# Cross-build server for packages



## Melchior (Jul 22, 2013)

Hi everyone,

Currently I have set up a network with 25 servers. Of these 25 servers there that allows me to design custom kernels and create packages. I based this page. I share the /usr/src, /usr/obj and /usr/ports with the NFS service and read-only. The read-only allows me to prohibit other machines to compile because it is not up to them to do this work but the machine I dedicated.

Once my core and my packages built, I consignments on machines with the famous `make installkernel & make installworld` and pkg_add(1) for packages. However to update the packages, I rebuild the Apache web port on the build machine and I use `portupgrade -arRPP` to the update on another machine. I know it works because it's been 3 years since I work like that but I wanted to get your opinion if it was a good idea or not and if there are more simple?

Best regards.


Melchior.


----------



## SirDice (Jul 22, 2013)

Look into building your own PKGNG repository with poudriere:

[thread=38859]PKGNG package repository using ports-mgmt/poudriere-devel. No ZFS required[/thread]

If you have a good repository all you need to do on the clients is: `# pkg upgrade`.


----------



## kpa (Jul 22, 2013)

Note that it should be still possible to use ports-mgmt/poudriere (or the devel version of it) to build the old style packages for pkg_add(1). My HOWTO that @SirDice linked should work if the WITH_PKGNG settings are removed.

However, now is a good time to migrate to PKGNG because the next major release of FreeBSD, FreeBSD 10, will use PKGNG by default.


----------



## Melchior (Jul 23, 2013)

Thank you for your answers, I look at it and come back to you later!

Best regards.


Melchior.


----------



## Melchior (Jul 31, 2013)

Hi everyone,

This solution you told me is just awesome. 

However, I still look at how I'm going to share the packages, if I continue with NFS or if I get an HTTP server for that.

I have some questions :


Poudriere only allows to create packages. It really does not create the kernels?
I ask the kernel because the jail, poudriere will seek full source systems.
Is it possible to use the branch `/usr/ports` with SVN or it's better to use the poudriere system?
Is there something like poudriere to make kernels or do I have to use my method mentioned above?

In any case, I am very happy with this new method, a big thank you!

Best regards.


Melchior


----------



## kpa (Jul 31, 2013)

It does not build anything that is part of what is known as "base system". The build process for the base system that is made of the kernel and the userland (called world) is described in the build(7) manual page and in the Handbook.

I'm not sure but I think ports-mgmt/tinderbox can be used to build kernels and worlds.


----------



## SirDice (Jul 31, 2013)

Melchior said:
			
		

> However, I still look at how I'm going to share the packages, if I continue with NFS or if I get an HTTP server for that.


I would recommend a web server for this. It'll be easier to secure and proxy if needed. Something simple like www/nginx will suffice.


```
location /packages/ {
            root   /usr/local/poudriere/data/;
            index  index.html index.htm;
            autoindex on;
        }
        location /logs/ {
            root   /usr/local/poudriere/data/;
            index  index.html index.htm;
            autoindex on;
        }
```
That should share the packages and logs from poudriere.


----------



## Melchior (Jul 31, 2013)

That's what I thought.

Thanks 

Best regards.


Melchior


----------



## SirDice (Jul 31, 2013)

I'm currently setting this up for a client. I'm going to use the standard freebsd-update for updates but I'm going to proxy it through nginx. That should cache the data it receives so the updates only have to be fetched once from the FreeBSD update servers.

I found this configuration for nginx:

```
server {
                listen 80;
                server_name fbsd-update.example.com;

                location / {
                        proxy_pass http://update.freebsd.org;
                        proxy_http_version 1.1;
                        proxy_store on;
                        proxy_store_access user:rw group:rw all:r;
                        proxy_temp_path /var/tmp/nginx/update_temp/;
                        root /;
                }
        }
```

If you edit /etc/freebsd-update.conf and change ServerName to fbsd-update.example.com (or whatever you choose to use) it should get proxied and cached by nginx. I haven't tested this extensively but it does work.


----------



## Melchior (Aug 1, 2013)

Hi,

I'm not sure but freebsd-update doesn't update the custom kernel right?

Best regards.


Melchior


----------



## DutchDaemon (Aug 1, 2013)

That has been answered a couple of times before. You use freebsd-update to synchronize the source code and build the custom kernel manually from that. That way your custom kernel will always match the installed binaries one-on-one, because they are pre-built from those same sources.


----------



## Melchior (Aug 1, 2013)

Okay, I see!

Big thanks for answers 

Best regards.


Melchior


----------

