Create Your Own Local Ubuntu Repository: A Step-by-Step Guide Using apt-mirror
Managing software updates across multiple Ubuntu servers can quickly become a bottleneck. Each machine independently downloads the same packages, consuming significant internet bandwidth and slowing down deployment and maintenance cycles. For organizations with restricted internet access or a need for tighter control over software versions, this challenge is even greater.
The solution is to create a local APT repository—a private mirror of Ubuntu’s official repositories hosted on your own network. This provides a centralized point for all your servers to fetch updates, offering dramatic improvements in speed, security, and efficiency.
This guide will walk you through the entire process of setting up a local Ubuntu mirror using apt-mirror, a powerful and straightforward tool for the job.
Why Bother with a Local Repository?
Before we dive in, let’s look at the key benefits:
- Reduced Bandwidth Usage: Download packages once from the internet to your mirror server. All other servers then download updates from this local server at LAN speeds.
- Faster Deployments: Installing software and running updates is significantly faster when pulling from a local source.
- Offline Access: Your servers can still be updated and managed even if your primary internet connection is down or in completely air-gapped environments.
- Enhanced Security and Stability: You gain full control over which packages and versions are available to your systems, preventing accidental upgrades to unstable versions and ensuring consistency across your infrastructure.
Prerequisites
- An Ubuntu server designated to be the mirror host.
- Significant free disk space. A full mirror of a single Ubuntu version can easily exceed 200-300 GB and will grow over time. Plan for at least 500 GB to be safe.
- Root or sudo privileges on the mirror server and all client machines.
Step 1: Install the apt-mirror Tool
First, connect to your designated mirror server and install the apt-mirror package. It’s available directly from the default Ubuntu repositories.
sudo apt update
sudo apt install apt-mirror
Step 2: Configure Your Repository List
The main configuration for apt-mirror is handled in a single file: /etc/apt/mirror.list. This is where you define where to store the mirrored files and which repositories you want to download.
Open the file for editing with your preferred text editor:
sudo nano /etc/apt/mirror.list
You’ll need to modify this file to suit your needs. Here is a well-structured example for Ubuntu 22.04 LTS (Jammy Jellyfish). You can adapt this for other versions like 20.04 (Focal) by simply changing the codename.
############# config ##################
#
# set base_path /var/spool/apt-mirror
#
# if you change the base path you must create the directory manually
#
set base_path /mnt/apt-mirror
# Set the number of download threads
set nthreads 20
set _tilde 0
#
############# end config ##############
# Main Ubuntu Repository for Ubuntu 22.04 LTS (Jammy Jellyfish)
deb http://archive.ubuntu.com/ubuntu jammy main restricted universe multiverse
deb http://archive.ubuntu.com/ubuntu jammy-security main restricted universe multiverse
deb http://archive.ubuntu.com/ubuntu jammy-updates main restricted universe multiverse
deb http://archive.ubuntu.com/ubuntu jammy-backports main restricted universe multiverse
# Uncomment the lines below if you also need source packages (for developers)
# deb-src http://archive.ubuntu.com/ubuntu jammy main restricted universe multiverse
# deb-src http://archive.ubuntu.com/ubuntu jammy-security main restricted universe multiverse
# deb-src http://archive.ubuntu.com/ubuntu jammy-updates main restricted universe multiverse
# deb-src http://archive.ubuntu.com/ubuntu jammy-backports main restricted universe multiverse
clean http://archive.ubuntu.com/ubuntu
Let’s break down the key directives:
set base_path: This is the most important setting. It defines the root directory where all repository files will be stored. Ensure the chosen location has enough disk space. We’ve used/mnt/apt-mirrorin this example, assuming a large, mounted drive.set nthreads: This sets the number of simultaneous connections for downloading packages, which can speed up the process. A value of 20 is a good starting point.deb ...: These lines specify the actual repositories to mirror. We are mirroring themain,security,updates, andbackportscomponents for Ubuntu 22.04 (jammy).clean ...: This line tellsapt-mirrorwhich repositories to check for cleanup. It helps remove obsolete package files that are no longer referenced in the repository index.
After saving your configuration, you must create the base path directory manually:
sudo mkdir -p /mnt/apt-mirror
Step 3: Run the Initial Synchronization
With the configuration complete, you can start the first mirror synchronization. This is done by running the apt-mirror command as the apt-mirror user.
sudo su - apt-mirror -c apt-mirror
Warning: This initial process will take a very long time and download a massive amount of data. Depending on your internet connection and the repositories selected, this can range from several hours to more than a day. It is highly recommended to run this command in a screen or tmux session to prevent it from being interrupted if your SSH connection drops.
Step 4: Serve Your Repository Over the Network
Once the download is complete, the repository exists on your server’s disk, but it’s not yet accessible to other machines. The standard way to share it is via a web server like Apache or Nginx. We’ll use Apache for this example.
Install Apache:
sudo apt install apache2Make the Repository Accessible:
Theapt-mirrortool creates a specific folder structure. The actual repository files that clients need are located in a subdirectory calledmirror. To expose this via Apache without moving data, we create a symbolic link.sudo ln -s /mnt/apt-mirror/mirror/archive.ubuntu.com/ubuntu /var/www/html/ubuntuThis command creates a link named
ubuntuinside the default Apache web root (/var/www/html) that points directly to your mirrored repository content.
Step 5: Automate Updates with Cron
A mirror is only useful if it’s kept up-to-date. You can easily automate the synchronization process with a cron job.
Edit the crontab for the root user:
sudo crontab -e
Add the following line to the file to run the update script every day at 4:00 AM:
0 4 * * * /usr/bin/apt-mirror
This ensures your local repository automatically fetches the latest security patches and software updates from Ubuntu’s main servers without any manual intervention.
Step 6: Configure Client Systems to Use the Local Mirror
The final step is to tell your other Ubuntu servers to use your new local mirror instead of the public internet ones.
On each client machine:
Always back up the original
sources.listfile first!sudo cp /etc/apt/sources.list /etc/apt/sources.list.bakEdit the
sources.listfile:sudo nano /etc/apt/sources.listComment out all existing
deblines (by adding a#at the beginning of each one) and add a new line pointing to your mirror server. Replaceyour-mirror-server-ipwith the actual IP address or hostname of your mirror server.# Commented out original lines... # deb http://archive.ubuntu.com/ubuntu jammy main restricted # ... # New line pointing to the local mirror deb http://your-mirror-server-ip/ubuntu jammy main restricted universe multiverse deb http://your-mirror-server-ip/ubuntu jammy-security main restricted universe multiverse deb http://your-mirror-server-ip/ubuntu jammy-updates main restricted universe multiverse deb http://your-mirror-server-ip/ubuntu jammy-backports main restricted universe multiverseSave the file, then refresh the APT package index.
bash
sudo apt update
You should seeaptfetching the package lists from your local server’s IP address. Congratulations! Your client is now using your private, high-speed repository.
Security and Best Practices
- Firewall Your Mirror: Use
UFW(Uncomplicated Firewall) to restrict access to the web server (port 80) to only IPs within your local network. - Manage Disk Space: The
apt-mirrorpackage includes a cleanup script. Periodically runsudo /var/spool/apt-mirror/var/clean.shto remove orphaned and outdated packages and free up disk space. - Consider HTTPS: For enhanced security, consider configuring Apache with a self-signed or internal CA-signed SSL certificate to serve the repository over HTTPS.
By following these steps, you have successfully created a centralized, efficient, and reliable system for managing Ubuntu software packages across your entire network.
Source: https://www.tecmint.com/setup-local-repositories-in-ubuntu/
