We first create the archive configuration file archive.conf. We store everything in a single directoy. Lets call this directory debian/. Into this directory we place the configuration file:
Dir {
ArchiveDir ".";
}
BinDirectory "." {
Packages "Packages";
Sources "Sources";
Contents "Contents-i386";
}
APT::FTPArchive::Release {
Origin "SENF";
Architectures "i386";
Description "SENF debian repository. See http://senf.berlios.de";
}
The next step is to create a GnuPG configuration to sign the repository. For this purpose, we create a special gnupg directory in gnupg/ next to debian/.
$ mkdir gnupg $ gpg --homedir gnupg --gen-key $ gpg --homedir gnupg --export --armor >debian/archive.key
We give the GnuPG some unique name and email address which is easily associated with the repository.
The last step is to create the update.sh script in the debian/ directory which will update the repository meta-data.
#!/bin/sh cd "`dirname "$0"`" apt-ftparchive generate archive.conf rm -f Release* apt-ftparchive -c archive.conf release . >Release.new mv Release.new Release gpg --homedir ~/gnupg --detach-sign --armor --output Release.gpg Release
That's it. The repository can now be accessed by adding the following lines to the /etc/apt/sources.list file.
deb http://url.to/repo/debian/ ./ deb-src http://url.to/repo/debian/ ./
To install the archive key into the list of trusted apt keys (and thereby stop apt from continually asking, wether it should install those untrusted packages), do the following:
$ wget http://url.to/repo/debian/archive.key $ aot-key add archive.key
To verify the key, you can import it into gpg and check the fingerprint.