Package server

Mirroring

Debmirror

See also

• Debmirror: creiamo un mirror Debian - Guide@Debianizzati.Org 1

• Mirantis Documentation: Usage ~ DEBMIRROR 2

• Apache Tips & Tricks: Hide a file type from directory indexes · MD/Blog 3

• Set Up A Local Ubuntu / Debian Mirror with Apt-Mirror | Programster’s Blog 4

• Debian – Mirror Size 5

• Comment #4 : Bug #882941 : Bugs : debmirror package : Ubuntu 6

• Debian – Setting up a Debian archive mirror 7

• Better Default Directory Views with HTAccess | Perishable Press 8

Run as user	Instruction number
root	1-3,5-14
debmirror	4

Debmirror is one of the existing programs which are able to mirror Debian APT packages. In this example we are going to use the Apache HTTP server as webserver.

In this example we will use the Apache HTTP server to serve the packages.

1. install

   apt-get install debmirror bindfs
   

2. create a new user

   useradd -m -s /bin/bash -U debmirror
   passwd debmirror
   usermod -aG jobs debmirror
   mkdir /home/debmirror/data
   chown debmirror:debmirror /home/debmirror/data
   

   Note

   In this example /home/debmirror/data is the base directory where all packages are served from.

   Tip

   I suggest using normal HDDs rather than SSDs. Size in more important than speed in this case.

3. create the jobs directories

   mkdir -p /home/jobs/{services,scripts}/by-user/debmirror
   chown -R debmirror:debmirror /home/jobs/{services,scripts}/by-user/debmirror
   chmod 700 -R /home/jobs/{services,scripts}/by-user/debmirror
   

4. load APT’s keyring into a new keyring owned by the debmirror user

   gpg --keyring /usr/share/keyrings/debian-archive-keyring.gpg --export \
       | gpg --no-default-keyring --keyring trustedkeys.gpg --import
   

5. add this configuration for the standard Debian repository

   /home/jobs/scripts/by-user/debmirror/debmirror.debian.conf

   # The config file is a perl script so take care to follow perl syntax.
   # Any setting in /etc/debmirror.conf overrides these defaults and
   # ~/.debmirror.conf overrides those again. Take only what you need.
   #
   # The syntax is the same as on the command line and variable names
   # loosely match option names. If you don't recognize something here
   # then just stick to the command line.
   #
   # Options specified on the command line override settings in the config
   # files.
   
   # Location of the local mirror (use with care)
   # $mirrordir="/path/to/mirrordir"
   
   # Output options
   $verbose=1;
   $progress=1;
   $debug=0;
   
   $remoteroot="debian";
   # Download options
   $host="debian.netcologne.de";
   $download_method="rsync";
   @dists="stable,oldstable,buster-updates,bullseye-updates,buster-backports,bullseye-backports";
   @sections="main";
   @arches="amd64,all,any";
   $omit_suite_symlinks=0;
   $skippackages=0;
   # @rsync_extra="none";
   $i18n=1;
   $getcontents=1;
   $do_source=1;
   $max_batch=0;
   
   # Includes other translations as well.
   # See the exclude option in
   # https://help.ubuntu.com/community/Debmirror
   @includes="Translation-(en|it).*";
   
   # @di_dists="dists";
   # @di_archs="arches";
   
   # Save mirror state between runs; value sets validity of cache in days
   $state_cache_days=0;
   
   # Security/Sanity options
   $ignore_release_gpg=0;
   $ignore_release=0;
   $check_md5sums=0;
   $ignore_small_errors=1;
   
   # Cleanup
   $cleanup=0;
   $post_cleanup=1;
   
   # Locking options
   $timeout=300;
   
   # Rsync options
   $rsync_batch=200;
   $rsync_options="-aIL --partial --bwlimit=10240";
   
   # FTP/HTTP options
   $passive=0;
   # $proxy="http://proxy:port/";
   
   # Dry run
   $dry_run=0;
   
   # Don't keep diff files but use them
   $diff_mode="use";
   
   # The config file must return true or perl complains.
   # Always copy this.
   1;
   

6. change permissions

   chown -R debmirror:debmirror /home/jobs/scripts/by-user/debmirror/debmirror.debian.conf
   chmod 700 -R /home/jobs/scripts/by-user/debmirror/debmirror.debian.conf
   

7. create the Systemd service unit file

   /home/jobs/services/by-user/debmirror/debmirror.debian.service

   [Unit]
   Description=Debmirror debian
   Requires=network-online.target
   After=network-online.target
   
   [Service]
   Type=simple
   ExecStart=/usr/bin/debmirror --config-file=/home/jobs/scripts/by-user/debmirror/debmirror.debian.conf /home/debmirror/data/debian
   User=debmirror
   Group=debmirror
   

8. create the Systemd service timer unit file

   /home/jobs/services/by-user/debmirror/debmirror.debian.timer

   [Unit]
   Description=Once a day debmirror debian
   
   [Timer]
   OnCalendar=*-*-* 1:30:00
   Persistent=true
   
   [Install]
   WantedBy=timers.target
   

9. create a directory readable be Apache

   mkdir -p /srv/http/debian
   chown www-data:www-data /srv/http/debian
   chmod 700 /srv/http/debian
   

10. Add this to the fstab file

    /etc/fstab

    /home/debmirror/data /srv/http/debian fuse.bindfs  auto,force-user=www-data,force-group=www-data,ro 0 0
    

    Note

    This mount command makes the directory exposed to the webserver readonly, in this case /srv/http/debian

11. serve the files via HTTP by creating a new Apache virtual host. Replace FQDN with the appropriate domain and include this file from the Apache configuration

    /etc/apache2/debian_mirror.apache.conf

    <IfModule mod_ssl.c>
    <VirtualHost *:443>
    
        UseCanonicalName on
    
        Keepalive On
        RewriteEngine on
    
        ServerName ${FQDN}
    
        # Set the icons also to avoid 404 errors.
        Alias /icons/ "/usr/share/apache2/icons/"
    
        DocumentRoot "/srv/http/debian"
        <Directory "/srv/http/debian">
            Options -ExecCGI -Includes
            Options +Indexes +SymlinksIfOwnerMatch
            IndexOptions NameWidth=* +SuppressDescription FancyIndexing Charset=UTF-8 VersionSort FoldersFirst
    
            ReadmeName footer.html
            IndexIgnore header.html footer.html
            #
            # AllowOverride controls what directives may be placed in .htaccess files.
            # It can be "All", "None", or any combination of the keywords:
            #   AllowOverride FileInfo AuthConfig Limit
            #
            AllowOverride All
    
            #
            # Controls who can get stuff from this server.
            #
            Require all granted
        </Directory>
    
