initial working disaster

2023-05-01 01:22:25 +01:00 · 2023-05-01 01:22:25 +01:00 · 4822ded5a9
commit 4822ded5a9
10 changed files with 682 additions and 0 deletions
--- a/.envrc
+++ b/.envrc
@ -0,0 +1 @@
+use flake
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+.direnv
--- a/backend.go
+++ b/backend.go
@ -0,0 +1,154 @@
+package debanator
+
+import (
+	"crypto/md5"
+	"crypto/sha1"
+	"crypto/sha256"
+	"fmt"
+	"io"
+	"io/fs"
+	"os"
+	"path"
+	"strconv"
+	"strings"
+
+	log "github.com/sirupsen/logrus"
+	"pault.ag/go/debian/control"
+	"pault.ag/go/debian/deb"
+	"pault.ag/go/debian/dependency"
+	"pault.ag/go/debian/version"
+
+	"golang.org/x/exp/maps"
+)
+
+// A backend to search for packages in
+type Backend interface {
+	GetPackages() 
+}
+
+
+type FileBackend struct {
+	path string
+}
+
+
+func NewFileBackend(path string) FileBackend {
+	return FileBackend{path}
+}
+
+func BinaryIndexFromDeb(p string, basePath string) (*control.BinaryIndex, error) {
+	f, err := os.Open(p)
+	if err != nil {
+		return nil, fmt.Errorf("open file: %w", err)
+	}
+	defer f.Close()
+	debFile, err := deb.Load(f, p)
+	if err != nil {
+		return nil, fmt.Errorf("read deb: %w", err)
+	}
+	md5sum := md5.New()
+	sha1sum := sha1.New()
+	sha256sum := sha256.New()
+	hashWriter := io.MultiWriter(md5sum, sha1sum, sha256sum)
+	size, err := io.Copy(hashWriter, f)
+	if err != nil {
+		return nil, fmt.Errorf("hash file: %w", err)
+	}
+	bi := control.BinaryIndex{
+		Paragraph: control.Paragraph{
+			Values: make(map[string]string),
+		},
+		Package: debFile.Control.Package,
+		Source: debFile.Control.Source,
+		Version: debFile.Control.Version,
+		InstalledSize: fmt.Sprintf("%d", debFile.Control.InstalledSize),
+		Size: strconv.Itoa(int(size)),
+		Maintainer: debFile.Control.Maintainer,
+		Architecture: debFile.Control.Architecture,
+		MultiArch: debFile.Control.MultiArch,
+		Description: debFile.Control.Description,
+		Homepage: debFile.Control.Homepage,
+		Section: debFile.Control.Section,
+		// FIXME: gross, make this more centrally managed somehow
+		Filename: path.Join("pool/main", strings.TrimPrefix(p, basePath)),
+		Priority: debFile.Control.Priority,
+		MD5sum: fmt.Sprintf("%x", md5sum.Sum(nil)),
+		SHA1: fmt.Sprintf("%x", sha1sum.Sum(nil)),
+		SHA256: fmt.Sprintf("%x", sha256sum.Sum(nil)),
+	}
+	if debFile.Control.Depends.String() != "" {
+		bi.Paragraph.Set("Depends", debFile.Control.Depends.String())
+	}
+	if debFile.Control.Recommends.String() != "" {
+		bi.Paragraph.Set("Recommends", debFile.Control.Recommends.String())
+	}
+	if debFile.Control.Suggests.String() != "" {
+		bi.Paragraph.Set("Suggests", debFile.Control.Suggests.String())
+	}
+	if debFile.Control.Breaks.String() != "" {
+		bi.Paragraph.Set("Breaks", debFile.Control.Breaks.String())
+	}
+	if debFile.Control.Replaces.String() != "" {
+		bi.Paragraph.Set("Replaces", debFile.Control.Replaces.String())
+	}
+	if debFile.Control.BuiltUsing.String() != "" {
+		bi.Paragraph.Set("BuiltUsing", debFile.Control.BuiltUsing.String())
+	}
+	return &bi, nil
+}
+
