Results 1 to 7 of 7

Thread: how can I make a private repository for a Intranet

  1. #1

    Wink how can I make a private repository for a Intranet

    Hi, I am a newbee for Opensuse. I'm glad to choose OpenSuSE distro. Now I'm encountered by such a problem:
    In my lab, there are several PCs being planned to install OpenSuSE without access to Internet. This initial installing can easily done by DVD installation. But the question is when I want to install some usual software on the PCs, the lab PC can't access Internet repos to use zypper or YaST. How can I deal with this situation? Please give me some guidence or hint, Thank U!

  2. #2

    Default Re: how can I make a private repository for a Intranet

    On 2015-01-06, bigspring <bigspring@no-mx.forums.opensuse.org> wrote:
    > Hi, I am a newbee for Opensuse. I'm glad to choose OpenSuSE distro. Now
    > I'm encountered by such a problem:
    > In my lab, there are several PCs being planned to install OpenSuSE
    > without access to Internet. This initial installing can easily done by
    > DVD installation. But the question is when I want to install some usual
    > software on the PCs, the lab PC can't access Internet repos to use
    > zypper or YaST. How can I deal with this situation? Please give me some
    > guidence or hint, Thank U!


    I network all machines in my lab. You must insist on doing so for two reasons:

    Data backup: this is the most important reason. If you don't backup your data to a remote location (ideally a NAS),
    consider your data `temporary'. If someone breaks into my lab and steals all the hard drives, I'd be annoyed, but at
    least my data is safe in a double-locked sealed room located in the basement of a different building.

    Data transfer: usually a data acquisition machine and data analysis machine are different things but you need a network
    to be able to share the data.

    Additionally, the openSUSE 13.2 DVD installation has a few bugs so I have to ask a couple of questions:

    1. How do you intend to perform a post-intall update?
    2. How do you intend to install new programs and their dependencies?

    A workaround is to connect each machine briefly to the internet in turn after each install for post-installation packages
    updates and installing your additional programs. You _might_ make life easier by scripting your package installations
    and downloading all necessary RPMs to a removable media (such as a DVD), but expect offline dependency hell and this
    workaround won't solve solve your data backup/transfer problems anyway.

    If your IT people being unhelpful about networking your machines you have to tell them that offline computers are not
    fit for purpose (especially when it comes to backing up data). If they are still obstructive, then your lab you might
    have to invest in a network switch or wireless router but it would be worth it.


  3. #3

    Default Re: how can I make a private repository for a Intranet

    Quote Originally Posted by flymail View Post
    On 2015-01-06, bigspring <bigspring@no-mx.forums.opensuse.org> wrote:
    > Hi, I am a newbee for Opensuse. I'm glad to choose OpenSuSE distro. Now
    > I'm encountered by such a problem:
    > In my lab, there are several PCs being planned to install OpenSuSE
    > without access to Internet. This initial installing can easily done by
    > DVD installation. But the question is when I want to install some usual
    > software on the PCs, the lab PC can't access Internet repos to use
    > zypper or YaST. How can I deal with this situation? Please give me some
    > guidence or hint, Thank U!


    I network all machines in my lab. You must insist on doing so for two reasons:

    Data backup: this is the most important reason. If you don't backup your data to a remote location (ideally a NAS),
    consider your data `temporary'. If someone breaks into my lab and steals all the hard drives, I'd be annoyed, but at
    least my data is safe in a double-locked sealed room located in the basement of a different building.

    Data transfer: usually a data acquisition machine and data analysis machine are different things but you need a network
    to be able to share the data.

    Additionally, the openSUSE 13.2 DVD installation has a few bugs so I have to ask a couple of questions:

    1. How do you intend to perform a post-intall update?
    2. How do you intend to install new programs and their dependencies?

    A workaround is to connect each machine briefly to the internet in turn after each install for post-installation packages
    updates and installing your additional programs. You _might_ make life easier by scripting your package installations
    and downloading all necessary RPMs to a removable media (such as a DVD), but expect offline dependency hell and this
    workaround won't solve solve your data backup/transfer problems anyway.

    If your IT people being unhelpful about networking your machines you have to tell them that offline computers are not
    fit for purpose (especially when it comes to backing up data). If they are still obstructive, then your lab you might
    have to invest in a network switch or wireless router but it would be worth it.
    The question was: 'How to install update pc in the lab without internet' :-)
    "Unfortunately time is always against us" -- [Morpheus]

    .:https://github.com/Jetchisel:.

