Skip to content
/ acp Public

The acp project seeks to fill the gap between apt and the internet, for secured systems, by enabling an offline system to remain offline, yet up-to-date.

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

s3dev/acp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
bin
bin
 
 
lib
lib
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
install.sh
install.sh
 
 

Repository files navigation

acp - An offline updater, using apt

The acp project seeks to fill the gap between apt and the internet, for secured systems, by enabling an offline system to remain offline, yet up-to-date.

Overview

Whether you maintain a single secured offline PC, or a network of offline nodes, it's important to keep that system clean and up to date with the latest packages and libraries - without having to connect the system to the internet. This is where acp comes in.

The acp application processes in two stages like apt, employing an update routine and an upgrade routine. For each routine there are three tasks, find, get and install - making a system update a six-step process. The find and install tasks are performed on the offline system, while the get task is performed on the online system, as this is the task responsible for downloading the relevant files.

How does it work?

The acp project is, at its very core, a thin wrapper around your locally installed apt program, making use of the apt update and apt upgrade commands. For a specific usage example, please refer to the Usage Example section below.

Step 0: Update the .config file

Contained in the .config file are the usernames for both the offline and the online system, along with an array of target hostnames. The update process will be performed on all hostnames listed in this array; whether this is a single PC, or a network of nodes. Note that any hostnames appearing in this array must be defined in the local system's /etc/hosts file.

Step 1: --update --find

To determine the package repositories to be updated on the offline system, this command is used to create a .sig file for each target host, which contains a URI for each package repository. When the process completes, the collection of .sig files generated by each target host are archived into a .tar file on the user's local Desktop. This archive is to be transported to the online system for use by the next command.

Step 2: --update --get PATH

Using the .tar archive generated by the previous command, the files downloaded from each URI (from each .sig file) are archived into another .tar file, for each target host. When the process completes, the collection of .tar archives generated by each target host are archived (again) into a single .tar file on the user's local Desktop. This archive is to be transported back to the offline system, for installation by the next command.

Step 3: --update --install PATH

Back on the offline system, using the .tar archive created by the previous command, the package repository metadata is deployed to each target host.

Step 4: --upgrade --find

With the apt metadata now updated, this command is used to compare the installed packages with the apt metadata to determine which packages are due for upgrade. The URI for each applicable package is written to another host-specific .sig file which contains the URI, the filename and the expected MD5 checksum. When the process completes, the collection of .sig files generated by each target host are archived into a .tar file on the user's local Desktop. This archive is to be transported to the online system for use by the next command.

Step 5: --upgrade --get PATH

Using the .tar archive generated by the previous command, the package updates (generally .deb files) listed in the .sig file are downloaded and archived into another .tar file, for each target host. When the process completes, the collection of .tar archives generated by each target host are archived (again) into a single .tar file on the user's local Desktop. This archive containing the latest package(s) for each target host is to be transported back to the offline system, for installation by the next command.

Step 6: --upgrade --install PATH

Back on the offline system, using the .tar archive created by the previous command, the latest packages are installed to each respective target host.

This completes the system update process.

Getting started

This section provides a quick-start guide to getting up and running. The acp utility is generally installed the /usr/local/bin directory (unless otherwise specified to the installer), and can be accessed at any time by simply typing acp into the terminal.

Downloading and installing

The simple steps below guide you through downloading, building and installing acp.

Note: acp must be installed on both the secured offline environment and on an internet-connected PC.

  1. Download the source from GitHub.
  2. Unzip the acp-master.zip archive.
  3. Navigate into the new acp-master directory and run install.sh.
    • Enter the installation path for acp. The default is /usr/local/bin.
  4. Test the installation was successful by typing: acp --help
  5. Update the .config file to meet your requirements.

Program help

After installation, the help menu can be displayed at any point by providing the --help argument:

$ acp --help

Usage Example:

How do I use it? A system update consists of six primary steps which are carried out in a back-and-forth fashion on the offline and online systems, with the .tar archive generated in the steps being transferred to the [other] system for use by the next step, as shown by the PATH placeholder argument in each relevant command.

Setup:

  1. On both systems: Update the .config file with the offline and online system usernames and provide the target hostname(s) which will be included in the update sweep. This only needs to be done once per installation.

The update process:

The first series of steps is to update the local apt repository/database, for each target host and is carried out using the --update routine argument, as follows. The following three steps are the equivalent to running apt update on a single online system.

  1. From the offline system: Find the URLs where the package metadata can be obtained:

    $ acp --update --find

  2. From the online system: Get (download) the package metadata from the internet:

    $ acp --update --get PATH

  3. From the offline system: Install the latest package metadata files:

    $ acp --update --install PATH

The second series of steps is to download and install the relevant updates on the offline system. This is carried out using the --upgrade routine argument, as follows. The following three steps are the equivalent to running apt upgrade on a single online system.

  1. From the offline system: Find the packages which need to be updated, using the latest package metadata downloaded in step 2:

    $ acp --upgrade --find

  2. From the online system: Get (download) the latest package(s) from the internet:

    $ acp --upgrade --get PATH

  3. From the offline system: Install the latest updates:

    $ acp --upgrade --install PATH

Your offline system is now up-to-date.

About

The acp project seeks to fill the gap between apt and the internet, for secured systems, by enabling an offline system to remain offline, yet up-to-date.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

v0.1.0 Latest
Jul 22, 2024

Packages

No packages published

Languages