+func ScanDebs(debpath string) Repo {
+	var debs []string
+	fs.WalkDir(os.DirFS(debpath), ".", func(path string, dir fs.DirEntry, err error) error {
+		if err != nil {
+			log.WithFields(log.Fields{
+				"path":  path,
+				"error": err,
+			}).Warn("Error scanning for debs")
+			return nil
+		}
+		if !dir.IsDir() && strings.HasSuffix(dir.Name(), ".deb"){
+			debs = append(debs, path)
+		}
+		return nil
+	})
+	packs := make(map[string]LogicalPackage)
+	for _, d := range debs {
+		p := path.Join(debpath, d)
+		bi, err  := BinaryIndexFromDeb(p, debpath)
+		if err != nil {
+			log.WithFields(log.Fields{
+				"path": p,
+				"error": err,
+			}).Error("Error processing deb file")
+			continue
+		}
+
+		packageName := bi.Package
+		if _, ok := packs[packageName]; !ok {
+			packs[packageName] = LogicalPackage{
+				Name: packageName,
+				Arches: make(map[dependency.Arch]map[version.Version]control.BinaryIndex),
+			}
+		}
+		pack := packs[packageName]
+		if _, ok := pack.Arches[bi.Architecture]; !ok {
+			pack.Arches[bi.Architecture] = make(map[version.Version]control.BinaryIndex)
+		}
+		arch := pack.Arches[bi.Architecture]
+		if _, ok := arch[bi.Version]; !ok {
+			arch[bi.Version] = *bi
+		} else {
+			log.WithFields(log.Fields{
+				"package": packageName,
+				"arch": arch,
+				"version": bi.Version.String(),
+			}).Warn("Duplicate package/arch/version found, ignoring...")
+		}
+	}
+
+	return Repo{
+		packages: maps.Values(packs),
+		cache: make(map[string]hashedFile),
+	}
+}
--- a/cmd/main.go
+++ b/cmd/main.go
@ -0,0 +1,99 @@
+package main
+
+import (
+	"encoding/json"
+	"flag"
+	"io"
+	"net/http"
+	"os"
+
+	"github.com/ProtonMail/gopenpgp/v2/crypto"
+	"github.com/go-chi/chi/v5"
+	"github.com/go-chi/chi/v5/middleware"
+	log "github.com/sirupsen/logrus"
+	"github.com/wlcx/debanator"
+)
+
+type responseRecorder struct {
+	http.ResponseWriter
+	status int
+}
+
+func (r responseRecorder) WriteHeader(statusCode int) {
+	r.status = statusCode
+	r.ResponseWriter.WriteHeader(statusCode)
+}
+
+func logMiddleware(h http.HandlerFunc) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		rec := responseRecorder{ResponseWriter: w}
+		h.ServeHTTP(rec, r)
+		log.WithFields(log.Fields{
+			"remote": r.RemoteAddr,
+			"method": r.Method,
+			"url": r.URL,
+			"status": rec.status,
+		}).Info("Got request")
+	}
+}
+
+func md(err error) {
+	if err != nil {
+		log.Fatal(err)
+	}
+}
+
+func unwrap[T any](val T, err error) T {
+	md(err)
+	return val
+}
+
+func main() {
+	listenAddr := *flag.String("listen", ":1612", "HTTP listen address")
+	debPath := *flag.String("debpath", "debs", "Path to directory containing deb files.")
+	flag.Parse()
+	log.Info("Starting...")
+	var ecKey *crypto.Key
+	kb, err := os.ReadFile("privkey.gpg")
+	if err != nil {
+		log.Infof("Generating new key...")
+		ecKey = unwrap(crypto.GenerateKey("Debanator", "packager@example.com", "x25519", 0))
+		f := unwrap(os.Create("privkey.gpg"))
+		defer f.Close()
+		armored := unwrap(ecKey.Armor())
+		f.WriteString(armored)
+	} else {
+		log.Infof("Using existing key...")