        SSLCompression      off
    
        Include /etc/letsencrypt/options-ssl-apache.conf
        SSLCertificateFile /etc/letsencrypt/live/${FQDN}/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/${FQDN}/privkey.pem
    </VirtualHost>
    </IfModule>
    

12. create a new text file that will serve as basic instructions for configuring the APT sources file. Replace FQDN with the appropriate domain

    /home/debmirror/data/footer.html

    <h1>Examples</h1>
    
    Change <code>/etc/apt/sources.list</code> to one of these:
    
    <h2>Bullseye distribution</h2>
    
    <pre>
    deb  https://${FQDN}/debian          bullseye            main
    deb  https://${FQDN}/debian          bullseye-updates    main
    deb-src https://${FQDN}/debian-security bullseye-security    main
    deb  https://${FQDN}/debian           bullseye-backports  main
    
    deb [arch=amd64] https://${FQDN}/docker bullseye stable
    deb [arch=amd64] https://${FQDN}/gitea gitea main
    deb [arch=amd64] https://${FQDN}/postgresql bullseye-pgdg main
    </pre>
    
    <h2>Buster distribution</h2>
    
    <pre>
    deb  https://${FQDN}/debian          buster            main
    deb  https://${FQDN}/debian          buster-updates    main
    deb-src https://${FQDN}/debian-security buster/updates    main
    deb  https://${FQDN}/debian           buster-backports  main
    
    deb [arch=amd64] https://${FQDN}/docker buster stable
    deb [arch=amd64] https://${FQDN}/gitea gitea main
    deb [arch=amd64] https://${FQDN}/postgresql buster-pgdg main
    </pre>
    
    <h1>Repositories</h1>
    
    <code>stable</code> and <code>oldstable</code> distributions are available if applicable.
    
    <h2>debian</h2>
    <p>Supported architectures:</p>
    <ul>
    <li><code>amd64</code></li>
    <li><code>all</code></li>
    <li><code>any</code></li>
    </ul>
    
    <h2>debian-security</h2>
    <p>Supported architectures:</p>
    <ul>
    <li><code>amd64</code></li>
    <li><code>all</code></li>
    <li><code>any</code></li>
    </ul>
    
    <h2>docker</h2>
    <p>Supported architectures:</p>
    <ul>
    <li><code>amd64</code></li>
    </ul>
    
    <h2>gitea</h2>
    <p>Supported architectures:</p>
    <ul>
    <li><code>amd64</code></li>
    </ul>
    
    <h2>postgresql</h2>
    <p>Supported architectures:</p>
    <ul>
    <li><code>amd64</code></li>
    </ul>
    

    Note

    This example includes some unofficial repositories.

13. restart the Apache webserver

    systemctl restart apache2
    

14. run the deploy script

Unofficial Debian sources

Run as user	Instruction number
debmirror	*

In case you want to mirror unofficial Debian sources the same instrctions apply. You just need to change the key import step

gpg \
    --no-default-keyring \
    --keyring trustedkeys.gpg \
    --import ${package_signing_key}

Note

package_signing_key is provided by the repository maintainers.

PyPI server

Build Python packages using git sources and push them to a self-hosted PyPI server.

Server

See also

• Minimal PyPI server for uploading & downloading packages with pip/easy_install Resources 9

Run as user	Instruction number
root	*

1. follow the Docker instructions

2. create the jobs directories

   mkdir -p /home/jobs/scripts/by-user/root/docker/pypiserver
   chmod 700 /home/jobs/scripts/by-user/root/docker/pypiserver
   

3. install and run pypiserver. Use this Docker compose file

   /home/jobs/scripts/by-user/root/docker/pypiserver/docker-compose.yml

   version: '3.7'
   
   services:
       pypiserver-authenticated:
           image: pypiserver/pypiserver:latest
           volumes:
               # Authentication file.
               - type: bind
                 source: /home/jobs/scripts/by-user/root/docker/pypiserver/auth
                 target: /data/auth
   
               # Python files.
               - type: bind
                 source: /data/pypiserver/packages
                 target: /data/packages
           ports:
               - "127.0.0.1:4000:8080"
   
           # I have purposefully removed the
           #    --fallback-url https://pypi.org/simple/
           # option to have a fully isolated environment.
           command: --disable-fallback --passwords /data/auth/.htpasswd --authenticate update /data/packages
   

4. create a Systemd unit file. See also the Docker compose services section

   /home/jobs/services/by-user/root/docker-compose.pypiserver.service

   [Unit]
   Requires=docker.service
   Requires=network-online.target
   After=docker.service
   After=network-online.target
   
   [Service]
   Type=simple
   WorkingDirectory=/home/jobs/scripts/by-user/root/docker/pypiserver
   
   ExecStart=/usr/bin/docker-compose up --remove-orphans
   ExecStop=/usr/bin/docker-compose down --remove-orphans
   
   Restart=always
   
   [Install]
   WantedBy=multi-user.target
   

5. run the deploy script

6. modify the reverse proxy port of your webserver configuration with 4000

Apache configuration

See also

• GitHub - pypiserver/pypiserver: Minimal PyPI server for uploading & downloading packages with pip/easy_install - Serving Thousands of Packages 10

• Caching Guide - Apache HTTP Server Version 2.4 11

• mod_cache - Apache HTTP Server Version 2.4 12

Run as user	Instruction number
root	*

If you use Apache as webserver you should enable caching. The upstream documentation shows how to configure pypiserver for Nginx but not for Apache.

1. create a new Apache virtual host. Replace FQDN with the appropriate domain

   /etc/apache2/pypi_server.apache.conf

   ###############
   # pypiserver  #
   ###############
   <IfModule mod_ssl.c>
   <VirtualHost *:443>
       UseCanonicalName on
   
       Keepalive On
       RewriteEngine on
   
       ServerName ${FQDN}
   
       SSLCompression      off
   
       RewriteRule    ^/simple$  /simple/  [R]
       ProxyPass      / http://127.0.0.1:4000/ Keepalive=On max=50 timeout=300 connectiontimeout=10
       ProxyPassReverse   / http://127.0.0.1:4000/
       RequestHeader set X-Forwarded-Proto "https"
       RequestHeader set X-Forwarded-Port "443"
       RequestHeader set X-Forwarded-Host "${FQDN}"
   
       Header set Service "pypi"
   
       CacheRoot "/var/cache/apache"
       CacheEnable disk /
       CacheDirLevels 4
       CacheDirLength 1
   
       CacheDefaultExpire 3600
       CacheIgnoreNoLastMod On
       CacheIgnoreCacheControl On
       CacheMaxFileSize 640000
       CacheReadSize 1024
       CacheIgnoreNoLastMod On
       CacheIgnoreQueryString On
       CacheIgnoreHeaders X-Forwarded-Proto X-Forwarded-For X-Forwarded-Host
   
       # Debug. Turn these two variables off after testing.
       CacheHeader on
       CacheDetailHeader On
   
       Include /etc/letsencrypt/options-ssl-apache.conf
       SSLCertificateFile /etc/letsencrypt/live/${FQDN}/fullchain.pem
       SSLCertificateKeyFile /etc/letsencrypt/live/${FQDN}/privkey.pem
   </VirtualHost>
   </IfModule>
   

   Warning

   The included Cache* options are very aggressive!

