Difference between pages "Funtoo Resources on LAN" and "Entropy"

(Difference between pages)
m (Setting up secondary machine)
 
m (Useful and important Tips and Tricks)
 
Line 1: Line 1:
== Introduction ==
+
==Entropy Package Management in Gentoo==
This page will show you how to setup Funtoo resources on your LAN, so you can have a faster access to them via your local area network, for installing packages, updating your local trees, and keep everything in sync.
+
Entropy Package Manager is written by Fabio Erculliani from Sabayon GNU/Linux as an extension to Portage in order to install binary package same as in other binary-based distros. The package manager syncronises itself automatically with Portage once you installed entropy binary packages, but instead Portage must be syncronised with Entropy in order for Entropy to know what packages you have emerged.
 +
Fully written in python, it is a stable application with many binary-oriented features and options, including a complete set of repository creation and entropy server features fully based on Portage ebuild packaging. Henceforth, developers '''must''' ( there is no other way ) emerge packages in order to create entropy packages, the procedure will be detailed in this tutorial.
  
One use case for this is, if you have more than one machine and you want to keep all machines up to date in such a way that all the machines update to the tree of one machine, and that one primary machines pulls from the outside world (funtoo @ github).
+
==Instructions of creating your own Entropy Repository==
  
Example:
+
First of all, you must have package named '''entropy-server''' instaled. It contains a /etc/entropy/server.conf that itself contains the next, most important lines of the configuration:
  
Machine A = Primary Server on LAN (Pulls from github, contains distfiles, contains binaries - built by FEATURES="buildpkg")
+
  community-mode = enable < ''if you wish to cope with more than 1 repository in one system''
 +
 +
  community-mode = disable <''if you want to have a self-sustainable dependency repository''
 +
 
 +
  ...(descriptions) 
 +
 
 +
  default-repository = yourreponame
 +
 
 +
  ...(descriptions)
  
Machine B = Another machine on your LAN. Could be a laptop. (Pulls from Machine A. Thus any distfiles that it can get will be pulled from the primary server - thus reducing network load and basically making your primary server a fast cache for future funtoo installs and upgrades. Also this means that you can compile packages on your primary server, and just pull them from Machine B. You can be confident that since Machine B can only be as up-to-date as Machine A, that it won't try to pull some unknown package that hasn't been compiled yet).
+
  #example: #=> repository = myserverrepo|My Server Repository|ftp://user:pass@111.111.111.111/ ssh://username@host:~user/path:port ''just an example of repo mode''
  
== Setting up Machine A ==
+
  repository = yourreponame|My Server Repository|ftp://user:pass@111.111.111.111/ ssh://username@host:~user/path:port
  
Machine A is your primary server and it's basically already complete. Just make sure that SSH is enabled and started (Which it is by default on Funtoo) and make sure that your distfiles and packages are being served out over http. For this setup, root over SSH will be enabled and this is the user that we will be using to sync. You can change this to whatever you want if you really want to. You will need to modify the settings on your own though.
+
The rest of them you don't need necessarily to bother. Of course, as in the example, you need either a '''SSH''' server or '''FTP''' server with upload permissions obviously. The structure of the repository should look like this:
 +
  http://bpr.bluepink.ro/~rogentos/entropy/
  
=== Setting up the binary server ===
+
'''P.S.: I considered this step as being the most important one, since everybody firstly installs the package before reading the article/tutorial on how to use :)'''
Follow the instructions on this page: [[How_to_set_up_a_binary_package_server#Setting_up_the_host_machine|Setting up the Host Machine]]
+
  
=== Some security tips for SSH ===
 
In your /etc/ssh/sshd_config, you can add the following:
 
  
==== Change SSH default port ====
+
==Installation and package management instructions==
You should definitely do this because if you don't and you open port 22 to the world, you will get attacked. I noticed that I was getting attacked multiple times every single day and the only way I was able to reduce it was to install '''fail2ban'''. However, changing the port to another port dropped the number of attacks from [Every Day * Multiple] to 0.
+
Start emerging the following packages:
 +
  emerge sys-apps/entropy equo entropy-server -vp
 +
It should produce something like this: http://pastebin.com/cy7X38ia ( public and permanent pastebin ). Notes: these packages have been built on 5 minutes funtoo tar.gz unpacking and chrooting and after, a emerge --sync and a eselect profile set.
 +
You should have now a working '''equo''', so run the command: '''equo --help'''. Should show up all the help commands:
  
