Repository Management: Difference between revisions

From iPhone Development Wiki
(rearranging formatting for more sense)
Line 1: Line 1:
This page contains instructions for getting a personal repository set up, and general tips and tricks.
Here are instructions and advice for setting up and managing a Cydia repository. For context, Cydia uses an adapted version of Debian APT ([https://en.wikipedia.org/wiki/Advanced_Packaging_Tool Advanced Packaging Tool]) to manage packages.


= Setup =
If you have no interest in using your own server, you can use [https://myrepospace.com/ MyRepoSpace], which provides free repository hosting. It's often slow and unreliable though, and it gives you limited flexibility.


== Novice ==
== saurik's explanation ==


If you have no interest in setting up your own server, you can always use [https://myrepospace.com/ MyRepoSpace]. It can be a little slow though.
The authoritative guide to setting up a Cydia APT repository is '''[http://www.saurik.com/id/7 saurik's post on the subject]'''.


== Advanced ==
== Other explanations ==


Cydia uses a Debian APT-like implementation to manage packages.
Patrick Muff wrote [http://patrickmuff.ch/blog/2013/02/15/create-your-own-cydia-repository-on-ubuntu/ "Create your own Cydia Repository on Ubuntu in a few minutes"]


=== saurik's explanation ===
WinneonSword made a [https://github.com/WinneonSword/tutorial-repository Tutorial Repository on Github].


If you have no experience with Debian APT, you can read saurik's [http://www.saurik.com/id/7 excellent writeup on the subject], which is pretty comprehensive.
== Quick and dirty summary ==
 
=== Other explanations ===
 
http://patrickmuff.ch/blog/2013/02/15/create-your-own-cydia-repository-on-ubuntu/
 
https://github.com/WinneonSword/tutorial-repository
 
=== Quick and dirty summary ===


First thing is, you'll need a web host. It could be anything, like [https://neocities.org/ Neocities] or [https://pages.github.com/ GitHub pages].
First thing is, you'll need a web host. It could be anything, like [https://neocities.org/ Neocities] or [https://pages.github.com/ GitHub pages].


==== Repository structure ====
=== Repository structure ===


The basic idea is that you have two files in your server, <tt>Packages</tt> and <tt>Release</tt>. <tt>Packages</tt> must be bzipped and named <tt>Packages.bz2</tt>, and optionally <tt>Release</tt> may be also. <tt>Packages</tt> contains all of the information related to the different packages on your server (and where to download them, more on that later) and <tt>Release</tt> contains all of the information related to your server (like the name, description, etc).
The basic idea is that you have two files in your server, <tt>Packages</tt> and <tt>Release</tt>. <tt>Packages</tt> must be bzipped and named <tt>Packages.bz2</tt>, and optionally <tt>Release</tt> may be also. <tt>Packages</tt> contains all of the information related to the different packages on your server (and where to download them, more on that later) and <tt>Release</tt> contains all of the information related to your server (like the name, description, etc).
Line 31: Line 23:
If you want to see examples of <tt>Packages</tt> and <tt>Release</tt> files, you can see the cached files from your installed repos at <tt>/var/lib/apt/lists</tt> (note they can be quite large).
If you want to see examples of <tt>Packages</tt> and <tt>Release</tt> files, you can see the cached files from your installed repos at <tt>/var/lib/apt/lists</tt> (note they can be quite large).


==== .deb files ====
=== .deb files ===


The <tt>Packages</tt> file mentioned earlier points to .deb files in your server that you can download. These are made with dpkg-deb. [http://man.he.net/man1/dpkg-deb Manpage here]. The idea is that you set up a folder in the way you'd want the files to appear in your filesystem (and the <tt>DEBIAN</tt> folder, which would contain your <tt>control</tt> file, and optional <tt>preinst</tt> and <tt>postinst</tt> scripts) when it installs in Cydia, and then you'd use <tt>dpkg-deb -b folder_name</tt> to make the package (which will be named <tt>folder_name.deb</tt>). Read more in the [[Packaging]] page.
The <tt>Packages</tt> file mentioned earlier points to .deb files in your server that you can download. These are made with dpkg-deb. [http://man.he.net/man1/dpkg-deb Manpage here]. The idea is that you set up a folder in the way you'd want the files to appear in your filesystem (and the <tt>DEBIAN</tt> folder, which would contain your <tt>control</tt> file, and optional <tt>preinst</tt> and <tt>postinst</tt> scripts) when it installs in Cydia, and then you'd use <tt>dpkg-deb -b folder_name</tt> to make the package (which will be named <tt>folder_name.deb</tt>). Read more in the [[Packaging]] page.