2. create the cache directory

   mkdir /var/cache/apache
   chown www-data:www-data /var/cache/apache
   chmod 775 /var/cache/apache
   

3. enable the Apache modules

   a2enmod cache cache_disk
   systemctl start apache-htcacheclean.service
   systemctl restart apache2
   

4. check for a cache hit. Replace FQDN with the appropriate domain

   curl -s https://${FQDN} 1>/dev/null 2>/dev/null
   curl -s -D - https://${FQDN} | head -n 20
   

   Note

   The /packages/ page does not get cached.

5. set CacheHeader and CacheDetailHeader to Off

6. restart Apache

   systemctl restart apache2
   

Virtual machine compiling the packages

See also

• A collection of scripts I have written and/or adapted that I currently use on my systems as automated tasks 13

• Git repository pointers and configurations to build Python packages from source 14

• python - pushd through os.system - Stack Overflow 15

• Pass options to `build_ext · Issue #328 · pypa/build · GitHub` 16

Run as user	Instruction number
qvm	1-2
root (VM)	3-13
python-source-package-updater (VM)	14

1. create a virtual machine with Debian Bullseye (stable) and transform it into Sid (unstable). Using the unstable version will provide more up to date software for development.

   See the QEMU server section. You might need to assign a lost of disk space.

2. connect to the virtual machine. See the QEMU client section

3. create a new user

   useradd --system -s /bin/bash -U python-source-package-updater
   passwd python-source-package-updater
   usermod -aG jobs python-source-package-updater
   

4. create the jobs directories. See reference

   mkdir -p /home/jobs/{scripts,services}/by-user/python-source-package-updater
   chown -R kiwix:kiwix /home/jobs/{scripts,services}/by-user/python-source-package-updater
   chmod 700 -R /home/jobs/{scripts,services}/by-user/python-source-package-updater
   

5. install these packages in the virtual machine:

   apt-get install build-essential fakeroot devscripts git python3-dev python3-all-dev \
       games-python3-dev libgmp-dev libssl-dev libssl1.1=1.1.1k-1 libcurl4-openssl-dev \
       python3-pip python3-build twine libffi-dev graphviz libgraphviz-dev pkg-config \
       clang-tools libblas-dev astro-all libblas-dev libatlas-base-dev libopenblas-dev \
       libgsl-dev libblis-dev liblapack-dev liblapack3 libgslcblas0 libopenblas-base \
       libatlas3-base libblas3 clang-9 clang-13 clang-12 clang-11 sphinx-doc \
       libbliss-dev libblis-dev libbliss2 libblis64-serial-dev libblis64-pthread-dev \
       libblis64-openmp-dev libblis64-3-serial libblis64-dev libblis64-3-pthread \
       libblis64-3-openmp libblis64-3 libblis3-serial libblis3-pthread \
       libblis-serial-dev libblis-pthread-dev libargon2-dev libargon2-0 libargon2-1
   

   Note

   This is just a selection. Some Python packages need other dependencies not listed here.

6. install the dependencies of the script

   apt-get install python3-yaml python3-appdirs
   

7. install fpyutils. See reference

8. add the script

   /home/jobs/scripts/by-user/python-source-packages-updater/build_python_packages.py

   #!/usr/bin/env python3
   #
   # build_python_packages.py
   #
   # Copyright (C) 2021-2022 Franco Masotti (franco \D\o\T masotti {-A-T-} tutanota \D\o\T com)
   #
   # This program is free software: you can redistribute it and/or modify
   # it under the terms of the GNU General Public License as published by
   # the Free Software Foundation, either version 3 of the License, or
   # (at your option) any later version.
   #
   # This program is distributed in the hope that it will be useful,
   # but WITHOUT ANY WARRANTY; without even the implied warranty of
   # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   # GNU General Public License for more details.
   #
   # You should have received a copy of the GNU General Public License
   # along with this program.  If not, see <http://www.gnu.org/licenses/>.
   r"""build_python_packages.py."""
   
   import contextlib
   import multiprocessing
   import os
   import pathlib
   import shlex
   import shutil
   import signal
   import subprocess
   import sys
   
   import fpyutils
   import yaml
   from appdirs import AppDirs
   
   
   class InvalidCache(Exception):
       pass
   
   
   class InvalidConfiguration(Exception):
       pass
   
   
   def check_keys_type(keys: list, key_type) -> bool:
       """Check that all elements of a list correspond to a specific python type."""
       ok = True
   
       i = 0
       while ok and i < len(keys):
           if isinstance(keys[i], key_type):
               ok = ok & True
           else:
               ok = ok & False
           i += 1
   
       return ok
   
   
   def check_values_type(keys: list, values: dict, level_0_value_type, level_1_value_type, has_level_1_value: bool) -> bool:
       """Check that all elements of a list correspond to a specific python type."""
       ok = True
   
       i = 0
       while ok and i < len(values):
           if isinstance(values[keys[i]], level_0_value_type):
               j = 0
               while has_level_1_value and ok and j < len(values[keys[i]]):
                   if isinstance(values[keys[i]][j], level_1_value_type):
                       ok = ok & True
                   else:
                       ok = ok & False
                   j += 1
           else:
               ok = ok & False
   
           i += 1
   
       return ok
   
   
   ##################################
   # Check configuration structure  #
   ##################################
   def check_configuration_structure_ignore(configuration: dict) -> bool:
       ok = True
       if ('submodules' in configuration
          and isinstance(configuration['submodules'], dict)
          and 'ignore' in configuration['submodules']
          and isinstance(configuration['submodules']['ignore'], dict)):
   
           ignore_keys = list(configuration['submodules']['ignore'].keys())
   
           ok = ok & check_keys_type(ignore_keys, str)
           ok = ok & check_values_type(ignore_keys, configuration['submodules']['ignore'], list, str, True)
   
       return ok
   
   
   def check_configuration_structure_base_directory_override(configuration: dict) -> bool:
       ok = True
       if ('submodules' in configuration
          and isinstance(configuration['submodules'], dict)
          and 'base_directory_override' in configuration['submodules']
          and isinstance(configuration['submodules']['base_directory_override'], dict)):
   
