Create an RPM repository
Install dependencies
sudo dnf install -y gnupg createrepo dnf-utils rpm-sign wgetSetup GnuPG
echo "%echo Generating a PGP key
Key-Type: RSA
Key-Length: 4096
Name-Real: Jeffrey Serio
Name-Email: hyperreal@moonshadow.dev
Expire-Date: 0
%no-ask-passphrase
%no-protection
%commit" > ~/hyperreal-pgp-key.batchgpg --no-tty --batch --gen-key ~/hyperreal-pgp-key.batchExport the public key.
gpg --armor --export "Jeffrey Serio" > ~/hyperreal-pgp-key.pubExport the private key to back it up somewhere safe.
gpg --armor --export-secret-keys "Jeffrey Serio" > ~/hyperreal-pgp-key.secAfter backing it up, shred it from the working directory.
shred -xu ~/hyperreal-pgp.key.secSetup RPM signing
Replace E1933532750E9EEF with your key’s ID.
echo "%_signature gpg
%_gpg_name E1933532750E9EEF" > ~/.rpmmacrosCreate a directory to serve the repository.
mkdir -p ~/rpm-repo/packagesMove RPM packages into the repo directory. Then sign them with the following command:
rpm --addsign ~/rpm-repo/packages/*.rpmCreate repo index
Once all the packages are signed, create the repository with the following command:
createrepo ~/rpm-repo/packages/The above command will create a directory in the repo named repodata containing a file named repomd.xml.
Note that the
createrepomust be run against each directory in the repo containing .rpm files.
Now sign the repo metadata with the following command:
gpg --detach-sign --armor ~/rpm-repo/packages/repodata/repomd.xmlCreate a .repo file
echo "[hyperreal-kernel-bazzite]
name=hyperreal kernel bazzite $releasever
baseurl=https://rpm.hyperreal.coffee/kernel-bazzite/fedora-$releasever/$basearch
enabled=1
gpgcheck=1
gpgkey=https://rpm.hyperreal.coffee/hyperreal-pgp-key.pub" > ~/rpm-repo/hyperreal-kernel-bazzite.repoThe RPM repository should now be ready to be served on a web server with ~/rpm-repo as the web root.
Example Caddy configuration
rpm.hyperreal.coffee {
root * /home/jas/rpm-repos/
file_server browse
}