HomeVersion Control & PackagingRPM and YUM

Create Local Repository

Prepare GPG key

This page has some good instruction on how to do this:

http://fedoranews.org/tchung/gpg/

Create the repository

This will show you how to create the repository over http.

First create directory structure on the server, say server1:

[root@server1 ~]# mkdir -p /var/www/repo/CentOS/4/local/i386/RPMS

If createrepo is not already installed, as it will not be by default, install it.

[root@server1 ~]# yum install createrepo

Build a spiffy new set of packages from foo-1.2.3.4-1.el4.src.rpm (or alternately get packages from another trusted source). Say you are building this on dev-server:

[builduser@dev-server ~]$ rpmbuild --rebuild --sign /path/to/srpm/foo-1.2.3.4-1.el4.src.rpm

This creates (for example)

/home/builduser/rpmbuild/RPMS/foo-1.2.3.4-1.el4.i386.rpm
/home/builduser/rpmbuild/RPMS/foo-devel-1.2.3.4-1.el4.i386.rpm
/home/builduser/rpmbuild/RPMS/foo-docs-1.2.3.4-1.el4.i386.rpm

Move the files to the repo and create metadata:

[builduser@dev-server ~]# scp /home/builduser/rpmbuild/RPMS/foo* localuser@server1:
[root@server1 ~]# mv ~localuser/foo* /var/www/repo/CentOS/4/local/i386/RPMS
[root@server1 ~]# chown -R root.root /var/www/repo/CentOS/4/local
[root@server1 ~]# createrepo /var/www/repo/CentOS/4/local/i386
[root@server1 ~]# chmod -R o-w+r /var/www/repo/CentOS/4/local

Note: The "chown", "createrepo", and "chmod" in the above section has to be repeated every time you add a new rpm file.

Create /etc/yum.repos.d/local.repo

Warning: The example assumes yum-plugin-protectbase plugin (see PackageManagement/Yum/ProtectBase) is installed, and that you want your repo to be enabled by default, protected, and allowed to replace core packages. It also assumes your packages are GPG-signed.

[local]
name=CentOS-$releasever - local packages for $basearch
baseurl=http://server1/CentOS/$releasever/local/$basearch
enabled=1
gpgcheck=1
protect=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
 

Download the public key for the RPM builder and store that in file  /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5.

 

Password protected repository

To create a local repository that is password protected, add the following to your apache conf file:

<Directory /var/www/repo>
    AuthType Basic
    AuthName "Password Required"
    AuthUserFile /etc/apache2/passwords/repo
    Require valid-user
</Directory>   

Create auth user password file:

htpasswd -c /etc/apache2/passwords/repo repouser

Then in your client system, in /etc/yum.repo.d/local.repo, replace the "baseurl" with something as following:

baseurl=http://repouser:password@server1/CentOS/$releasever/local/$basearch

 

 

References: