I am working with Ubuntu OS.
I have created a local repository using Google Artifact Registry for my VM's which do not have access to internet.
I am using apt-offline
to create .deb
packages and I am uploading to Artifact Registry for further use. It is working as expected for software packages like Nginx, Git etc
I want to get the OS Patches, Updates, Bug Fixes, Security Updates and Security Patches as well and make them available on my private repository.
How I can do this so that OS of VM is also up to date.
Directly incorporating Ubuntu OS updates into the private Artifact Registry with apt-offline
isn't recommended as it may pose some security concerns. Ubuntu repositories are constantly updated with security patches. Including these in your local repository would require frequent updates, making management cumbersome.Ubuntu updates often introduce new dependencies. Downloading and managing all dependencies locally would be complex. And lastly, Ubuntu releases come with significant change.
You can try an alternative approach to keep your VMs updated without compromising security or manageability:
Doing periodic online updates like running unattended-upgrades
to automatically fetch critical updates from the official Ubuntu repositories. You can configure unattended-upgrades
to notify you first before installing the updates. Here's a documentation you can check for reference.
You can try offline patching tools like apt-cacher-ng
or apt-mirror
to create a local cache of the official Ubuntu repositories. This will allow your VMs to access updates without a permanent internet connection.