           base_directory_override_keys = list(configuration['submodules']['base_directory_override'].keys())
           ok = ok & check_keys_type(base_directory_override_keys, str)
           ok = ok & check_values_type(base_directory_override_keys, configuration['submodules']['base_directory_override'], str, None, False)
       else:
           ok = False
   
       return ok
   
   
   def check_configuration_structure_checkout(configuration: dict) -> bool:
       ok = True
       if ('submodules' in configuration
          and 'checkout' in configuration['submodules']
          and isinstance(configuration['submodules'], dict)
          and isinstance(configuration['submodules']['checkout'], dict)):
   
           checkout_keys = list(configuration['submodules']['checkout'].keys())
           ok = ok & check_keys_type(checkout_keys, str)
           ok = ok & check_values_type(checkout_keys, configuration['submodules']['checkout'], list, str, True)
       else:
           ok = False
   
       return ok
   
   
   def check_configuration_structure_build(configuration: dict) -> bool:
       ok = True
       if ('submodules' in configuration
          and 'build' in configuration['submodules']
          and isinstance(configuration['submodules'], dict)
          and isinstance(configuration['submodules']['build'], dict)
          and 'pre_commands' in configuration['submodules']['build']
          and 'post_commands' in configuration['submodules']['build']):
           pre = configuration['submodules']['build']['pre_commands']
           post = configuration['submodules']['build']['post_commands']
           pre_commands_block_keys = list(pre.keys())
           ok = ok & check_keys_type(pre_commands_block_keys, str)
           post_commands_block_keys = list(post.keys())
           ok = ok & check_keys_type(post_commands_block_keys, str)
   
           i = 0
           while ok and i < len(pre):
               pre_section = pre[list(pre.keys())[i]]
               ok = ok & check_values_type(list(pre_section.keys()), pre_section, list, str, True)
               i += 1
           i = 0
           while ok and i < len(post):
               post_section = pre[list(post.keys())[i]]
               ok = ok & check_values_type(list(post_section.keys()), post_section, list, str, True)
               i += 1
       else:
           ok = False
   
       return ok
   
   
   def check_configuration_structure(configuration: dict) -> bool:
       ok = True
       if ('repository' in configuration
          and 'submodules' in configuration
          and 'other' in configuration
          and 'path' in configuration['repository']
          and 'remote' in configuration['repository']
          and 'default branch' in configuration['repository']
          and isinstance(configuration['submodules'], dict)
          and isinstance(configuration['repository']['path'], str)
          and isinstance(configuration['repository']['remote'], str)
          and isinstance(configuration['repository']['default branch'], str)
          and 'concurrent_workers' in configuration['other']
          and 'unit_workers_per_block' in configuration['other']
          and isinstance(configuration['other']['concurrent_workers'], int)
          and isinstance(configuration['other']['unit_workers_per_block'], int)
          and 'ignored_are_successuful' in configuration['submodules']
          and 'mark_failed_as_successful' in configuration['submodules']
          and isinstance(configuration['submodules']['ignored_are_successuful'], bool)
          and isinstance(configuration['submodules']['mark_failed_as_successful'], bool)):
           ok = True
       else:
           ok = False
   
       ok = ok & check_configuration_structure_ignore(configuration)
   
       return ok
   
   
   def elements_are_unique(struct: list) -> bool:
       unique = False
       if len(struct) == len(set(struct)):
           unique = True
   
       return unique
   
   
   #########################
   # Check cache structure #
   #########################
   def check_cache_structure(cache: dict) -> bool:
       ok = True
       if not isinstance(cache, dict):
           ok = False
   
       elements = list(cache.keys())
   
       ok = ok & check_keys_type(elements, str)
   
       # Check that tags are unique within the same git repository.
       i = 0
       while ok and i < len(cache):
           if not elements_are_unique(cache[elements[i]]):
               ok = ok & False
           i += 1
   
       ok = ok & check_values_type(elements, cache, list, str, True)
   
       return ok
   
   
   ###########
   # Generic #
   ###########
   def send_notification(message: str, notify: dict):
       m = notify['gotify']['message'] + '\n' + message
       if notify['gotify']['enabled']:
           fpyutils.notify.send_gotify_message(
               notify['gotify']['url'],
               notify['gotify']['token'], m,
               notify['gotify']['title'],
               notify['gotify']['priority'])
       if notify['email']['enabled']:
           fpyutils.notify.send_email(message,
                                      notify['email']['smtp server'],
                                      notify['email']['port'],
                                      notify['email']['sender'],
                                      notify['email']['user'],
                                      notify['email']['password'],
                                      notify['email']['receiver'],
                                      notify['email']['subject'])
   
   
   # See
   # https://stackoverflow.com/a/13847807
   # CC BY-SA 4.0
   # spiralman, bryant1410
   @contextlib.contextmanager
   def pushd(new_dir):
       previous_dir = os.getcwd()
       os.chdir(new_dir)
       try:
           yield
       finally:
           os.chdir(previous_dir)
   
   
   def build_message(total_tags: int, total_successful_tags: int) -> str:
       message = '\ncurrent successful package git tags: ' + str(total_successful_tags)
       message += '\ntotal package git tags: ' + str(total_tags)
       if total_tags != 0:
           message += '\ncurrent success rate percent: ' + str((total_successful_tags / total_tags) * 100)
       else:
           message += '\ncurrent success rate percent: 0'
   
       return message
   
   
   def print_information(repository_name: str, git_ref: str, message: str = 'processing'):
       print('\n==========================')
       print('note: ' + message + ': ' + repository_name + '; git ref: ' + git_ref)
       print('==========================\n')
   
   
   #########
   # Files #
   #########
   def read_yaml_file(file: str) -> dict:
       data = dict()
       if pathlib.Path(file).is_file():
           data = yaml.load(open(file, 'r'), Loader=yaml.SafeLoader)
   
       return data
   
   
   def read_cache_file(file: str) -> dict:
       cache = read_yaml_file(file)
       if not check_cache_structure(cache):
           raise InvalidCache
   
       return cache
   
   
   def update_cache(cache: dict, new_cache: dict):
       for c in cache:
           if c in new_cache:
               cache[c] = list(set(cache[c]).union(set(new_cache[c])))
   
       for c in new_cache:
           if c not in cache:
               cache[c] = new_cache[c]
   
   
   def write_cache(cache: dict, new_cache: dict, cache_file: str):
       print('note: writing cache')
   
       update_cache(cache, new_cache)
   
       with open(cache_file, 'w') as f:
           f.write(yaml.dump(cache))
   
   
   #######
   # Git #
   #######
   def git_get_updates(git_executable: str, repository_path: str, repository_remote: str, repository_default_branch: str):
       with pushd(repository_path):
           fpyutils.shell.execute_command_live_output(
               shlex.quote(git_executable)
               + ' pull '
               + repository_remote
               + ' '
               + repository_default_branch
           )
           fpyutils.shell.execute_command_live_output(shlex.quote(git_executable) + ' submodule sync')
   
           # We might need to add the '--recursive' option for 'git submodule update'
           # to build certain packages. This means that we still depend from external
           # services at build time if we use that option.
           fpyutils.shell.execute_command_live_output(shlex.quote(git_executable) + ' submodule update --init --remote')
   
           fpyutils.shell.execute_command_live_output(shlex.quote(git_executable) + ' submodule foreach git fetch --tags --force')
   
   
   def git_remove_untracked_files(git_executable: str):
       fpyutils.shell.execute_command_live_output(shlex.quote(git_executable) + ' checkout --')
       fpyutils.shell.execute_command_live_output(shlex.quote(git_executable) + ' clean -d --force')
   
   
   def git_get_tags(git_executable: str) -> list:
       r"""Get the list of tags of a git repository.
   
