Skip to content

05. Manage sources repositories

Jump to bottom
Ludo edited this page Feb 3, 2025 · 23 revisions

A source repository is a remote repository of packages (deb or rpm) from a third-party publisher (e.g. Debian official repos). Typically, this is the repository from which you will create a mirror.

Add a source repository manually

From the REPOSITORIES tab:

  1. Use the Manage source repositories button to show the SOURCE REPOSITORIES panel.
  2. Click the Manually add button to add a new source repository.
  3. Select the source repository type then define a name to identify the source repository and specify its root URL.
  4. Click the Add button to add the source repository to the list of available source repositories.
  5. You should now edit the source repository to add more information like distributions and components or release version and import its GPG signing key if any. It is recommended to add the more informations you can as this is used for suggestions when creating a mirror.
https://github.com/user-attachments/assets/3e02860e-b51f-4a71-8438-f06d1468ba53

Notes:

Import source repositories from predefined or custom lists

From the REPOSITORIES tab:

  1. Use the Manage source repositories button to show the SOURCE REPOSITORIES panel.
  2. Click the Import button to import source repositories.
  3. Select the source repositories list you want to import (e.g. Debian official repositories). Predefined lists content is public and can be seen here https://github.com/lbr38/repomanager/tree/main/www/templates/source-repositories. More lists can be added in the future. You can make your own custom list and import it. Create custom source repositories list.
  4. Click the Import button to import the selected source repositories. This will create new source repositories in the list and import their GPG signing keys if any. If the import fails, it may be due to a temporary issue with the keyserver, try again later.
https://github.com/user-attachments/assets/376480e5-028d-4ce1-bd65-6833a83a893b

Notes:

  • Importing source repositories will overwrite existing source repositories with the same name.

Create custom source repositories list

You can create your own custom list with all predefined informations and import it through Repomanager web interface.

Custom list are made for private purposes, they will not be shared with the community. If you want to share your list, you can create a pull request to add it to the predefined lists.

  1. Source repositories lists are defined in YAML format and must be named with .yml extension. You can start from templates here deb template / rpm template or take example from existing lists here predefined lists to build your own file.
  2. Once you have created your custom file, you will have to copy it inside the container in a specific directory of the repomanager-data volume. You can also import it through the API, for automation purposes, see Import source repositories lists from API.

Here is an example with a custom deb list. From the docker host, it must be copied into the deb directory under /var/lib/docker/volumes/repomanager-data/templates/source-repositories/:

# Copy
cp my-custom-deb-list.yml /var/lib/docker/volumes/repomanager-data/templates/source-repositories/deb/my-custom-deb-list.yml

# Set permissions
chown 33:33 /var/lib/docker/volumes/repomanager-data/templates/source-repositories/deb/my-custom-deb-list.yml
chmod 640 /var/lib/docker/volumes/repomanager-data/templates/source-repositories/deb/my-custom-deb-list.yml
  1. Your custom list is now ready for import through the web interface:
https://github.com/user-attachments/assets/842aa0d4-1e08-4acb-871f-4b0380345e13

Import source repositories lists from API

You can import source repositories lists through the API, for automation purposes. This can be helpful for repositories that require frequent updates, like SSL authentication certificates updates.

  1. First create or update your custom list in YAML format, see Create custom source repositories list.
  2. Generate an API token from an admin account, if not already done, see API key.
  3. Use the following API endpoint to import the list:
curl -L --post301 --fail-with-body -s -q -X POST -H "Authorization: Bearer <API_KEY>" -F "template=@/home/user/<CUSTOM_LIST_FILE>" http://<REPOMANAGER_FQDN>/api/v2/source/<TYPE>/import/

Replace the following placeholders:

  • <API_KEY> Your API key.
  • <CUSTOM_LIST_FILE> The path to your custom list .yml file.
  • <REPOMANAGER_FQDN> Repomanager URL.
  • <TYPE> The type of source repositories list you want to import (deb or rpm).
  1. The API will return a JSON response with 201 status code if the import was successful, otherwise it will return an error message with 400 status code:
{"return":201,"results":"Source repositories imported successfully"}

Edit a source repository

From the REPOSITORIES tab:

  1. Use the Manage source repositories button to show the SOURCE REPOSITORIES panel.
  2. Click the source repository to edit it.
  3. Update the source repository informations, like distributions and components (if deb), release version (if rpm), and import their GPG signing key if any. It is recommended to add the more informations you can as this is used for suggestions when creating a mirror.
https://github.com/user-attachments/assets/488616a8-10c9-4350-a1bd-d9f5fd7f8b16

Notes:

  • You can provide a SSL certificate and its private key to authenticate to the source repository. This is useful if the source repository access is protected (for example, Redhat official repositories cdn.redhat.com require a private key/certificate to access them).

Delete a source repository

From the REPOSITORIES tab:

  1. Use the Manage source repositories button to show the SOURCE REPOSITORIES panel.
  2. Use the Delete icon icon to delete a source repository.
https://github.com/user-attachments/assets/d12bc0f2-06f0-49a1-be30-8863441be0e8

Notes:

  • GPG signing key(s) related to the source repository will not be deleted.

Import a source repository GPG signing key

From the REPOSITORIES tab:

  1. Use the Manage source repositories button to show the SOURCE REPOSITORIES panel.
  2. Click the source repository to edit it. If it is a deb repository, click the distribution you want to import the GPG signing key for. If it is a rpm repository, click the release version you want to import the GPG key for.
  3. Scroll down to IMPORT GPG KEY then paste the GPG key fingerprint, URL or plain text.
  4. Click the Import button to import the GPG key.
https://github.com/user-attachments/assets/c1d3e35f-aeb9-4cae-8976-9081a5ae1720

Use case: Redhat repositories

Related issue: https://github.com/lbr38/repomanager/issues/169

To be able to sync Redhat repositories (under cdn.redhat.com), you will need a Redhat8 or Redhat9 host/server with a valid subscription (see https://access.redhat.com/solutions/253273)

Once your host is registered, you should have access to Redhat rpm repositories (you can try with dnf update).

Just for you to understand: Redhat repositories are private and only accessible with a certificate and private key (this is what subscription provides). Now that you are registered, you can retrieve the certificate and private key content and import them into Repomanager to be able to sync Redhat repositories, see below.

From your registered host, retrieve the certificate, private key and Redhat CA certificate content. You can find their location in /etc/yum.repos.d/redhat.repo:

https://github.com/lbr38/repomanager/assets/54670129/f342159a-b878-4754-b35b-92437f382976

Simply cat the content of each file and copy/paste it to a text aditor (lines from -----BEGIN PGP PUBLIC KEY BLOCK----- to -----END PGP PUBLIC KEY BLOCK-----).

cat /etc/rhsm/ca/redhat-uep.pem
cat /etc/pki/entitlement/733946906105629479-key.pem
cat /etc/pki/entitlement/733946906105629479.pem

You can now import the certificate, private key and CA certificate content into Repomanager (see the Notes under Edit a source repository)

Clone this wiki locally