Mirror(s) for binary packages repository
Created by: ollieparanoid
Background on the experimental new binary repo
As you may know, I'm working on an experimental binary packages repository in #64 (closed). It's trade-off between security and easy maintainability went deep in the security side with lazy reproducible builds, so it got a bit complicated - don't expect too much from it yet (binutils-armhf
, gcc-armhf
etc. should be in there, kernels and plasma mobile will not for now). Although lots of work has been put into the security features, I wasn't so sure if this is the right way to continue. But at least in the chat the community had my back, so I went on with it (and that's not something I'd like to discuss in this ticket - if you want to question the idea as a whole, please do it in #64 (closed)).
Hosting
The packages are hosted in this GitHub repo (the idea is to extend that to use git-lfs in the future, because git does not handle binary files that well). Now in theory we could point all our installations to that repo. But in practice, we would hit traffic limits very soon and it would just stop working.
So it would be nice to have a mirror! Is there someone who could
- set up a server, that
git clone
s this repository once - sets up a HTTP trigger URL to pull the repository again? (We would call the trigger from GitHub whenever a new package gets pushed) - I think such a trigger could be set up with relatively few lines of python, but I have not done this yet.
Notes
- With the current concept the packages do not get deleted at all
- This is very experimental, so we still need to figure a lot out.
- The packages in the repo right now are only signed with a testing key - I plan to rebuild them all with a proper key. So be prepared for changes and bring some time with you to maintain this, if you step up to host a mirror.
- The code infrastructure is mostly there, although a few bugs still need to be ironed out.
- I plan to document the workflow better, so it's easy to understand what is going on.