       :returns: s, a list of tags. In case the git repository has no tags, s is an empty list.
       """
       s = subprocess.run([shlex.quote(git_executable), 'tag'], check=True, capture_output=True)
       s = s.stdout.decode('UTF-8').rstrip().split('\n')
   
       # Avoid an empty element when there are no tags.
       if s == ['']:
           s = list()
   
       return s
   
   
   def git_filter_processed_tags(tags: list, cache: dict, software_name: str) -> tuple:
       r"""Given a list of tags filter out the ones already present in cache."""
       successful_tags: int = 0
   
       if software_name in cache:
           total_tags_original = len(tags)
           # Filter tags not already processed.
           tags = list(set(tags) - set(cache[software_name]))
   
           # Tags already in cache must be successful.
           # In case len(tags) < len(cache[software_name]) because configuration changed,
           # pick the minimum between the two.
           successful_tags = min(len(cache[software_name]), total_tags_original)
   
           # Git repositories without tags: remove cache reference if present.
           if tags == cache[software_name] and tags == ['']:
               tags = []
   
       return tags, successful_tags
   
   
   def git_filter_ignore_tags(tags: list, ignore_objects: dict, skip_tags: bool, software_name: str) -> list:
       r"""Given a list of tags filter out the ones in an ignore list."""
       if skip_tags:
           tags = list(set(tags) - set(ignore_objects[software_name]))
   
       return tags
   
   
   def git_get_repository_timestamp(git_executable: str) -> str:
       r"""Return the timestamp of the last git ref."""
       return subprocess.run(
           [
               shlex.quote(git_executable),
               'log',
               '-1',
               '--pretty=%ct'
           ], check=True, capture_output=True).stdout.decode('UTF-8').strip()
   
   
   ##########
   # Python #
   ##########
   def build_dist(python_executable: str, git_executable: str):
       r"""Build the Python package in a reproducable way.
   
           Remove all dev, pre-releases, etc information from the package name.
           Use a static timestamp.
           See
           https://github.com/pypa/build/issues/328#issuecomment-877028239
       """
       subprocess.run(
           [
               shlex.quote(python_executable),
               '-m',
               'build',
               '--sdist',
               '--wheel',
               '-C--global-option=egg_info',
               '-C--global-option=--no-date',
               '-C--global-option=--tag-build=',
               '.'
           ], check=True, env=dict(os.environ, SOURCE_DATE_EPOCH=git_get_repository_timestamp(git_executable)))
   
   
   def upload_dist(twine_executable: str, pypi_url: str, pypi_username: str, pypi_password: str):
       r"""Push the compiled package to a remote PyPI server."""
       subprocess.run(
           [
               shlex.quote(twine_executable),
               'upload',
               '--repository-url',
               pypi_url,
               '--non-interactive',
               '--skip-existing',
               'dist/*'
           ], check=True, env=dict(os.environ, TWINE_PASSWORD=pypi_password, TWINE_USERNAME=pypi_username))
   
   
   def skip_objects(ignore_objects: dict, software_name: str) -> tuple:
       r"""Determine whether to skip repositories and/or tags."""
       skip_repository = False
       skip_tags = False
       if software_name in ignore_objects:
           if len(ignore_objects[software_name]) == 0:
               skip_repository = True
               skip_tags = False
           else:
               skip_tags = True
   
       return skip_repository, skip_tags
   
   
   def set_base_directory_override(base_directory_override: dict, directory: str, software_name: str) -> pathlib.Path:
       r"""Change to the appropriate directory.
   
       :returns: directory, the path of the directory where the setup files
           are present.
   
       ..note: Values are reported in the remote configuration
       """
       old_directory = directory
       if software_name in base_directory_override:
           directory = pathlib.Path(directory, base_directory_override[software_name])
           # Check if inner_directory exists.
           # inner_directory usually is equal to absolute_directory
           if not directory.is_dir():
               # Fallback.
               directory = pathlib.Path(old_directory)
       else:
           directory = pathlib.Path(directory)
   
       return directory
   
   
   def build_package_pre_post_commands(command_block: dict):
       for block in command_block:
           cmd = list()
           for c in command_block[block]:
               cmd.append(shlex.quote(c))
           try:
               subprocess.run(cmd, check=True)
           except subprocess.CalledProcessError as e:
               print(e)
   
   
   def build_package(
       git_executable,
       python_executable,
       rm_executable: str,
       twine_executable,
       pypi_url,
       pypi_user,
       pypi_password,
       cache: dict,
       directory: str,
       software_name: str,
       tag: str,
       base_directory_override: dict,
       submodule_mark_failed_as_successful: bool,
       command_block_pre: dict,
       command_block_post: dict,
   ) -> int:
       r"""Checkout, compile and push.
   
       This function processes repositories without tags.
       In this case they are marked as successful but are not added to the cache.
       """
       successful_tag: int = 0
       directory_relative_path = directory.stem
       # Cleanup.
       git_remove_untracked_files(git_executable)
   
       print_information(directory_relative_path, tag, 'processing')
   
       # Checkout repository with tags: avoid checking out tagless repositories.
       if tag != str():
           fpyutils.shell.execute_command_live_output(
               shlex.quote(git_executable)
               + ' checkout '
               + tag
           )
   
       # Decide whether to change directory based on remote configuration.
       inner_directory = set_base_directory_override(base_directory_override, directory, software_name)
       subdirectory_absolute_path = str(inner_directory)
       with pushd(subdirectory_absolute_path):
           fpyutils.shell.execute_command_live_output(shlex.quote(rm_executable) + ' -rf build dist')
           try:
               build_package_pre_post_commands(command_block_pre)
               build_dist(python_executable, git_executable)
               build_package_pre_post_commands(command_block_post)
   
               upload_dist(twine_executable, pypi_url, pypi_user, pypi_password)
   