+		ecKey = unwrap(crypto.NewKeyFromArmored(string(kb)))
+	}
+
+	signingKeyRing, err := crypto.NewKeyRing(ecKey)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	repo := debanator.ScanDebs(debPath)
+	if err := repo.GenerateFiles(); err != nil {
+		log.Fatal(err)
+	}
+	log.Infof("Listening on %s", listenAddr)
+	r := chi.NewRouter()
+	r.Use(middleware.Logger)
+	r.Get("/", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Add("Content-Type", "application/json")
+		enc := json.NewEncoder(w)
+		if err := enc.Encode(repo); err != nil {
+			log.Errorf("encoding json: %v", err)
+		}
+	})
+	r.Get("/pubkey.gpg", func(w http.ResponseWriter, r *http.Request) {
+		pub, err := ecKey.GetArmoredPublicKey()
+		if err != nil {
+			log.Fatal(err)
+		}
+		io.WriteString(w, pub)
+	})
+	r.Mount("/dists/stable", repo.GetHandler(signingKeyRing))
+	r.Get("/pool/main/*", http.StripPrefix("/pool/main/", http.FileServer(http.Dir(debPath))).ServeHTTP)
+	http.ListenAndServe(listenAddr, r)
+}
--- a/flake.lock
+++ b/flake.lock
@ -0,0 +1,109 @@
+{
+  "nodes": {
+    "devshell": {
+      "inputs": {
+        "flake-utils": "flake-utils",
+        "nixpkgs": "nixpkgs"
+      },
+      "locked": {
+        "lastModified": 1678957337,
+        "narHash": "sha256-Gw4nVbuKRdTwPngeOZQOzH/IFowmz4LryMPDiJN/ah4=",
+        "owner": "numtide",
+        "repo": "devshell",
+        "rev": "3e0e60ab37cd0bf7ab59888f5c32499d851edb47",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "devshell",
+        "type": "github"
+      }
+    },
+    "flake-utils": {
+      "locked": {
+        "lastModified": 1642700792,
+        "narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "846b2ae0fc4cc943637d3d1def4454213e203cba",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1677383253,
+        "narHash": "sha256-UfpzWfSxkfXHnb4boXZNaKsAcUrZT9Hw+tao1oZxd08=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "9952d6bc395f5841262b006fbace8dd7e143b634",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixpkgs-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1678101631,
+        "narHash": "sha256-vuuvWBNGhNSPPbFCjp2XZmBqJOvsFF1T0hyleRnHZlc=",
+        "path": "/nix/store/9hi0ykjc2h1hzldcqdfmjgw2hp0lld2v-source",
+        "rev": "934e613c31cf7af0624dcf088b9e2d9b802d0717",
+        "type": "path"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "type": "indirect"
+      }
+    },
+    "root": {
+      "inputs": {
+        "devshell": "devshell",
+        "nixpkgs": "nixpkgs_2",
+        "utils": "utils"
+      }
+    },
+    "systems": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    },
+    "utils": {
+      "inputs": {
+        "systems": "systems"
+      },
+      "locked": {
+        "lastModified": 1681202837,
+        "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "cfacdce06f30d2b68473a46042957675eebb3401",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
--- a/flake.nix
+++ b/flake.nix
@ -0,0 +1,36 @@
+{
+  description = "Another cool golang abhorration from samw";
+
+  inputs.utils.url = "github:numtide/flake-utils";
+  inputs.devshell.url = "github:numtide/devshell";
+
+  outputs = {