<console>
+
  blacknoxis / # equo --help
# Change Port 22 to some other port
+
  usage: equo [-h] [--color]
Port 8902
+
  (...)
</console>
+
  
==== Limit users ====
+
In this moment you should have a working repository and '''SSH/FTP''' server with '''/etc/entropy/server.conf''' pointed to it. Start learning the commands also.
Attackers will try to brute force user names. You can set the '''"AllowUsers"''' value so that it only lets those users login.
+
  
<console>
+
If you look into '''/etc/entropy/repositories.conf.d/''' there's the repositories location with all the ''entropy_*'' files. You can take that example in order to put your own repository for client use.
# Let's say that we only want root and roger to login
+
AllowUsers root roger
+
  
# PermitRootLogin should also be set to 'yes' if it isn't
+
==Working with EIT==
PermitRootLogin yes
+
First things first, you must 'regenerate' the Entropy database system by running the command:
</console>
+
  
== Setting up secondary machine ==
+
  equo rescue generate
  
This section will teach you how to pull from a remote tree, and set up your machine to use the distfiles and packages that your remote tree has (Could be a tree from a local network).
+
EIT is the tool that actually packages already emerged packages and introduces them into your remote repository. First initialize repo ( after configurind your /etc/entropy/server.conf ) with the command:
  
We will assume that you are pulling the tree from your local network and that you are accessing the tree via ssh.
+
  eit init reponame
  
We will assume that this is a fresh install and that you don't have any previous portage trees or setting tweaks.
+
And a demonstration of adding a package to a repo by using these three commands:
  
==== /etc/portage/make.conf ====
+
  emerge packagename
What we will first due is edit our make.conf so that it pulls resources from the correct locations.
+
  
We will assume that Machine A's IP is 192.168.1.100, SSH port is 8902, that we are logging in as the root user, and that the portage tree is in it's default location of /usr/portage on that machine.
+
  eit add packagename
  
Open up the make.conf file for Machine B and add the following:
+
  eit push
  
<console>
+
All demo in: http://pastebin.com/k3PNpPdD ( public permanent pastebin )
# This is where it will try to pull the tree the first time it syncs. After this it will just use w/e the git tree origin is set to
+
SYNC="ssh://192.168.1.100:8902/usr/portage"
+
  
# This sets where it will try to find source files (distfiles). We will try to pull from Machine A first, but if Machine A doesn't have the files we need, it will go to Gentoo to get them
 
GENTOO_MIRRORS="http://192.168.1.100/funtoo http://distfiles.gentoo.org"
 
  
# This sets where it will try to find binary packages (We are using an http server to make it more convenient for us because we don't need "security" to just download precompiled packages)
+
==Useful and important Tips and Tricks==
PORTAGE_BINHOST="http://192.168.1.100/funtoo/packages"
+
As foretold, Entropy does not recognize Portage installs unless you do a little step. There's a slight trick here on how to make Entropy keep your emerged package with your options. First, emerge a package, any package, then run the command:
</console>
+
  
=== If you already have a tree ===
+
  equo rescue spmsync --ask
If you already have a tree and would like to delete it and start fresh, you can just delete the .git folder inside the /usr/portage directory and the next time you run '''emerge --sync''', portage will tell you that it isn't a git repository, and it will wipe the contents and sync the new tree.
+
  
== Conclusion ==
+
( Accept but be careful, it sometimes takes something that you do not want )
 +
This command will make Entropy aware that you installed/compiled something with Portage, but Entropy will still try to upgrade it and return it to the generic entropy repository one. Therefor, you must change the entropy '''client.conf''' from file '''/etc/entropy/client.conf''':
  
That is basically it.
+
  ignore-spm-downgrades = '''enable''' < keep this ''enabled''
  
[[Category:HOWTO]]
+
 
 +
After this, '''equo update''' should do the trick and '''equo ugprade''' will not try to overwrite your portage emerged packages.
 +
Referential documentation in: http://wiki.sabayon.org/ on Equo / Entropy and short and old doc on EIT http://lxnay.wordpress.com/2011/10/18/eit-the-stupid-package-tracker-reinvented/
 +
 
 +
If you want to have a nice, eye catchy GUI installer for your entropy repository, just install Rigo with either equo or portage. If you want to test the concept further, use emerge to install app-admin/rigo and then, a mandatory '''equo rescue spmsync --ask'''. Actually, it is '''mandatory''' after each emerge package, you should run '''equo rescue spmsync --ask''' in order to at least make Entropy aware of your Portage changes.