               # Register success in cache yaml file.
               successful_tag = 1
               if tag != str():
                   cache[software_name].append(tag)
   
           except subprocess.CalledProcessError:
               print_information(directory.stem, tag, 'error')
   
               if submodule_mark_failed_as_successful:
                   # Do not add an empty git tag to the cache.
                   successful_tag = 1
                   if tag != str():
                       cache[software_name].append(tag)
   
           git_remove_untracked_files(git_executable)
   
       return successful_tag
   
   
   def read_remote_configuration(repository_path: str) -> dict:
       """Retrieve the configuration of the remote repository."""
       remote_configuration_file = pathlib.Path(repository_path, 'configuration.yaml')
       remote_config = dict()
       if remote_configuration_file.is_file():
           remote_config = yaml.load(open(remote_configuration_file, 'r'), Loader=yaml.SafeLoader)
           if (not check_configuration_structure_base_directory_override(remote_config)
              or not check_configuration_structure_checkout(remote_config)
              or not check_configuration_structure_build(remote_config)):
               raise InvalidConfiguration
   
       return remote_config
   
   
   def worker(args: list) -> tuple:
       directory: pathlib.Path = next(args)
       ignore_objects: dict = next(args)
       cache: dict = next(args)
       submodules_ignored_are_successuful: bool = next(args)
       git_executable: str = next(args)
       python_executable: str = next(args)
       rm_executable: str = next(args)
       twine_executable: str = next(args)
       pypi_url: str = next(args)
       pypi_user: str = next(args)
       pypi_password: str = next(args)
       submodule_mark_failed_as_successful: bool = next(args)
       remote_config: dict = next(args)
       repository_path: str = next(args)
   
       total_tags_including_processed: int = 0
       total_tags_to_process: int = 0
       total_successful_tags_including_processed: int = 0
       successful_tags: int = 0
   
       # The software name is used in the cache as key.
       software_name = pathlib.Path(directory).stem
       skip_repository, skip_tags = skip_objects(ignore_objects, software_name)
       submodule_absolute_path = str(pathlib.Path(repository_path, directory))
   
       # Create a new cache slot.
       if software_name not in cache:
           cache[software_name] = list()
   
       # Mark ignored repositories as successful if the setting is enabled.
       # Save in cache.
       if (skip_repository
          and submodules_ignored_are_successuful):
           with pushd(submodule_absolute_path):
               tags = git_get_tags(git_executable)
   
               # Bulk append: all tags are successful.
               cache[software_name] = tags
   
               total_tags: int = len(tags)
               successful_tags = total_tags
               total_tags_including_processed = total_tags
               total_tags_to_process = total_tags
   
       # Process the repository normally.
       elif not skip_repository:
           with pushd(submodule_absolute_path):
               # Cleanup previous runs.
               git_remove_untracked_files(git_executable)
   
               # Get all git tags and iterate.
               tags = git_get_tags(git_executable)
               # Useful to detect tagless repositories.
               total_tags_original = len(tags)
   
               if total_tags_original > 0:
                   # Filter out tags that are in the ignore list.
                   tags = git_filter_ignore_tags(tags, ignore_objects, skip_tags, software_name)
   
                   # The 'checkout' section in the remote configuration rewrites all tags.
                   if software_name in remote_config['submodules']['checkout']:
                       tags = remote_config['submodules']['checkout'][software_name]
   
                   total_tags_including_processed = len(tags)
   
                   # Filter tags not already processed (i.e: not already in cache marked as successful).
                   tags, successful_tags = git_filter_processed_tags(tags, cache, software_name)
                   total_tags_to_process = len(tags)
               else:
                   # Tagless repositories have 1 dummy tag.
                   total_tags_to_process = 1
                   total_tags_including_processed = 1
   
               # Get pre-post build commands.
               if software_name in remote_config['submodules']['build']['pre_commands']:
                   pre_commands = remote_config['submodules']['build']['pre_commands'][software_name]
               else:
                   pre_commands = dict()
               if software_name in remote_config['submodules']['build']['post_commands']:
                   post_commands = remote_config['submodules']['build']['post_commands'][software_name]
               else:
                   post_commands = dict()
   
               # Build the Python package.
               if total_tags_original == 0:
                   print('note: tag 1 of 1')
                   # Tagless repository. Pass an empty string as tag id.
                   successful_tags += build_package(
                       git_executable,
                       python_executable,
                       rm_executable,
                       twine_executable,
                       pypi_url,
                       pypi_user,
                       pypi_password,
                       cache,
                       directory,
                       software_name,
                       str(),
                       remote_config['submodules']['base_directory_override'],
                       submodule_mark_failed_as_successful,
                       pre_commands,
                       post_commands,
                   )
               else:
                   i = 1
                   for t in tags:
                       print('note: tag ' + str(i) + ' of ' + str(len(tags)))
                       successful_tags += build_package(
                           git_executable,
                           python_executable,
                           rm_executable,
                           twine_executable,
                           pypi_url,
                           pypi_user,
                           pypi_password,
                           cache,
                           directory,
                           software_name,
                           t,
                           remote_config['submodules']['base_directory_override'],
                           submodule_mark_failed_as_successful,
                           pre_commands,
                           post_commands,
                       )
                       i += 1
   
       total_successful_tags_including_processed = successful_tags
   
       return cache, total_tags_including_processed, total_tags_to_process, total_successful_tags_including_processed
   
   
   def build_worker_arg(
       directory: pathlib.Path,
       ignore_objects: dict,
       cache: dict,
       submodules_ignored_are_successuful: bool,
       git_executable,
       python_executable: str,
       rm_executable: str,
       twine_executable: str,
       pypi_url: str,
       pypi_user: str,
       pypi_password: str,
       submodule_mark_failed_as_successful: str,
       remote_config: dict,
       repository_path: str
   ) -> iter:
   
       return iter([directory, ignore_objects, cache, submodules_ignored_are_successuful,
                    git_executable, python_executable, rm_executable, twine_executable, pypi_url,
                    pypi_user, pypi_password, submodule_mark_failed_as_successful, remote_config, repository_path])
   
   
   def process(
       cache: dict,
       cache_file: str,
       ignore_objects: dict,
       submodules_ignored_are_successuful: bool,
       notify: dict,
       git_executable: str,
       python_executable: str,
       rm_executable: str,
       twine_executable: str,
       pypi_url: str,
       pypi_user: str,
       pypi_password: str,
       repository_path: str,
       repository_remote: str,
       repository_default_branch: str,
       submodule_mark_failed_as_successful: bool,
       concurrent_workers: int = multiprocessing.cpu_count(),
       unit_workers_per_block: int = 1,
   ):
       quit: bool = False
   
