• Using apt-cacher-ng with SSL/TLS

    apt-cacher-ng is a write-through proxy that caches repository metadata and package indexes for other hosts, typically on the same network. It generally works out-of-the-box, except for when the repository is served over SSL/TLS, in which case special configuration is needed. This blog post will cover apt-cacher-ng basics, then how to set it up to...

  • Announcing the Package & Versions API

    You can finally list, filter, and view packages via the packagecloud.io API! Feel free to jump right into the docs: Packages “All” API Packages Filtering API Versions API Package API Or, continue reading for details and examples. A note about Pagination All of the API’s in this post (excluding the Package API) return a...

  • Working with Source RPMs

    What are source RPMs? A package is a collection of binaries, scripts, and associated data that is installed by your package manager. Packages are typically generated from source code and a set of a metadata written by the package maintainer. Occasionally, the source may by patched by the package maintainer at build time. A source...

  • Working with Debian and Ubuntu Source Packages

    What are source packages? A package is a collection of binaries, scripts, and associated data that is installed by your package manager. Packages are typically generated from source code and a set of a metadata written by the package maintainer. Occasionally, the source may by patched by the package maintainer at build time. A source...

  • Yum Cheat Sheet

    What is yum? yum is the default package manager for RPM-based linux distributions (CentOS, Fedora, RHEL, Oracle). It’s written in python and it stands for “Yellowdog Updater, Modified”, as it was originally called “yup”, the package manager for Yellow Dog Linux. Unlike it’s debian cousin, which uses various commands for package management, yum can perform...

  • Chef Conf 2015: Package Management & Chef

    These are the slides from Joe Damato’s talk at Chef Conf 2015, titled “Package Management & Chef”. This talk covers: packages, package managers, tips, tricks, and chef cookbooks for setting up secure package repositories. Presentation

  • APT Cheat Sheet

    Getting Started: What does APT do? APT is a set of core tools found inside the Debian operating system. It provides utilities for the installation and removal of software packages and dependencies on a system. apt-get / high level package handling utility apt-get is the command-line tool for handling packages and provides functions such as...

  • Cook your own packages: Getting more out of fpm

    Guest post This is a guest post by Mathias Lafeldt, an Infrastructure Developer living in Hamburg, Germany. Mathias likes to blog and tweet about all things infrastructure automation. One of the areas he’s passionate about is packaging. While he knows a lot about building Debian packages, he loves to use packagecloud for hosting them. Introduction...

  • Announcing packagecloud:enterprise

    packagecloud:enterprise 1.0 is now available! packagecloud:enterprise is a completely stand-alone, on-premises installation of packagecloud.io. It can be installed on physical hardware or in the cloud and provides all the amazing features you already love about packagecloud.io: fine grained access control private repositories collaboration multi-distribution support build automation Chef and Puppet modules packagecloud:enterprise is an ideal...

  • Puppet Camp LA 2015 presentation slides

    These are the slides from Joe Damato’s talk at Puppet Camp LA 2015, titled “Package Managers and Puppet”. This talk covers: packages, package managers, puppet, and tips, tricks, and puppet modules for setting up secure package repositories. Presentation

  • DNS outage post-mortem

    This past Monday, our DNS provider, DNS Simple, experienced a distributed denial of service attack which took down their DNS resolution service. You can find more information about the DNS outage at our provider here. Our monitoring alerted us that there was a problem with domain resolution and we began investigating. Our DNS provider...

  • HOWTO: GPG sign and verify RPM packages and yum repositories

    This blog post will explain how GPG signatures are implemented for RPM files and yum repository metadata, as well as how to generate and verify those signatures. This blog post also explains what the purpose of the pygpgme python library is, how it is used for verifying GPG signatures in RPMs and yum repository...

  • Debugging an MRI Ruby GC segfault caused by a buggy RubyGem

    This blog post examines a tricky bug in the incredibly useful libarchive-ruby-swig ruby gem. This gem wraps the libarchive C library which can be used to read and write archives of many different formats. The bug in the C++ code of the RubyGem itself causes Ruby’s GC to mistakenly free an in-use object which...

  • Announcing official support for Jenkins, CircleCI, and TravisCI

    packagecloud is excited to officially announce support for Jenkins, CircleCI, and TravisCI. Take a look at the updated docs with example configurations and information on how to push deb, rpm, and gem packages directly to packagecloud from your build process. If you use a continuous integration system other than Jenkins, CircleCI, or TravisCI, let...

  • HOWTO: GPG sign and verify deb packages and APT repositories

    GPG can be used to create a digital signature for both Debian package files and for APT repository metadata. Many Debian-based Linux distributions (e.g., Ubuntu) have GPG signature verification of Debian package files (.deb) disabled by default and instead choose to verify GPG signatures of repository metadata and source packages (.dsc). The setting which...

  • yum and createrepo generate incorrect metadata

    createrepo 0.9.9 uses a library called rpmUtils which is provided by yum. This library contains code which parses version strings from an RPM package. This code contains a bug which results in incorrect version and release strings being output by rpmUtils and further results in createrepo generating incorrect metadata for several packages. CentOS 6...