Hey everyone! I have an airgapped network with three servers that I update regularly using a USB SSD, and it's been working fine so far. However, these servers are quite far apart, and I'm wondering if it's possible to connect that USB SSD to one main server and let the others pull their updates from it. So, my main question is: how can I configure the main server to act as a repository for the other two servers and possibly other Linux boxes? Also, how should I update their sources.list files?
4 Answers
First off, what's the source of your updates? Are you using pre-built Debian packages or is it source code that needs compiling? You might need to clarify that because the approach could vary based on the type of packages you're using.
Are these servers isolated from each other, or are they part of a larger airgapped network? Knowing that can help figure out the best way to configure them.
They're on an airgap network.
It really depends on your infrastructure. In my setup, we have one server that regularly pulls the main OS repositories through a proxy, and we provide viewable repos weekly for testing and production without any direct internet access for the other servers. We manage all installations and updates from our local repos.
I'm looking to have the main server fetch updates from the USB SSD and then handle updates for the other servers remotely without needing to unplug and transfer the drive each time. Basically, I want to centralize the updates from one main server.
Since it's airgapped, make sure you have a good reason for that setup. Definitely discuss the overall network setup with your IT manager, just to keep everything compliant and secure.
Actually, I'm the IT manager and handling everything here!
I've used apt-mirror to fetch everything onto a USB SSD, and then the other servers just reference it in their sources.list using [file] lines instead of [deb] for local access.