+    self,
+    nixpkgs,
+    utils,
+    devshell,
+  }:
+    utils.lib.eachDefaultSystem (system: let
+      pkgs = import nixpkgs {
+        inherit system;
+        overlays = [devshell.overlays.default];
+      };
+    in rec {
+      packages.default = pkgs.buildGoModule {
+        name = "my-project";
+        src = self;
+        vendorSha256 = "";
+
+        # Inject the git version if you want
+        #ldflags = ''
+        #  -X main.version=${if self ? rev then self.rev else "dirty"}
+        #'';
+      };
+
+      apps.default = utils.lib.mkApp {drv = packages.default;};
+
+      devShells.default =
+        pkgs.devshell.mkShell {packages = with pkgs; [go gopls];};
+      formatter = pkgs.alejandra;
+    });
+}
--- a/go.mod
+++ b/go.mod
@ -0,0 +1,25 @@
+module github.com/wlcx/debanator
+
+go 1.19
+
+require (
+	github.com/ProtonMail/gopenpgp/v2 v2.7.1
+	github.com/go-chi/chi/v5 v5.0.8
+	github.com/sirupsen/logrus v1.9.0
+	golang.org/x/exp v0.0.0-20230420155640-133eef4313cb
+	pault.ag/go/debian v0.12.0
+)
+
+require (
+	github.com/DataDog/zstd v1.4.8 // indirect
+	github.com/ProtonMail/go-crypto v0.0.0-20230321155629-9a39f2531310 // indirect
+	github.com/ProtonMail/go-mime v0.0.0-20230322103455-7d82a3887f2f // indirect
+	github.com/cloudflare/circl v1.1.0 // indirect
+	github.com/kjk/lzma v0.0.0-20161016003348-3fd93898850d // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
+	golang.org/x/crypto v0.7.0 // indirect
+	golang.org/x/sys v0.6.0 // indirect
+	golang.org/x/text v0.8.0 // indirect
+	pault.ag/go/topsort v0.0.0-20160530003732-f98d2ad46e1a // indirect
+)
--- a/go.sum
+++ b/go.sum
@ -0,0 +1,81 @@
+github.com/DataDog/zstd v1.4.8 h1:Rpmta4xZ/MgZnriKNd24iZMhGpP5dvUcs/uqfBapKZY=
+github.com/DataDog/zstd v1.4.8/go.mod h1:g4AWEaM3yOg3HYfnJ3YIawPnVdXJh9QME85blwSAmyw=
+github.com/ProtonMail/go-crypto v0.0.0-20230321155629-9a39f2531310 h1:dGAdTcqheKrQ/TW76sAcmO2IorwXplUw2inPkOzykbw=
+github.com/ProtonMail/go-crypto v0.0.0-20230321155629-9a39f2531310/go.mod h1:8TI4H3IbrackdNgv+92dI+rhpCaLqM0IfpgCgenFvRE=
+github.com/ProtonMail/go-mime v0.0.0-20230322103455-7d82a3887f2f h1:tCbYj7/299ekTTXpdwKYF8eBlsYsDVoggDAuAjoK66k=
+github.com/ProtonMail/go-mime v0.0.0-20230322103455-7d82a3887f2f/go.mod h1:gcr0kNtGBqin9zDW9GOHcVntrwnjrK+qdJ06mWYBybw=
+github.com/ProtonMail/gopenpgp/v2 v2.7.1 h1:Awsg7MPc2gD3I7IFac2qE3Gdls0lZW8SzrFZ3k1oz0s=
+github.com/ProtonMail/gopenpgp/v2 v2.7.1/go.mod h1:/BU5gfAVwqyd8EfC3Eu7zmuhwYQpKs+cGD8M//iiaxs=
+github.com/bwesterb/go-ristretto v1.2.0/go.mod h1:fUIoIZaG73pV5biE2Blr2xEzDoMj7NFEuV9ekS419A0=
+github.com/cloudflare/circl v1.1.0 h1:bZgT/A+cikZnKIwn7xL2OBj012Bmvho/o6RpRvv3GKY=
+github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/go-chi/chi/v5 v5.0.8 h1:lD+NLqFcAi1ovnVZpsnObHGW4xb4J8lNmoYVfECH1Y0=
+github.com/go-chi/chi/v5 v5.0.8/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
+github.com/kjk/lzma v0.0.0-20161016003348-3fd93898850d h1:RnWZeH8N8KXfbwMTex/KKMYMj0FJRCF6tQubUuQ02GM=
+github.com/kjk/lzma v0.0.0-20161016003348-3fd93898850d/go.mod h1:phT/jsRPBAEqjAibu1BurrabCBNTYiVI+zbmyCZJY6Q=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