       # Define and register the signals.
       def signal_handler(*args):
           global quit
           quit = True
           print('\n==========================')
           print('note: signal received. finished queued workers and writing ' + str(len(cache)) + ' repository elements to cache before exit')
           print('==========================\n')
       signal.signal(signal.SIGINT, signal_handler)
       signal.signal(signal.SIGTERM, signal_handler)
   
       # Autodetect.
       if concurrent_workers <= 0:
           concurrent_workers = multiprocessing.cpu_count()
       if unit_workers_per_block <= 0:
           unit_workers_per_block = 1
   
       git_get_updates(git_executable, repository_path, repository_remote, repository_default_branch)
   
       remote_config = read_remote_configuration(repository_path)
   
       # Go to the submodules subdirectory.
       repository_path = pathlib.Path(repository_path, 'submodules')
   
       dirs: list = [x for x in pathlib.Path(repository_path).iterdir()]
       len_dirs: int = len(dirs)
       n: int = 0
       new_cache: dict = dict()
       new_total_tags_including_processed: int = 0
       new_total_tags_to_process: int = 0
       new_total_successful_tags: int = 0
       import copy
       tmp_cache: dict = copy.deepcopy(cache)
   
       while n < len_dirs and not quit:
           signal.signal(signal.SIGINT, signal.SIG_IGN)
           signal.signal(signal.SIGTERM, signal.SIG_IGN)
           signal.signal(signal.SIGABRT, signal.SIG_IGN)
           signal.signal(signal.SIGALRM, signal.SIG_IGN)
   
           remaining_dirs: int = len_dirs - n
           args: list = list()
           step = min(concurrent_workers * unit_workers_per_block, remaining_dirs)
   
           print('note: remaining ' + str(remaining_dirs) + ' repositories')
   
           for i in range(0, step):
               # Skip non.directories and the ./.git directory.
               if dirs[n + i].is_dir() and dirs[n + i].stem != '.git':
                   args.append(build_worker_arg(dirs[n + i], ignore_objects, tmp_cache,
                               submodules_ignored_are_successuful, git_executable,
                               python_executable, rm_executable, twine_executable, pypi_url,
                               pypi_user, pypi_password, submodule_mark_failed_as_successful,
                               remote_config, repository_path))
   
           pool = multiprocessing.Pool(processes=concurrent_workers)
           try:
               signal.signal(signal.SIGINT, signal_handler)
               signal.signal(signal.SIGTERM, signal_handler)
               signal.signal(signal.SIGABRT, signal_handler)
               signal.signal(signal.SIGALRM, signal_handler)
               result = pool.map_async(worker, args)
               rr = result.get(timeout=3600)
               for r in rr:
                   update_cache(new_cache, r[0])
                   new_total_tags_including_processed += r[1]
                   new_total_tags_to_process += r[2]
                   new_total_successful_tags += r[3]
           except (KeyboardInterrupt, InterruptedError):
               pool.terminate()
               pool.join()
               quit = True
           else:
               pool.close()
               pool.join()
   
           n += step
   
       if pool:
           # Cleanup.
           pool.close()
           pool.join()
   
       write_cache(cache, new_cache, cache_file)
   
       message = build_message(new_total_tags_including_processed, new_total_successful_tags)
       print(message)
       send_notification(message, notify)
   
   
   if __name__ == '__main__':
       def main():
           configuration_file = shlex.quote(sys.argv[1])
           config = yaml.load(open(configuration_file, 'r'), Loader=yaml.SafeLoader)
           if not check_configuration_structure(config):
               raise InvalidConfiguration
   
           dirs = AppDirs('build_pypi_packages')
           # Read the cache file.
           if config['files']['cache']['clear']:
               shutil.rmtree(dirs.user_cache_dir, ignore_errors=True)
           pathlib.Path(dirs.user_cache_dir).mkdir(mode=0o700, exist_ok=True, parents=True)
           cache_file = str(pathlib.Path(dirs.user_cache_dir, config['files']['cache']['file']))
           cache = read_cache_file(cache_file)
   
           process(
               cache,
               cache_file,
               config['submodules']['ignore'],
               config['submodules']['ignored_are_successuful'],
               config['notify'],
               config['files']['executables']['git'],
               config['files']['executables']['python'],
               config['files']['executables']['rm'],
               config['files']['executables']['twine'],
               config['pypi']['url'],
               config['pypi']['username'],
               config['pypi']['password'],
               config['repository']['path'],
               config['repository']['remote'],
               config['repository']['default branch'],
               config['submodules']['mark_failed_as_successful'],
               config['other']['concurrent_workers'],
               config['other']['unit_workers_per_block'],
           )
   
       main()
   

9. add the configuration

   /home/jobs/scripts/by-user/python-source-packages-updater/build_python_packages.yaml

   #
   # build_python_packages.yaml
   #
   # Copyright (C) 2021-2022 Franco Masotti (franco \D\o\T masotti {-A-T-} tutanota \D\o\T com)
   #
   # This program is free software: you can redistribute it and/or modify
   # it under the terms of the GNU General Public License as published by
   # the Free Software Foundation, either version 3 of the License, or
   # (at your option) any later version.
   #
   # This program is distributed in the hope that it will be useful,
   # but WITHOUT ANY WARRANTY; without even the implied warranty of
   # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   # GNU General Public License for more details.
   #
   # You should have received a copy of the GNU General Public License
   # along with this program.  If not, see <http://www.gnu.org/licenses/>.
   
   notify:
       email:
           enabled: false
           smtp server: 'smtp.gmail.com'
           port: 465
           sender: 'myusername@gmail.com'
           user: 'myusername'
           password: 'my awesome password'
           receiver: 'myusername@gmail.com'
           subject: 'update action'
       gotify:
           enabled: false
           url: '<gotify url>'
           token: '<app token>'
           title: 'update action'
           message: 'update action'
           priority: 5
   
   
   repository:
       path: '/home/jobs/scripts/by-user/pypi-source-packages-updater/python-packages-source'
   
       remote: 'origin'
   
       # Default branch of the main repository.
       default branch: 'dev'
   
   submodules:
       ignored are successuful: true
       mark failed as successful: true
   
       ignore: {}
           # Directory name.
           # Empty list == all otherwise a list of git tags.
           # Example:
           #
           # ignore:
           #   alabaster: []
           #   argon2-cffi:
           #       # Tags names obtained from git tag
           #         - 0.1
           #         - 0.2
   
   files:
       # Relative path (stem) contextually to the user's cache directory.
       cache file: 'cache'
       clear cache: false
   
       executables:
           git: 'git'
           python: 'python3'
           rm: 'rm'
           twine: 'twine'
   
   pypi:
       url: '<PyPI URL>'
       username: '<PyPI username>'
       password: '<PyPI password>'
   
   other:
       # Put 0 to set worker number automatically based on CPU.
       concurrent_workers: 0
   
