
AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
GPG_KEY
GPG_PASSPHRASE

optional envs:
AWS_REGION=eu-central-1

volumes needed:
./repo:/repo
./keys:/keys

for development, you might want
./src:/src

you MUST put your private+public key in the docker (yes, with the passphrase and ID in the env variables too)
# find which key you might want to use
gpg --list-secret-keys
# copy the large hex as ID
gpg --export ID > keys/public
gpg --export-secret-keys ID > keys/private

It is recommended you create keys just for this purpose (gpg --gen-key)

  
## Dockerfile
FROM debian:buster

ENV DEBIAN_FRONTEND noninteractive

RUN apt-get update
RUN apt-get install -y aptly
RUN apt-get install -y apt-transport-s3
RUN apt-get install -y gnupg1

RUN mkdir /root/.gnupg
COPY ./src /src

ENV AWS_REGION eu-central-1

WORKDIR src
CMD ./publish

## publish
#!/bin/bash

set -o xtrace

# setup gpg
gpg1 --import /keys/private

# setup aptly config

cp /src/.aptly.conf /root/.aptly.conf
sed -i "s/%%BUCKET%%/$AWS_BUCKET/" /root/.aptly.conf
sed -i "s/%%REGION%%/$AWS_REGION/" /root/.aptly.conf

# use aptly

aptly repo create aptly-repo
aptly repo edit -distribution=buster aptly-repo
aptly repo add aptly-repo /repo/*.deb
aptly snapshot create aptly-snap from repo aptly-repo
aptly publish snapshot -distribution=buster -gpg-key=$GPG_KEY -passphrase=$GPG_PASSPHRASE aptly-snap s3:$AWS_BUCKET:
	{
	"rootDir": "/root/.aptly",
	"downloadConcurrency": 4,
	"downloadSpeedLimit": 0,
	"architectures": [],
	"dependencyFollowSuggests": false,
	"dependencyFollowRecommends": false,
	"dependencyFollowAllVariants": false,
	"dependencyFollowSource": false,
	"dependencyVerboseResolve": false,
	"gpgDisableSign": false,
	"gpgDisableVerify": false,
	"gpgProvider": "gpg",
	"downloadSourcePackages": false,
	"skipLegacyPool": true,
	"ppaDistributorID": "ubuntu",
	"ppaCodename": "",
	"skipContentsPublishing": false,
	"FileSystemPublishEndpoints": {},
	"S3PublishEndpoints": {
	"%%BUCKET%%": {
	"region": "%%REGION%%",
	"bucket": "%%BUCKET%%"
	}
	},
	"SwiftPublishEndpoints": {}
	}
	FROM debian:buster

	ENV DEBIAN_FRONTEND noninteractive

	RUN apt-get update
	RUN apt-get install -y aptly
	RUN apt-get install -y apt-transport-s3
	RUN apt-get install -y gnupg1

	RUN mkdir /root/.gnupg
	COPY ./src /src

	ENV AWS_REGION eu-central-1

	WORKDIR src
	CMD ./publish
	#!/bin/bash

	set -o xtrace

	# setup gpg
	gpg1 --import /keys/private

	# setup aptly config

	cp /src/.aptly.conf /root/.aptly.conf
	sed -i "s/%%BUCKET%%/$AWS_BUCKET/" /root/.aptly.conf
	sed -i "s/%%REGION%%/$AWS_REGION/" /root/.aptly.conf

	# use aptly

	aptly repo create aptly-repo
	aptly repo edit -distribution=buster aptly-repo
	aptly repo add aptly-repo /repo/*.deb
	aptly snapshot create aptly-snap from repo aptly-repo
	aptly publish snapshot -distribution=buster -gpg-key=$GPG_KEY -passphrase=$GPG_PASSPHRASE aptly-snap s3:$AWS_BUCKET: