APT Repo with authentication
30 views
Skip to first unread message
Jonas Reindl
Apr 6, 2022, 7:11:51 AM4/6/22
to isar-...@googlegroups.com
Hi everyone,
I now have the usecase that I have a apt repo, which uses authentication.
I couldn't find anything, that would make this possible. Are there any
examples or do I need to add that functionality to
meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
Best regards,
Jonas
I now have the usecase that I have a apt repo, which uses authentication.
I couldn't find anything, that would make this possible. Are there any
examples or do I need to add that functionality to
meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
Best regards,
Jonas
Baurzhan Ismagulov
Apr 6, 2022, 7:43:17 AM4/6/22
to isar-...@googlegroups.com
On Wed, Apr 06, 2022 at 01:11:48PM +0200, Jonas Reindl wrote:
> I now have the usecase that I have a apt repo, which uses authentication.
>
> I couldn't find anything, that would make this possible. Are there any
> examples or do I need to add that functionality to
> meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
Does "apt repo which uses authentication" mean http / https auth? I haven't
> I now have the usecase that I have a apt repo, which uses authentication.
>
> I couldn't find anything, that would make this possible. Are there any
> examples or do I need to add that functionality to
> meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
tried this, not even as an apt user. isar-bootstrap might be a good place to
start depending on what needs to be done; I don't know whether it also ends
there.
Please note that we are currently developing upfront Debian package fetching
which touches the related areas:
https://groups.google.com/g/isar-users/c/LGpLwhOfh-M/m/_xV8O-ncBQAJ
With kind regards,
Baurzhan.
Jonas Reindl
Apr 6, 2022, 7:52:33 AM4/6/22
to isar-...@googlegroups.com
On 4/6/22 13:43, Baurzhan Ismagulov wrote:
> On Wed, Apr 06, 2022 at 01:11:48PM +0200, Jonas Reindl wrote:
>> I now have the usecase that I have a apt repo, which uses authentication.
>>
>> I couldn't find anything, that would make this possible. Are there any
>> examples or do I need to add that functionality to
>> meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
> Does "apt repo which uses authentication" mean http / https auth? I haven't
> tried this, not even as an apt user. isar-bootstrap might be a good place to
> start depending on what needs to be done; I don't know whether it also ends
> there.
Yeah, I mean authentication with https. Like
> On Wed, Apr 06, 2022 at 01:11:48PM +0200, Jonas Reindl wrote:
>> I now have the usecase that I have a apt repo, which uses authentication.
>>
>> I couldn't find anything, that would make this possible. Are there any
>> examples or do I need to add that functionality to
>> meta/recipes-core/isar-bootstrap/isar-bootstrap.inc
> Does "apt repo which uses authentication" mean http / https auth? I haven't
> tried this, not even as an apt user. isar-bootstrap might be a good place to
> start depending on what needs to be done; I don't know whether it also ends
> there.
https://manpages.debian.org/testing/apt/apt_auth.conf.5.en.html
Just realized that also an inline http basic auth should probably work.
Still need to test that.
Furthermore inline secrets are still a bit complicated to deal with in isar.
As far as I could remember at least ubuntu or so had problems with that.
>
> Please note that we are currently developing upfront Debian package fetching
> which touches the related areas:
>
> https://groups.google.com/g/isar-users/c/LGpLwhOfh-M/m/_xV8O-ncBQAJ
>
> With kind regards,
> Baurzhan.
Best regards,
Jonas
Henning Schild
Apr 6, 2022, 8:03:05 AM4/6/22
to Jonas Reindl, isar-...@googlegroups.com
Hi Jonas,
that is indeed something i never came across. It should not be too hard
but might indeed require some changes to Isar.
In case it is simple plain http auth you can put the credentials into
your sources.list URI. "deb http://<user>:<passwd>@super.secret/crap"
That should work for DISTRO_APT_SOURCES_append files without a problem.
I kind of doubt you could easily bootstrap from such a repo, but if it
is just "additional packages" it should be fine.
If you want to store credentials in a separate file in
/etc/apt/auth.conf.d/*.conf, you will have to patch Isar to support
that.
And of cause you can always have a proxy somewhere in the middle, which
abstracts the auth away. And DISTRO_APT_PREMIRRORS could be used to
toggle that.
regards,
Henning
Am Wed, 6 Apr 2022 13:11:48 +0200
schrieb Jonas Reindl <jonas....@kilobaser.com>:
that is indeed something i never came across. It should not be too hard
but might indeed require some changes to Isar.
In case it is simple plain http auth you can put the credentials into
your sources.list URI. "deb http://<user>:<passwd>@super.secret/crap"
That should work for DISTRO_APT_SOURCES_append files without a problem.
I kind of doubt you could easily bootstrap from such a repo, but if it
is just "additional packages" it should be fine.
If you want to store credentials in a separate file in
/etc/apt/auth.conf.d/*.conf, you will have to patch Isar to support
that.
And of cause you can always have a proxy somewhere in the middle, which
abstracts the auth away. And DISTRO_APT_PREMIRRORS could be used to
toggle that.
regards,
Henning
Am Wed, 6 Apr 2022 13:11:48 +0200
schrieb Jonas Reindl <jonas....@kilobaser.com>:
Raphael Lisicki
Apr 7, 2022, 7:16:33 AM4/7/22
to isar-...@googlegroups.com, Henning Schild, Jonas Reindl
On 06.04.22 14:03, Henning Schild wrote:
> And of cause you can always have a proxy somewhere in the middle, which
> abstracts the auth away. And DISTRO_APT_PREMIRRORS could be used to
> toggle that.
There is no need to set up an extra proxy for that, you can just use
> And of cause you can always have a proxy somewhere in the middle, which
> abstracts the auth away. And DISTRO_APT_PREMIRRORS could be used to
> toggle that.
DISTRO_APT_PREMIRRORS for the insertion of your credentials:
DISTRO_APT_PREMIRRORS +=
"local.server username:pass...@local.server"
//raphael
Reply all
Reply to author
Forward
0 new messages