       # If we set other.concurrent_workers = 3 and other.unit_workers_per_block = 4
       # each block will process other.concurrent_workers * other.unit_workers_per_block repositories, i.e: 12.
       # This nuber works better if it's a multiplier of other.concurrent_workers.
       # The bigger this number the more probability you have to lose
       # updates in the cache structure (~/.cache/build_pypi_packages/cache) due to the way signals work.
       unit_workers_per_block: 1
   

10. add the helper script. update_and_build_python_packages.sh clones and updates the python-packages-source 14 repository and compiles all the packages

    /home/jobs/scripts/by-user/python-source-packages-updater/update_and_build_python_packages.sh

    #!/usr/bin/env bash
    
    REPOSITORY='https://software.franco.net.eu.org/frnmst/python-packages-source.git'
    
    pushd /home/jobs/scripts/by-user/python-source-packages-updater
    export PATH=$PATH:/home/python-source-packages-updater/.local/bin/
    
    # Clean the existing repository.
    rm -rf python-packages-source
    rm -rf /home/python-source-packages-updater/.cache/pre-commit
    rm -rf /home/python-source-packages-updater/.local/share/virtualenvs
    
    git clone "${REPOSITORY}"
    
    pushd python-packages-source
    
    git checkout dev
    git pull
    
    # Always commit and push to dev only.
    [ "$(git branch --show-current)" = 'dev' ] || exit 1
    
    # Update all submodules and the stats.
    pipenv install --dev
    make submodules-update
    make submodules-add-gitea
    make stats
    git add -A
    git commit -m "Submodule updates."
    git push
    
    popd
    
    # Compile the packages.
    ./build_python_packages.py ./build_python_packages.yaml
    
    # Cleanup.
    rm -rf python-packages-source
    
    popd
    

11. add the Systemd service file

    /home/jobs/services/by-user/python-source-packages-updater/build-python-packages.service

    [Unit]
    Description=Build python packages
    
    [Service]
    Type=simple
    ExecStart=/home/jobs/scripts/by-user/python-source-packages-updater/update_and_build_python_packages.sh
    User=python-source-packages-updater
    Group=python-source-packages-updater
    StandardOutput=null
    StandardError=null
    

12. add the Systemd timer unit file

    /home/jobs/services/by-user/python-source-packages-updater/build-python-packages.timer

    [Unit]
    Description=Once every week build python packages
    
    [Timer]
    OnCalendar=Weekly
    Persistent=true
    
    [Install]
    WantedBy=timers.target
    

13. run the deploy script

14. To be able to compile most packages you need to manually compile at least these basic ones and push them to you local PyPI server.

    • setuptools

    • setuptools_scm

    • wheel

    You can clone the python-packages-source 14 respository then compile and upload these basic packages.

    git clone https://software.franco.net.eu.org/frnmst/python-packages-source.git
    cd python-packages-source/setuptools
    python3 -m build --sdist --wheel
    twine upload --repository-url ${your_pypi_index_url} dist/*
    

    Important

    Some packages might need different dependencies. Have a look at the setup_requires variable in setup.py or in setup.cfg or requires in the pyproject.toml file. If you cannot compile some, download them directly from pypi.python.org.

Updating the package graph

Run as user	Instruction number
<default remote user>	1
root	2
<GIT remote user>	3

When you run the helper script you can update the stats graph automatically by using a GIT commit hook. The following script generates the graph and copies it to a webserver directory.

1. connect via SSH to the GIT remote machine

2. install the dependencies

   apt-get install git python3 make pipenv
   

3. configure your remote: add this to the post-receive hooks

   ${remote_git_repository}/hooks/post-receive

   #!/usr/bin/bash -l
   
   IMAGE=""$(echo -n 'frnmst/python-packages-source' | sha1sum | awk '{print $1 }')"_graph0.png"
   DOMAIN='assets.franco.net.eu.org'
   
   TMP_GIT_CLONE=""${HOME}"/tmp/python-packages-source"
   PUBLIC_WWW="/var/www/${DOMAIN}/image/${IMAGE}"
   
   git clone "${GIT_DIR}" "${TMP_GIT_CLONE}"
   
   pushd "${TMP_GIT_CLONE}"
   make install
   make plot OUTPUT="${PUBLIC_WWW}"
   chmod 770 "${PUBLIC_WWW}"
   popd
   
   rm --recursive --force "${TMP_GIT_CLONE}"
   

Using the PyPI server

1. change the PyPI index of your programs. See for example https://software.franco.net.eu.org/frnmst/python-packages-source#client-configuration

Footnotes

1

https://guide.debianizzati.org/index.php/Debmirror:_creiamo_un_mirror_Debian CC BY-SA 4.0, Copyright (c) guide.debianizzati contributors

2

https://docs.mirantis.com/mcp/q4-18/mcp-dev-resources/debmirror/debmirror_readme.html unknown license

3

https://www.ducea.com/2006/06/19/apache-tips-tricks-hide-a-file-type-from-directory-indexes/ unknown license

4

https://blog.programster.org/set-up-a-local-ubuntu-mirror-with-apt-mirror unknown license

5

https://www.debian.org/mirror/size MIT License, Copyright © 1997-2021 Software in the Public Interest, Inc. and others

6

https://bugs.launchpad.net/ubuntu/+source/debmirror/+bug/882941/comments/4 unknown license

7

https://people.debian.org/~koster/www/mirror/ftpmirror Open Publication License, Draft v1.0 or later, Copyright © 1997-2011 Software in the Public Interest, Inc.

8

https://perishablepress.com/better-default-directory-views-with-htaccess/ CC BY 4.0, © 2004–2022 Perishable Press

9

https://github.com/pypiserver/pypiserver zlib/libpng + MIT license, Copyright (c) 2011-2014 Ralf Schmitt

10

https://github.com/pypiserver/pypiserver#serving-thousands-of-packages zlib/libpng + MIT license, Copyright (c) 2011-2014 Ralf Schmitt

11

https://httpd.apache.org/docs/2.4/caching.html Apache License, Version 2.0. Copyright (c) Apache HTTPD contributors

12

https://httpd.apache.org/docs/2.4/mod/mod_cache.html Apache License, Version 2.0. Copyright (c) Apache HTTPD contributors

13

https://software.franco.net.eu.org/frnmst/automated-tasks GNU GPLv3+, copyright (c) 2019-2022, Franco Masotti

14(1,2,3)

https://software.franco.net.eu.org/frnmst/python-packages-source GPLv3+, Copyright (C) 2021-2022, Franco Masotti

15

https://stackoverflow.com/a/13847807 CC BY-SA 4.0, Copyright (c) 2012, 2020, spiralman, bryant1410 (at stackoverflow.com)

16

https://github.com/pypa/build/issues/328#issuecomment-877028239 unknown license