HashiCorp provides Debian packages for Vagrant, but they don't provide a repository so you have to download the packages and reinstall them manually every time there's an update. The feature request to add a repository is not a particularly high priority for them, so as a public service I made a repository and set it up at vagrant-deb.linestarve.com.
Originally, I was using Aptly to generate the repository. However, this required downloading and serving the deb package, which was annoying because I have a fairly small disk on my server and the packages were taking up an awful lot of room.
This version generates the repository directly from the HashiCorp releases page and provides redirects to the actual packages. This has a number of benefits:
- I can publish every version of Vagrant, not just the ones that fit on my disk.
- Package files will be downloaded directly from HashiCorp, alleviating concerns about tampering.
- Increased integrity verification: the SHA256 in the
Packagesfile comes directly from their API, and the signature of the
SHA256SUMSfile is now checked against the HashiCorp GPG key.)
The code is intended to be run in a Docker container.
You will need to make a GPG key and export it as
it will be embedded in the generated Docker image.
docker build -t vagrant-deb . docker run --rm -v $(pwd)/public_html/:/app/public_html/ -v $(pwd)/cache/:/app/cache/ vagrant-deb
This will create a
cache/ folder (see below) as well as a
to be served. The
public_html/ folder will also contain
files which should be
included in the Nginx configuration, to publish the repository's pool.
This program creates all of the repository files from scratch, without using any of the usual helper programs. This is because they all expect that you have a package and want to publish it yourself; since I don't want to download the packages this won't work. The documentation on the Debian repository format will probably be very helpful in trying to understand how all of the pieces fit together.
update.sh is the main script, which handles orchestrating all of the various pieces.
It delegates to various Python scripts to actually generate the files,
then handles compressing, signing, and so on.
It avoids touching files that haven't changed, so that they can be cached and
don't need to be re-downloaded.
It has four main steps:
- Create various folders and download
- Update the files for each architecture.
- Update the
Releasefiles for the repository.
index.htmlwith the latest version and update time.
build-packages.py generates a
Packages file for each architecture,
as well as the redirects file for that architecture's
It leans heavily on
releaseinfo.py, which provides various library routines
for extracting information about individual Vagrant versions.
(See the comments in that file for details on each of the functions.)
build-release-checksums.py generates the checksum portion of the
index.tpl is a template for
index.html; it contains various placeholders
envsubst will replace during the update process.