Skip to content

Commit

Permalink
Update APT configuration to conform with newer deb882 format
Browse files Browse the repository at this point in the history 
This updates our APT source definitions to use the newer deb882 format
and renames `/etc/apt/sources.list` to `/etc/apt/sources.list.dist` if it
exists to avoid duplicate warnings when running commands.

In addition, this also removes the use of `apt-key` in favour of storing
the signing key for our repository in `/etc/apt/keyrings` (which will be
created if this doesn't exist) and pointing at that via `Signed-By` in
the sources, removing deprecation warnings from `apt-key`.

See: #87
  • Loading branch information
@sagepe
sagepe committed Dec 5, 2023
1 parent cde14de commit 70e8d36
Show file tree
Hide file tree
Showing 2 changed files with 58 additions and 26 deletions.
42 changes: 29 additions & 13 deletions bin/install-site.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,23 +157,34 @@ update_apt_sources() {
notice_msg "Unsupported distribution and version combination $DISTRIBUTION $DISTVERSION"
;;
esac
# Install the basic packages we require:
cat > /etc/apt/sources.list.d/mysociety-extra.list <<EOF
# Install the basic packages we require, backing up any old sources.list
[ -f /etc/apt/sources.list ] && mv /etc/apt/sources.list /etc/apt/sources.list.dist
cat > /etc/apt/sources.list.d/debian.sources <<EOF
# Debian mirror to use, including contrib and non-free:
deb http://mirror.mythic-beasts.com/debian/ ${DISTVERSION} main contrib non-free
deb-src http://mirror.mythic-beasts.com/debian/ ${DISTVERSION} main contrib non-free
Types: deb deb-src
URIs: http://deb.debian.org/debian
Suites: ${DISTVERSION} ${DISTVERSION}-updates
Components: main contrib non-free
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
# Security Updates:
deb http://security.debian.org/debian-security ${SECURITY} main contrib non-free
deb-src http://security.debian.org/debian-security ${SECURITY} main contrib non-free
Types: deb deb-src
URIs: http://deb.debian.org/debian-security
Suites: $SECURITY
Components: main contrib non-free
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
EOF
if [ x"$BACKPORTS" = x"true" ]
then
cat >> /etc/apt/sources.list.d/mysociety-extra.list <<EOF
cat >> /etc/apt/sources.list.d/debian.sources <<EOF
# Debian Backports
deb http://http.debian.net/debian ${DISTVERSION}-backports main contrib non-free
deb-src http://http.debian.net/debian ${DISTVERSION}-backports main contrib non-free
Types: deb deb-src
URIs: http://deb.debian.org/debian
Suites: ${DISTVERSION}-backports
Components: main contrib non-free
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
EOF
fi
else
Expand All @@ -190,11 +201,16 @@ update_mysociety_apt_sources() {
# Try and select the most appropritate ones for Ubuntu.
case "$DISTVERSION" in
focal|jammy|buster|bullseye|bookworm)
cat > /etc/apt/sources.list.d/mysociety-debian.list <<EOF
deb http://debian.mysociety.org $DISTVERSION main
EOF
cat > /etc/apt/sources.list.d/mysociety.sources <<EOF
Types: deb
URIs: http://debian.mysociety.org
Suites: $DISTVERSION
Components: main
Signed-By: /etc/apt/keyrings/mysociety.asc
curl -s https://debian.mysociety.org/debian.mysociety.org.gpg.key | sudo apt-key add -
EOF
mkdir -p /etc/apt/keyrings
curl -s https://debian.mysociety.org/debian.mysociety.org.gpg.key -o /etc/apt/keyrings/mysociety.asc
apt-get -qq update
echo $DONE_MSG
;;
Expand Down
42 changes: 29 additions & 13 deletions shlib/installfns
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,23 +157,34 @@ update_apt_sources() {
notice_msg "Unsupported distribution and version combination $DISTRIBUTION $DISTVERSION"
;;
esac
# Install the basic packages we require:
cat > /etc/apt/sources.list.d/mysociety-extra.list <<EOF
# Install the basic packages we require, backing up any old sources.list
[ -f /etc/apt/sources.list ] && mv /etc/apt/sources.list /etc/apt/sources.list.dist
cat > /etc/apt/sources.list.d/debian.sources <<EOF
# Debian mirror to use, including contrib and non-free:
deb http://mirror.mythic-beasts.com/debian/ ${DISTVERSION} main contrib non-free
deb-src http://mirror.mythic-beasts.com/debian/ ${DISTVERSION} main contrib non-free
Types: deb deb-src
URIs: http://deb.debian.org/debian
Suites: ${DISTVERSION} ${DISTVERSION}-updates
Components: main contrib non-free
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
# Security Updates:
deb http://security.debian.org/debian-security ${SECURITY} main contrib non-free
deb-src http://security.debian.org/debian-security ${SECURITY} main contrib non-free
Types: deb deb-src
URIs: http://deb.debian.org/debian-security
Suites: $SECURITY
Components: main contrib non-free
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
EOF
if [ x"$BACKPORTS" = x"true" ]
then
cat >> /etc/apt/sources.list.d/mysociety-extra.list <<EOF
cat >> /etc/apt/sources.list.d/debian.sources <<EOF
# Debian Backports
deb http://http.debian.net/debian ${DISTVERSION}-backports main contrib non-free
deb-src http://http.debian.net/debian ${DISTVERSION}-backports main contrib non-free
Types: deb deb-src
URIs: http://deb.debian.org/debian
Suites: ${DISTVERSION}-backports
Components: main contrib non-free
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
EOF
fi
else
Expand All @@ -190,11 +201,16 @@ update_mysociety_apt_sources() {
# Try and select the most appropritate ones for Ubuntu.
case "$DISTVERSION" in
focal|jammy|buster|bullseye|bookworm)
cat > /etc/apt/sources.list.d/mysociety-debian.list <<EOF
deb http://debian.mysociety.org $DISTVERSION main
EOF
cat > /etc/apt/sources.list.d/mysociety.sources <<EOF
Types: deb
URIs: http://debian.mysociety.org
Suites: $DISTVERSION
Components: main
Signed-By: /etc/apt/keyrings/mysociety.asc
curl -s https://debian.mysociety.org/debian.mysociety.org.gpg.key | sudo apt-key add -
EOF
mkdir -p /etc/apt/keyrings
curl -s https://debian.mysociety.org/debian.mysociety.org.gpg.key -o /etc/apt/keyrings/mysociety.asc
apt-get -qq update
echo $DONE_MSG
;;
Expand Down

0 comments on commit 70e8d36

Please sign in to comment.