Comment 9 for bug 1574113

Hi Andres,

what do you want to know exactly ?
I'm using reprepro (below the config files) with a gpg key generated ad-hoc and nginx.

What do you exactly expect to be wrong ?
'Release' file is generated by reprepro and it needs to be signed [1], I generated a key that it's not obviously present in the distribution, it has to be imported, so how the key should be imported by apt system ?

Sorry but from 2006 I followed the rules exposed in [1]. I don't know if there is something newer or a different approach in ubuntu. Could you please point me to some docs/specs where I can study how to build a proper apt repository for MAAS ?

[1] https://wiki.debian.org/SecureApt

=====
this is the directory layout exposed trough nginx:

root@apt-mirror:/srv/repositories# ls
conf db dists lists logs pool pubkeys

pubkyes -> the pub gpg key
conf -> config files for reprepro

the private gpg key has been generated and it's available under root user in the keyring for gpgagent.
Some packages have been imported individually not trough 'reprepro update" process, because they are not included by the filter (priority (==required) | priority (==important)).

I also copied these files, how suggested by Mike:
rsync --recursive --times --links --hard-links --delete --delete-after --verbose \
    rsync://archive.ubuntu.com/ubuntu/dists/trusty/main/uefi/ \
    /srv/repositories/dists/trusty/main/uefi

===== conf/distributions =====
Origin: Ubuntu
Codename: trusty
Description: Ubuntu trusty mirror
Architectures: i386 amd64
Components: main multiverse restricted universe
UDebComponents: main restricted universe multiverse
Contents: .gz
UDebIndices: Packages Release . .gz
Update: - ubuntu-trusty
Log: /srv/repositories/logs/mirror.log
SignWith: D2B38BD3

Origin: Ubuntu
Codename: trusty-updates
Description: Ubuntu trusty updates
Architectures: i386 amd64
Components: main multiverse restricted universe
UDebComponents: main restricted universe multiverse
Contents: .gz
UDebIndices: Packages Release . .gz
Update: - ubuntu-trusty-updates
Log: /srv/repositories/logs/mirror.log
SignWith: D2B38BD3

Origin: Ubuntu
Codename: trusty-security
Description: Ubuntu trusty security
Architectures: i386 amd64
Components: main multiverse restricted universe
UDebComponents: main restricted universe multiverse
Contents: .gz
UDebIndices: Packages Release . .gz
Update: - ubuntu-trusty-security
Log: /srv/repositories/logs/mirror.log
SignWith: D2B38BD3

===== conf/updates =====

Name: ubuntu-trusty
Method: http://archive.ubuntu.com/ubuntu
Components: main multiverse restricted universe
Suite: trusty
UDebComponents: main restricted universe multiverse
Architectures: i386 amd64
FilterFormula: priority (==required) | priority (==important)
VerifyRelease: blindtrust
GetInRelease: no

Name: ubuntu-trusty-security
Method: http://archive.ubuntu.com/ubuntu
Components: main multiverse restricted universe
Suite: trusty-security
UDebComponents: main restricted universe multiverse
Architectures: i386 amd64
FilterFormula: priority (==required) | priority (==important)
VerifyRelease: blindtrust

Name: ubuntu-trusty-updates
Method: http://archive.ubuntu.com/ubuntu
Components: main multiverse restricted universe
Suite: trusty-updates
UDebComponents: main restricted universe multiverse
Architectures: i386 amd64
FilterFormula: priority (==required) | priority (==important)
VerifyRelease: blindtrust