+github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0=
+github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 h1:nIPpBwaJSVYIxUFsDv3M8ofmx9yWTog9BfvIu0q41lo=
+github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8/go.mod h1:HUYIGzjTL3rfEspMxjDjgmT5uz5wzYJKVo23qUhYTos=
+github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.7.0 h1:AvwMYaRytfdeVt3u6mLaxYtErKYjxA2OXjJ1HHq6t3A=
+golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
+golang.org/x/exp v0.0.0-20230420155640-133eef4313cb h1:rhjz/8Mbfa8xROFiH+MQphmAmgqRM0bOMnytznhWEXk=
+golang.org/x/exp v0.0.0-20230420155640-133eef4313cb/go.mod h1:V1LtkGg67GoY2N1AnLN78QLrzxkLyJw7RJb1gzOOz9w=
+golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
+golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
+golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
+golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
+golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.8.0 h1:57P1ETyNKtuIjB4SRd15iJxuhj8Gc416Y78H3qgMh68=
+golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
+golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+pault.ag/go/debian v0.12.0 h1:b8ctSdBSGJ98NE1VLn06aSx70EUpczlP2qqSHEiYYJA=
+pault.ag/go/debian v0.12.0/go.mod h1:UbnMr3z/KZepjq7VzbYgBEfz8j4+Pyrm2L5X1fzhy/k=
+pault.ag/go/topsort v0.0.0-20160530003732-f98d2ad46e1a h1:WwS7vlB5H2AtwKj1jsGwp2ZLud1x6WXRXh2fXsRqrcA=
+pault.ag/go/topsort v0.0.0-20160530003732-f98d2ad46e1a/go.mod h1:INqx0ClF7kmPAMk2zVTX8DRnhZ/yaA/Mg52g8KFKE7k=
--- a/package.go
+++ b/package.go
@ -0,0 +1,160 @@
+package debanator
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"net/http"
+	"time"
+
+	"github.com/ProtonMail/gopenpgp/v2/crypto"
+	"github.com/go-chi/chi/v5"
+	log "github.com/sirupsen/logrus"
+	"golang.org/x/exp/maps"
+	"pault.ag/go/debian/control"
+	"pault.ag/go/debian/dependency"
+	"pault.ag/go/debian/hashio"
+	"pault.ag/go/debian/version"
+)
+
+// A group of debs of a package for different arches/version
+type LogicalPackage struct {
+	Name string
+	// arch:version:package
+	Arches map[dependency.Arch]map[version.Version]control.BinaryIndex
+}
+
+type hashedFile struct {
+	buf []byte
+	md5Hash control.MD5FileHash
+	sha1Hash control.SHA1FileHash
+	sha256Hash control.SHA256FileHash
+}
+
+type Repo struct {
+	packages []LogicalPackage
+	cache map[string]hashedFile
+	release []byte
+}
+
+func (r *Repo) GetArches() []dependency.Arch {
+	arches := make(map[dependency.Arch]struct{})
+	for _, lp := range r.packages {
+		for arch := range lp.Arches {
+			arches[arch] = struct{}{}
+		}
+	}
+	return maps.Keys(arches)
+}
+
+// Find the latest versions of all packages for the given arch
+func (r *Repo) GetPackagesForArch(a dependency.Arch) []control.BinaryIndex {
+	out := []control.BinaryIndex{}
+	for _, p := range r.packages {
+		if versions, ok := p.Arches[a]; ok {
+			var latest version.Version
+			for v := range versions {
+				if version.Compare(v, latest) > 0 {
+					latest = v 
+				}
+			}
+			out = append(out, p.Arches[a][latest])
+		}
+	}
+	return out
+}
+
+func (r *Repo) makePackagesFileForArch(arch dependency.Arch) error {
+	var b bytes.Buffer