  4. #4

    Default Re: how can I make a private repository for a Intranet

    Quote Originally Posted by bigspring View Post
    Hi, I am a newbee for Opensuse. I'm glad to choose OpenSuSE distro. Now I'm encountered by such a problem:
    In my lab, there are several PCs being planned to install OpenSuSE without access to Internet. This initial installing can easily done by DVD installation. But the question is when I want to install some usual software on the PCs, the lab PC can't access Internet repos to use zypper or YaST. How can I deal with this situation? Please give me some guidence or hint, Thank U!

    There is an option to create a repo via yast. You can keep package cache on the machine you're installing so that rpm can be used for future use.
    That said you can mirror a repo via rsync so you can sync remote repos to your local repos and that local repos will be the source of packages to install/update within your intranet.
    "Unfortunately time is always against us" -- [Morpheus]

    .:https://github.com/Jetchisel:.

  5. #5

    Default Re: how can I make a private repository for a Intranet

    On 2015-01-06, jetchisel <jetchisel@no-mx.forums.opensuse.org> wrote:
    > The question was: 'How to install update pc in the lab without internet'
    >:-)


    Aww shucks!!

  6. #6
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    11,305
    Blog Entries
    2

    Default Re: how can I make a private repository for a Intranet

    Quote Originally Posted by jetchisel View Post
    There is an option to create a repo via yast. You can keep package cache on the machine you're installing so that rpm can be used for future use.
    That said you can mirror a repo via rsync so you can sync remote repos to your local repos and that local repos will be the source of packages to install/update within your intranet.
    To the OP:
    Believe this is what you are looking for
    https://en.opensuse.org/SDB:Creating...lation_sources

    Yeah, the SDB isn't titled with something easily recogniziable... IMO it's possible the article was written to describe a local initial installation repo and not a maintenance repo, but it can be modified slightly for that purpose.
    You need to understand what types of files and packages you want to serve locally

    The basic idea is to
    1. Install a server app for the transport you want your LAN hosts to use (http, ftp, nfs, etc). Apache, ftp server, tftp, nginx, nodejs should all be acceptable choices.

    2. Create a repository using YAST or "zypper ar" that points to the root or a subdirectory of the configured transport app used in (1). Additional options you'll need to configure is the download location for this private repo (if using zypper --pkg-cache-dir" and auto refresh.

    After you create the above, you should be able to populate your private repo along with all your other repos with "zypper ref"

    After that, on each of your LAN hosts you should be able to add the repo using the URI as usual. If the private repo is a mirror of an official Internet repo, I'd recommend copying the existing pre-configured (which won't work because it points to an Internet source which is blocked), renaming to indicate private and point to the private repo.

    Lastly, after all is verified working, you'll want to set your private repo to update and download automatically.
    You can do this with the systemd.timers service
    https://wiki.archlinux.org/index.php/Systemd/Timers
    Or a cron job running "zypper ref" nightly, however long it will continue to be supported.

    Suggestions and Corrections requested,
    TSU

  7. #7
    Join Date
    Feb 2009
    Location
    Spain
    Posts
    25,547

    Default Re: how can I make a private repository for a Intranet

    On 2015-01-06 17:38, flymail wrote:
    > On 2015-01-06, bigspring <bigspring@no-mx.forums.opensuse.org> wrote:
    >> Hi, I am a newbee for Opensuse. I'm glad to choose OpenSuSE distro. Now
    >> I'm encountered by such a problem:
    >> In my lab, there are several PCs being planned to install OpenSuSE
    >> without access to Internet. This initial installing can easily done by
    >> DVD installation. But the question is when I want to install some usual
    >> software on the PCs, the lab PC can't access Internet repos to use
    >> zypper or YaST. How can I deal with this situation? Please give me some
    >> guidence or hint, Thank U!

    >
    > I network all machines in my lab. You must insist on doing so for two reasons:


    No.

    There are special circumstances that mandate that a machine or group of
    machines be completely isolated from Internet (not necessarily network),
    usually because of very strict security rules (like data theft).

    Talking IT into giving you internet, even temporarily, is not an option,
    no matter what arguments you pose to them. And trying to bypass them
    could mean immediate firing and hefty fines, if found out.

    Of course there are methods to update those machines.

    What I would try to do is prepare an external hard disk into which I
    would mirror, by script or manually, whatever repositories I wanted, on
    a machine outside, with good Internet. When made, the disk would be hand
    carried (and possibly scrutinized by security officer) to the secure
    area, and connected or uploaded to one internal machine with an http
    server, acting as repository server, in the secure-and-isolated intranet.


    --
    Cheers / Saludos,

    Carlos E. R.
    (from 13.1 x86_64 "Bottle" at Telcontar)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •