Creating Your Own Debian Package Mirror for Use With Apt

Creating a Debian mirror is fairly easy using the debmirror command. In this article, I'll take you step-by-step through the process, including showing you how to configure the mirror server for use over FTP or HTTP/HTTPS. Note: The following was tested under Debian Sarge (stable).

Installation

First, we install debmirror and gnupg, if the latter is not already installed. When I initially tried to get this working, I ran into problems trying to use debmirror, without having imported the Debian master archive signing key - the quickest solution was to just import the public key into my GPG keyring. Note that this does not imply that you trust the key (in the GPG sense), it just imports it so the debmirror script will run.

apt-get install debmirror gnupg

Import the Debian master archive signing key:

gpg --recv-keys 2D230C5F

OR

wget http://ftp-master.debian.org/ziyi_key_2006.asc

then import this key into your keyring with

gpg --import ziyi_key_2006.asc

Building the Mirror

You'll need about 9GB of space for the full i386 sarge archive, all distributions (contrib, main, and non-free). Note that this does not include any source packages. Here is the command syntax: debmirror -v -a i386 -h ftp.us.debian.org -d sarge /path/to/mirror --nosource --progress Where /path/to/mirror is the path on your server where the mirror is going to be housed.

Archive Access Methods

Apache v1 Edit /etc/apache/httpd.conf or /etc/apache-ssl/httpd.conf:

Alias /debian /path/to/mirror


order deny,allow
deny from all
allow from all
Options Indexes FollowSymLinks MultiViews

Apache v2 Edit /etc/apache2/apache2.conf (Apache v2 does not have a separate SSL directory for config files, just an ssl.conf in /etc/apache2. See Setting up an SSL Server with Apache2 if you need it).

Alias /path/to/mirror "/debian/"


AllowOverride FileInfo AuthConfig Limit
Options Indexes SymLinksIfOwnerMatch IncludesNoExec

FTP Install vsftpd on the apt server:

apt-get install vsftpd

Change the home directory of the "ftp" user to /path/to/mirror using the vipw command.

ftp:x:108:65534::/path/to/mirror:/bin/false

The vsftp installation is automatically anonymous-ftp enabled on Debian, so you don't have to do anything else to get apt-get to work with this FTP setup. Then, put the following in your client's /etc/apt/sources.list: deb http(s)://debian/ sarge main contrib non-free OR deb ftp:// sarge main contrib non-free Then run apt-get update apt-get dist-upgrade You can re-run the above debmirror command from cron to automatically update the mirror however often you like. Make sure to use the Debian mirror list. Cron sample - this updates the mirror every morning at 2AM:
0 2 * * * debmirror -v -a i386 -h ftp.us.debian.org -e ftp --passive -d sarge /opt/debian --nosource --progress > /dev/null 2>&1