Revision as of 03:20, October 8, 2013

Entropy Package Management in Gentoo

Entropy Package Manager is written by Fabio Erculliani from Sabayon GNU/Linux as an extension to Portage in order to install binary package same as in other binary-based distros. The package manager syncronises itself automatically with Portage once you installed entropy binary packages, but instead Portage must be syncronised with Entropy in order for Entropy to know what packages you have emerged. Fully written in python, it is a stable application with many binary-oriented features and options, including a complete set of repository creation and entropy server features fully based on Portage ebuild packaging. Henceforth, developers must ( there is no other way ) emerge packages in order to create entropy packages, the procedure will be detailed in this tutorial.

Instructions of creating your own Entropy Repository

First of all, you must have package named entropy-server instaled. It contains a /etc/entropy/server.conf that itself contains the next, most important lines of the configuration:

 community-mode = enable < if you wish to cope with more than 1 repository in one system

 community-mode = disable <if you want to have a self-sustainable dependency repository 
 
 ...(descriptions)  
 
 default-repository = yourreponame 
 
 ...(descriptions)  
 #example: #=> repository = myserverrepo|My Server Repository|ftp://user:pass@111.111.111.111/ ssh://username@host:~user/path:port just an example of repo mode
 repository = yourreponame|My Server Repository|ftp://user:pass@111.111.111.111/ ssh://username@host:~user/path:port

The rest of them you don't need necessarily to bother. Of course, as in the example, you need either a SSH server or FTP server with upload permissions obviously. The structure of the repository should look like this:

 http://bpr.bluepink.ro/~rogentos/entropy/

P.S.: I considered this step as being the most important one, since everybody firstly installs the package before reading the article/tutorial on how to use :)


Installation and package management instructions

Start emerging the following packages:

 emerge sys-apps/entropy equo entropy-server -vp

It should produce something like this: http://pastebin.com/cy7X38ia ( public and permanent pastebin ). Notes: these packages have been built on 5 minutes funtoo tar.gz unpacking and chrooting and after, a emerge --sync and a eselect profile set. You should have now a working equo, so run the command: equo --help. Should show up all the help commands:

 blacknoxis / # equo --help
 usage: equo [-h] [--color]
 (...)

In this moment you should have a working repository and SSH/FTP server with /etc/entropy/server.conf pointed to it. Start learning the commands also.

If you look into /etc/entropy/repositories.conf.d/ there's the repositories location with all the entropy_* files. You can take that example in order to put your own repository for client use.

Working with EIT

First things first, you must 'regenerate' the Entropy database system by running the command:

 equo rescue generate

EIT is the tool that actually packages already emerged packages and introduces them into your remote repository. First initialize repo ( after configurind your /etc/entropy/server.conf ) with the command:

 eit init reponame

And a demonstration of adding a package to a repo by using these three commands:

 emerge packagename
 eit add packagename
 eit push

All demo in: http://pastebin.com/k3PNpPdD ( public permanent pastebin )


Useful and important Tips and Tricks

As foretold, Entropy does not recognize Portage installs unless you do a little step. There's a slight trick here on how to make Entropy keep your emerged package with your options. First, emerge a package, any package, then run the command:

 equo rescue spmsync --ask

( Accept but be careful, it sometimes takes something that you do not want ) This command will make Entropy aware that you installed/compiled something with Portage, but Entropy will still try to upgrade it and return it to the generic entropy repository one. Therefor, you must change the entropy client.conf from file /etc/entropy/client.conf:

 ignore-spm-downgrades = enable < keep this enabled


After this, equo update should do the trick and equo ugprade will not try to overwrite your portage emerged packages. Referential documentation in: http://wiki.sabayon.org/ on Equo / Entropy and short and old doc on EIT http://lxnay.wordpress.com/2011/10/18/eit-the-stupid-package-tracker-reinvented/

If you want to have a nice, eye catchy GUI installer for your entropy repository, just install Rigo with either equo or portage. If you want to test the concept further, use emerge to install app-admin/rigo and then, a mandatory equo rescue spmsync --ask. Actually, it is mandatory after each emerge package, you should run equo rescue spmsync --ask in order to at least make Entropy aware of your Portage changes.