On Fri, 2 Aug 2024, daggs wrote:
Greetings,
I'm working on an automated Debian installation without network access.
I've discovered the --make-tarball and --unpack-tarball switches which I use to
create the tarball and use it as repo.
the initial deployment is this: debootstrap --arch amd64 --unpack-tarball
/tmp/debs.tar.gz stable /mnt
which installs the base pkgs however debs.tar.gz holds other deb files which I
want to install when within the chroot.
I looked at the /mnt after the initial deployment and I see that there are
files that might help me in /var/cache/apt/archives/ and /var/lib/apt/lists/.
so I was wondering, is there a way to use these files to create a valid local
repo and use it to install the pkgs I've prepared using the --make-tarball
switch.
is there a standard way to do it which I've might have missed while looking
online?
Here's an outline of how I do it - which you might be able to modify for
your use case:
# Download everything I need.
rm -f "${APT_WORK}"/archives/*.deb
APT_CONFIG=${APT_CONFIG} \
DEBIAN_FRONTEND=noninteractive \
apt-get -q -y --allow-unauthenticated install -d \
-o APT::Install-Recommends=false \
"$@"
#$@ is a list of debs I download - I guess this matches your tarball.
#Set up a local repo for use inside the chroot of everything we downloaded in
phase 1
mkdir -p "${BUILDCHROOT}/.repo/dists/${DIST}/main/binary-${ARCH}/"
mkdir -p "${BUILDCHROOT}/.repo/pool"
mkdir -p "${BUILDCHROOT}/.repo/sim"
aptftp-conf()
{
cat <<CATEOF
APT::FTPArchive::Release {
Origin "local debs";
Label "local debs";
Suite "stable";
Codename "${DIST}";
Architectures "${ARCH}";
Components "main";
Description "Debs for local installing";
};
CATEOF
}
HOME=${BUILDCHROOT}/.repo/sim gpg --full-generate-key --batch < <( cat <<CATEOF
%no-protection
Key-Type: RSA
Key-Length: 4096
Key-Usage: sign
Name-Real: Temporary Debian Repo signing key
Name-Email: debianu...@woodall.me.uk
Expire-Date: 0
%commit
CATEOF
)
mount -o bind "${APT_WORK}/archives/" "${BUILDCHROOT}/.repo/pool"
( cd "${BUILDCHROOT}/.repo" && apt-ftparchive packages -c=<( aptftp-conf ) pool
>"dists/${DIST}/main/binary-${ARCH}/Packages" )
xz -c "${BUILDCHROOT}/.repo/dists/${DIST}/main/binary-${ARCH}/Packages"
>"${BUILDCHROOT}/.repo/dists/${DIST}/main/binary-${ARCH}/Packages.xz"
apt-ftparchive release -c=<( aptftp-conf ) "${BUILDCHROOT}/.repo/dists/${DIST}/"
>"${BUILDCHROOT}/.repo/dists/${DIST}/Release"
# Reading through this now I'm not absolutely sure that those hoops I
# jump throught to sign the repo are needed...
# I now chroot into ${BUILDCHROOT} where the essential packages are
# already unpacked and installed in my workflow. I guess this point is
# simliar to the end of your --unpack-tarball step.
cat <<CATEOF >"/etc/apt/sources.list.d/${DIST}.sources"
Types: deb
URIs: file:/.repo
Suites: ${DIST}
Components: main
CATEOF
# Not sure why I have that proxy bit in here either. I think I'm
# installing from a file repo...
#Now we install the remaining required packages and cleanup
apt-get -o Acquire::http::Proxy="http://localhost:3128/"; \
-o APT::Get::AllowUnauthenticated=yes \
-o Acquire::AllowInsecureRepositories=yes \
update
apt-get -o Acquire::http::Proxy="http://localhost:3128/"; \
-o APT::Install-Recommends=false \
-o Dpkg::Options::="--force-confdef" \
-o Dpkg::Options::="--force-confold" \
--allow-unauthenticated -y \
install bootstrap-required </dev/null
# bootstrap-required is a local package I have that just depends on
# everything I want to install.
I've left out a lot of detail here but hopefully this is enough to get
you started if you want to go the apt-ftparchive route.
Tim.
