scripts
/
automate
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
automate/devuan-debian_releases.md

6.2 KiB
Raw Permalink Blame History

Releases

Version table

ID VERSION_ID VERSION_CODENAME DEBIAN_VERSION_ID DEBIAN_CODENAME DEBIAN_TIMESTAMP UBUNTU_CODENAME
Devuan 7 Wheezy 20170617T034212Z
Devuan 1.0 Jessie 8 Jessie 20180623T023722Z
Devuan 2.0 ASCII 9 Stretch 20200717T204551Z
Devuan 3.0 Beowulf 10.4 Buster 20230611T103552Z
Devuan 4.0 Chimaera 11.1 Bullseye 20230611T103552Z
Devuan 5.0 Daedalus 12 Bookworm 20231007T150030Z
Devuan 6.0 Excalibur 13 Trixie 20260202T081703Z Noble
Devuan 7.0 Freia 14 Forky 20260202T081703Z Questing
Devuan Ceres Sid 20260202T081703Z

Name mismatch

Derivative releases have the issue when making franken setups that the /etc/os-release doesn't match available upstream VERSION_CODENAME in sources.list so that tools like add-apt-repository for ubuntu PPA don't work.

/etc/debian/version has forky/sid not sure why its combined like that.

/usr/lib/os-release Other derivatives add UBUNTU_CODENAME to /etc/os-release but add-apt-repository doesn't use that which perhaps it should if ID_LIKE=debian is set. It also doesn't use DEB822 or at least have it as a switch since we have the templates in /usr/share/python-apt/templates/ although again some testing repos have dual names like forky/sid which breaks programmes expecting only one.

jessie caused a name collision with debian, capitalized ascii is already used for something and just an annoying choice, they calmed down after that (or someone left).

DEBIAN_TIMESTAMP

Debian uses http://snapshot.debian.org to provide access to past releases. We can use these to fix containers or images to a corresponding date code to prevent updates pulling in breaking packages or sometimes debian removes a package from testing but not stable of unstable and the snapshot.debian.org archive can be used to get the package from an earlier release.

Looking up the the package name snapshot.debian.org, finding the version you want and taking the timestamp from the url and putting in the DEBIAN_TIMESTAMP variable below will give the necessary sources.list entry. Using todays timestamp in a snapshot.debian.org url will give you the last available version for the VERSION_CODENAME specified.

Signatures

APT checks the signature of sources and these expire, so when dealing with archived versions we need to cope with this using check-valid-until=no

  • Get the signing key from the snapshot.debian.org
  • create the sources.list entry

Variables

URL="snapshot.debian.org"
VERSION_CODENAME="bookworm"
DEBIAN_TIMESTAMP="20231007T150030Z"
KEY_DIR=/usr/share/keyrings/
KEY=${KEY_DIR}/${VERSION_CODENAME}_${DEBIAN_TIMESTAMP}.gpg
sudo mkdir -p ${KEY_DIR}
KEY_URL="https://${URL}/archive/debian/${DEBIAN_TIMESTAMP}/dists/${VERSION_CODENAME}/Release.gpg"
sudo curl -fsSL ${KEY_URL} | sudo gpg --dearmor -o ${KEY}
sudo chmod a+r ${KEY}

ARCH=$(dpkg --print-architecture)

For pre-DEB822

conf_print_archive_sources() {
cat <<EOF
#cat <<-EOF | sudo tee /etc/apt/sources.list-available/docker.list
#	deb [arch=${ARCH} signed-by=${KEY} check-valid-until=no] https://${URL}/archive/debian/${DEBIAN_TIMESTAMP} ${VERSION_CODENAME} stable
EOF
}
conf_print_archive_sources | sudo tee /etc/apt/sources.list.d/${VERSION_CODENAME}_${DEBIAN_TIMESTAMP}.list

For DEB822

conf_print_archive_sources() {
cat <<EOF
Types: deb
URIs: https://${URL}/archive/debian/${DEBIAN_TIMESTAMP}
Suites: "${VERSION_CODENAME}"
Components: stable
Check-Valid-Until: no
Signed-By: "${KEY}"
EOF
EOF
}
conf_print_archive_sources | sudo tee /etc/apt/sources.list.d/${VERSION_CODENAME}_${DEBIAN_TIMESTAMP}.sources

Putting it all together.

conf_print_create_sources() {
  cat <<'EOF'
  #!/bin/bash

# Default values
DEBIAN_TIMESTAMP="${1:-$(date -u +%Y%m%dT%H%M%SZ)}"
VERSION_CODENAME="${2:-trixie}"
FILETYPE="${3:-DEB822}"

# Show usage if no arguments are provided
if [ $# -eq 0 ]; then
    cat << EOF
Usage: $0 [DEBIAN_TIMESTAMP] [VERSION_CODENAME] [FILETYPE]

Creates a sources.list entry for Debian archive snapshots.

Arguments:
  DEBIAN_TIMESTAMP   Timestamp in format YYYYMMDDTHHMMSSZ (default: today)
  VERSION_CODENAME   Debian release codename (default: trixie)
  FILETYPE           Format: DEB822 or PRE-DEB822 (default: DEB822)

Example:
  $0 20231007T150030Z bookworm DEB822
  $0                          # Uses defaults: today, trixie, DEB822

EOF
    exit 1
fi

URL="snapshot.debian.org"
KEY_DIR="/usr/share/keyrings"
ARCH=$(dpkg --print-architecture)

KEY="${KEY_DIR}/${VERSION_CODENAME}_${DEBIAN_TIMESTAMP}.gpg"
KEY_URL="https://${URL}/archive/debian/${DEBIAN_TIMESTAMP}/dists/${VERSION_CODENAME}/Release.gpg"

# Create key directory
sudo mkdir -p "${KEY_DIR}"

# Download and dearmor GPG key
echo "Downloading GPG key from ${KEY_URL}..."
sudo curl -fsSL "${KEY_URL}" | sudo gpg --dearmor -o "${KEY}"
sudo chmod a+r "${KEY}"

# Generate sources file
if [[ "${FILETYPE}" == "DEB822" ]]; then
    FILEPATH="/etc/apt/sources.list.d/${VERSION_CODENAME}_${DEBIAN_TIMESTAMP}.sources"
    cat << EOF | sudo tee "${FILEPATH}"
Types: deb
URIs: https://${URL}/archive/debian/${DEBIAN_TIMESTAMP}
Suites: "${VERSION_CODENAME}"
Components: stable
Check-Valid-Until: no
Signed-By: "${KEY}"
EOF
    echo "DEB822 source created at ${FILEPATH}"
else
    FILEPATH="/etc/apt/sources.list.d/${VERSION_CODENAME}_${DEBIAN_TIMESTAMP}.list"
    cat << EOF | sudo tee "${FILEPATH}"
deb [arch=${ARCH} signed-by=${KEY} check-valid-until=no] https://${URL}/archive/debian/${DEBIAN_TIMESTAMP} ${VERSION_CODENAME} stable
EOF
    echo "Legacy .list source created at ${FILEPATH}"
fi

echo "Done. Run 'sudo apt update' to test."
EOF
}