Available in Nexus Repository OSS and Nexus Repository Pro
Debian and systems based on it like Ubuntu, Linux Mint, and Raspbian use the same package management system. APT (Advanced Package Tool) is a set of tools for managing Debian packages, and therefore the applications installed on your Debian system. It provides a wide set of operations like searching repositories, installing packages with their dependencies, and managing upgrades.
Nexus Repository Manager supports the Apt repository format for proxy repositories as well as for hosted repositories. Proxy repositories give you several significant advantages. You are no longer dependent on the availability of public repositories and an external network connection. When packages are cached, you can snapshot metadata and be sure all packages will be available even when removed from the remote repository. With hosted repositories, you have reliable storage for your own and third-party packages.
This format is disabled by default in NXRM Pro HA-C environments.
Proxying Apt Repositories
You can set up a Apt proxy repository to access a remote repository location.
To proxy a Apt repository, you simply create a new apt (proxy) as documented in Repository Management.
Minimal configuration steps are:
- Define Name e.g. apt-proxy
- Define URL for Remote storage, e.g.
- Pick a Blob store for Storage
- If the remote repository has a flat format, check the Flat checkbox
Hosting Apt Repositories
A hosted repository for Apt can be used to upload your packages as well as third-party packages. To host Apt packages, create a new apt (hosted) repository as documented in Repository Management.
When creating a Apt Hosted repository you need to generate a PGP signing key pair or use an existing one. The current implementation of Apt hosted repository signs only metadata. Nexus Repository Manager does not sign packages. If you want to use signed .deb and .udeb packages, upload to the repository already signed files.
Generate a key pair in a Linux system with the following commands:
apt-get update apt-get install gpg gpg --gen-key gpg --list-keys cd <path to the foolder to import the key pair> gpg --armor --output public.gpg.key --export <gpg key Id> gpg --armor --output private.gpg.key --export-secret-key <gpg key Id>
A key ID looks like: '515F58C16D58E682E91ACEFF17B5C97F9A816AD7'
Minimal configuration steps are:
- Define Name e.g. apt-hosted
- Put the private pgp key into Signing Key field, as described above
- Put the passphrase for the private signing key into the Passphrase field if you have defined one
- Pick a Blob store for Storage
To use an Apt hosted repository you need to export the gpg public key into your Linux system. Use the public key (
public.gpg.key) from the key pair generated above.
apt-get update apt-get install gnupg apt-key add <full folder path in the container>/public.gpg.key
Deploying Packages to Apt Hosted Repositories
You can use HTTP POST or use Upload in the UI, as documented here, to upload packages to Apt hosted repository.
The following example uses the
curl command and example credentials of admin for user and admin123 for password to upload a
test.deb file to a hosted Apt repository:
curl -u "admin:admin123" -H "Content-Type: multipart/form-data" --data-binary "@./test.deb" "http://localhost:8081/repository/apt-hosted/"
Browsing Apt Repositories and Searching Packages
You can browse Apt repositories in the user interface inspecting the components and assets and their details, as described in Browsing Repositories and Repository Groups.
Searching for Apt packages can be performed in the user interface, too. It finds all packages that are currently stored in the repository manager, as described in Searching for Components.
Configuring Apt Client
If you already loaded a metadata using
apt update commands first clean it by removing all files from
To configure the Apt client to work with Nexus Repository Manager edit the file
/etc/apt/sources.list. Add the following line if you want to add the repository to the list, or replace the content of the file if you're going to use only your repository:
deb <repository URL> <distribution> main
For a hosted repository you should use the <distribution> from the repository properties. For a proxy repository, the <distribution> should be the same as in the original remote repository settings.
You can get the <repository URL> from the table in Browsing Repositories and Repository Groups via the UI.
Taking a Snapshot of a repository metadata
A snapshot in terms of the Apt repository is a named static copy of metadata of the repository. Changes in the repository will not cause any changes in the snapshot. A snapshot does NOT contain any binary files. So be ready if the content of the repository changed the snapshot can include some invalid metadata.
Available snapshots can be viewed in UI Browse in the
Snapshots functionality is useful in following cases:
- Create a snapshot and use it as a repository for a proxy repository. In this case, you are sure that packages will not be updated or removed because of changes in the remote repository.
To use the removed in the remote repository package, this package must be cached in the proxy repository. If not, you are aware about changed remote repository, the updated package will not be installed.
- Use snapshots for the hosted repository to freeze versions of all packages. If someone has changed the content of the repository, you are aware about changed remote repository, the updated package will not be installed.
There are two variants to create a snapshot:
- To snapshot all metadata of the repository use a HTTP MKCOL request. The following example uses the
curlcommand and example credentials of admin for user and admin123 for password to create a snapshot with the id
curl -u "admin:admin123" -X MKCOL "http://localhost:8081/repository/apt-proxy/snapshots/release123"
- To snapshot filtered by architectures and components metadata use HTTP PUT requests with the appropriate data, as follows:
Create a filter. This is a text file with the following format:
Architectures: <list of architectures> Components: <list of components>
Architectures: i386 Components: restricted universe
Use HTTP PUT request to snapshot a filtered metadata. This example uses
curlto create a snapshot of repository
apt-proxywith filter stored in
curl -u "admin:admin123" -X PUT -H "Content-Type: multipart/form-data" -T "filter.txt" "http://localhost:8081/repository/apt-proxy/snapshots/filtered_snapshot"