init

aptly-mirror.conf

@@ -0,0 +1,105 @@
+# ---------------------------------------------------------------------------
+# aptly-mirror.conf — Configuration for aptly-mirror.sh
+# ---------------------------------------------------------------------------
+#
+# This file is sourced by aptly-mirror.sh. It uses plain bash syntax.
+# To override the default location, set APTLY_MIRROR_CONF or pass -c <path>.
+#
+
+# ---------------------------------------------------------------------------
+# General settings
+# ---------------------------------------------------------------------------
+
+# Architectures to mirror (space-separated for multiple, e.g. "amd64 arm64")
+ARCHITECTURES="amd64"
+
+# GPG keyring for repository signature verification (empty = default trustedkeys.gpg)
+GPG_KEYRING=""
+
+# Set to 1 to skip GPG signature verification (not recommended for production)
+IGNORE_SIGNATURES=0
+
+# Number of old snapshot sets to retain during cleanup (0 = keep only current)
+KEEP_SNAPSHOTS=2
+
+# Download speed limit in KiB/s (0 = unlimited)
+DOWNLOAD_LIMIT=0
+
+# Set to 1 to skip GPG signing when publishing (useful if no GPG key configured)
+SKIP_SIGNING=0
+
+# ---------------------------------------------------------------------------
+# Storage paths
+# ---------------------------------------------------------------------------
+
+# Root directory for aptly data (mirrors, snapshots, db)
+# Leave empty to use aptly's default (~/.aptly)
+APTLY_ROOT=""
+
+# Directory where published repositories are served from
+# Leave empty to use aptly's default (~/.aptly/public)
+PUBLISH_ROOT=""
+
+
+# ---------------------------------------------------------------------------
+# Debian mirrors
+# ---------------------------------------------------------------------------
+
+DEBIAN_MIRROR="http://deb.debian.org/debian"
+DEBIAN_SECURITY_MIRROR="http://security.debian.org/debian-security"
+
+# Debian releases: codename -> version number
+declare -A DEBIAN_RELEASES=(
+    [bullseye]="11"
+    [bookworm]="12"
+    [trixie]="13"
+)
+
+# Components for Debian 11 and earlier (before non-free-firmware split)
+DEBIAN_COMPONENTS_LEGACY="main contrib non-free"
+# Components for Debian 12+ (non-free-firmware is a separate component)
+DEBIAN_COMPONENTS_MODERN="main contrib non-free non-free-firmware"
+
+# Security mirror components use an "updates/" prefix (applies to all Debian releases)
+DEBIAN_SECURITY_COMPONENTS_LEGACY="updates/main updates/contrib updates/non-free"
+DEBIAN_SECURITY_COMPONENTS_MODERN="updates/main updates/contrib updates/non-free updates/non-free-firmware"
+
+# ---------------------------------------------------------------------------
+# Ubuntu mirrors
+# ---------------------------------------------------------------------------
+
+UBUNTU_MIRROR="http://archive.ubuntu.com/ubuntu"
+UBUNTU_SECURITY_MIRROR="http://security.ubuntu.com/ubuntu"
+
+# Ubuntu releases: codename -> version number
+declare -A UBUNTU_RELEASES=(
+    [focal]="20.04"
+    [jammy]="22.04"
+    [noble]="24.04"
+    [resolute]="26.04"
+)
+
+UBUNTU_COMPONENTS="main restricted universe multiverse"
+
+# ---------------------------------------------------------------------------
+# GPG keys
+# ---------------------------------------------------------------------------
+
+# Debian archive signing key fingerprints
+DEBIAN_GPG_KEYS=(
+    "1F89983E0081FDE018F3CC9673A4F27B8DD47936"  # Debian Archive (11/bullseye)
+    "A7236886F3CCCAAD148A27F80E98404D386FA1D9"  # Debian Archive (12/bookworm)
+    "B7C5D7829D669F88788D4C1BEFCC6169C4AE0E3C"  # Debian Security Archive
+    "4D64FEC119C2029067D6E791F8D2585B8783D481"  # Debian Stable Release Key
+    "A48449044AAD5C5DEEDE9B19B7B0C1CF28EA3E34"  # Debian Archive (13/trixie)
+    "89C87ACEA5DD6B8E6A7068808E9F831205B4BA95"  # Debian Security Archive (13/trixie)
+)
+
+# Ubuntu archive signing key fingerprints
+UBUNTU_GPG_KEYS=(
+    "3B4FE6ACC0B21F32"  # Ubuntu Archive
+    "871920D1991BC93C"  # Ubuntu Archive (older)
+)
+
+# GPG keyserver to fetch keys from
+GPG_KEYSERVER="hkps://keyserver.ubuntu.com"