= Custom icon =
== Custom icon ==


Put the file <tt>CydiaIcon.png</tt> at the root of your repository. It is displayed at 32x32, and it would be best for the file to be at Retina resolution (64x64 for @2x and 96x96 for @3x).
Put the file <tt>CydiaIcon.png</tt> at the root of your repository. It is displayed at 32x32, and it would be best for the file to be at Retina resolution (64x64 for @2x and 96x96 for @3x).


= Private repos =
== Private repositories ==
 


== UDID Protection ==
=== UDID Protection ===


The easiest way to make your repository "private" is to restrict access based on UDID. Cydia sends the user's UDID via the <tt>X-Unique-ID</tt> HTTP header, so your server could check that against a database in order to ensure that the user has rightful access.
The easiest way to make your repository "private" is to restrict access based on UDID. Cydia sends the user's UDID via the <tt>X-Unique-ID</tt> HTTP header, so your server could check that against a database in order to ensure that the user has rightful access.
Line 52: Line 43:
A Node.js implementation: [https://github.com/Aehmlo/udid-enabled-cydia-repo A sample Node UDID-protected Cydia repo by Aehmlo].
A Node.js implementation: [https://github.com/Aehmlo/udid-enabled-cydia-repo A sample Node UDID-protected Cydia repo by Aehmlo].


== Password Protection ==
=== Password Protection ===


Because UDID's can be easily faked, and are sent with ''every'' Cydia support email, UDID-protected repos are not very secure. However, you can use a username and password system through Cydia's depiction system, where the user enters their username and password in the depiction page, and then is authorized to download the package.  This system also requires server-side processing, so static webhosts (e.g. GitHub pages) will not work.
Because UDID's can be easily faked, and are sent with ''every'' Cydia support email, UDID-protected repos are not very secure. However, you can use a username and password system through Cydia's depiction system, where the user enters their username and password in the depiction page, and then is authorized to download the package.  This system also requires server-side processing, so static webhosts (e.g. GitHub pages) will not work.


A PHP implementation: [https://github.com/goeo-/pythech-repo/ A sample password-protected repo by goeo-].
A PHP implementation: [https://github.com/goeo-/pythech-repo/ A sample password-protected repo by goeo-].

Revision as of 04:49, 28 March 2015

Here are instructions and advice for setting up and managing a Cydia repository. For context, Cydia uses an adapted version of Debian APT (Advanced Packaging Tool) to manage packages.

If you have no interest in using your own server, you can use MyRepoSpace, which provides free repository hosting. It's often slow and unreliable though, and it gives you limited flexibility.

saurik's explanation

The authoritative guide to setting up a Cydia APT repository is saurik's post on the subject.

Other explanations

Patrick Muff wrote "Create your own Cydia Repository on Ubuntu in a few minutes"

WinneonSword made a Tutorial Repository on Github.

Quick and dirty summary

First thing is, you'll need a web host. It could be anything, like Neocities or GitHub pages.

Repository structure

The basic idea is that you have two files in your server, Packages and Release. Packages must be bzipped and named Packages.bz2, and optionally Release may be also. Packages contains all of the information related to the different packages on your server (and where to download them, more on that later) and Release contains all of the information related to your server (like the name, description, etc).

If you want to see examples of Packages and Release files, you can see the cached files from your installed repos at /var/lib/apt/lists (note they can be quite large).

.deb files

The Packages file mentioned earlier points to .deb files in your server that you can download. These are made with dpkg-deb. Manpage here. The idea is that you set up a folder in the way you'd want the files to appear in your filesystem (and the DEBIAN folder, which would contain your control file, and optional preinst and postinst scripts) when it installs in Cydia, and then you'd use dpkg-deb -b folder_name to make the package (which will be named folder_name.deb). Read more in the Packaging page.

Custom icon

Put the file CydiaIcon.png at the root of your repository. It is displayed at 32x32, and it would be best for the file to be at Retina resolution (64x64 for @2x and 96x96 for @3x).

Private repositories

UDID Protection

The easiest way to make your repository "private" is to restrict access based on UDID. Cydia sends the user's UDID via the X-Unique-ID HTTP header, so your server could check that against a database in order to ensure that the user has rightful access.

NOTE: Static webhosts like Neocities won't work for private repos. You'll need a server that has some way to let you process requests server-side, e.g. PHP, node.js, or Flask.

A PHP implementation: A sample UDID-protected Cydia repo by moeseth.

A Node.js implementation: A sample Node UDID-protected Cydia repo by Aehmlo.

Password Protection

Because UDID's can be easily faked, and are sent with every Cydia support email, UDID-protected repos are not very secure. However, you can use a username and password system through Cydia's depiction system, where the user enters their username and password in the depiction page, and then is authorized to download the package. This system also requires server-side processing, so static webhosts (e.g. GitHub pages) will not work.

A PHP implementation: A sample password-protected repo by goeo-.