+	w, hashers, err := hashio.NewHasherWriters([]string{"md5", "sha256", "sha1"}, &b)
+	enc, _ := control.NewEncoder(w)
+	for _, d := range r.GetPackagesForArch(arch) {
+		if err = enc.Encode(d); err != nil {
+			return fmt.Errorf("encoding package %s: %w", d.Package, err)
+		}
+	}
+	fname := fmt.Sprintf("main/binary-%s/Packages", arch)
+	hashes := make(map[string]control.FileHash)
+	for _, h := range hashers {
+		hashes[h.Name()] = control.FileHashFromHasher(fname, *h)
+	}
+	r.cache[fname] = hashedFile{
+		buf: b.Bytes(),
+		sha256Hash: control.SHA256FileHash{hashes["sha256"]},
+		sha1Hash: control.SHA1FileHash{hashes["sha1"]},
+		md5Hash: control.MD5FileHash{hashes["md5"]},
+	}
+	return nil
+}
+
+// Generate and cache all the Package/Repo files
+func (r *Repo) GenerateFiles() error {
+	for _, arch := range r.GetArches() {
+		if err := r.makePackagesFileForArch(arch); err != nil {
+			return fmt.Errorf("generating files for arch %s: %w", arch, err)
+		}
+	}
+	r.makeRelease()
+	return nil
+}
+
+func (r *Repo) makeRelease() {
+	var rel bytes.Buffer
+		enc, _ := control.NewEncoder(&rel)
+		const dateFmt = "Mon, 02 Jan 2006 15:04:05 MST"
+		var md5s []control.MD5FileHash
+		var sha1s []control.SHA1FileHash
+		var sha256s []control.SHA256FileHash
+		for _, f := range r.cache {
+			md5s = append(md5s, f.md5Hash)
+			sha1s = append(sha1s, f.sha1Hash)
+			sha256s = append(sha256s, f.sha256Hash)
+		}
+		if err := enc.Encode(Release{
+			Suite: "stable",
+			Architectures: r.GetArches(),
+			Components: "main",
+			Date: time.Now().UTC().Format(dateFmt),
+			MD5Sum: md5s,
+			SHA1: sha1s,
+			SHA256: sha256s,
+		}); err != nil {
+			log.Fatal(err)
+		}
+		r.release = rel.Bytes()
+		return
+	}
+
+
+// Handle a deb/apt repository http request
+func (r *Repo) GetHandler(keyring *crypto.KeyRing) http.Handler {
+	router := chi.NewRouter()
+	router.Get("/Release", func(w http.ResponseWriter, req *http.Request) {
+		if _, err := w.Write(r.release); err != nil {
+			log.Fatal(err)
+		}
+	})
+	router.Get("/Release.gpg", func(w http.ResponseWriter, req *http.Request) {
+		msg := crypto.NewPlainMessage(r.release)
+		sig, err := keyring.SignDetached(msg)
+		if err != nil {
+			log.Fatal(err)
+		}
+		sigStr, err := sig.GetArmored()
+		if err != nil {
+			log.Fatal(err)
+		}
+		io.WriteString(w, sigStr)
+	})
+	router.Get("/main/{arch}/Packages", func(w http.ResponseWriter, req *http.Request) {
+		h, ok := r.cache[fmt.Sprintf("main/%s/Packages", chi.URLParam(req, "arch"))]
+		if !ok {
+			w.WriteHeader(http.StatusBadRequest)
+			return
+		}
+		_, err := w.Write(h.buf); if err != nil {
+			log.Error(err)
+		}
+	})
+	return router
+}
--- a/release.go
+++ b/release.go
@ -0,0 +1,16 @@
+package debanator
+
+import (
+	"pault.ag/go/debian/control"
+	"pault.ag/go/debian/dependency"
+)
+
+type Release struct {
+	Suite         string
+	Architectures []dependency.Arch
+	Components    string
+	Date          string
+	SHA1           []control.SHA1FileHash `delim:"\n" strip:"\n\r\t "`
+	SHA256        []control.SHA256FileHash`delim:"\n" strip:"\n\r\t "`
+	MD5Sum        []control.MD5FileHash`delim:"\n" strip:"\n\r\t "`
+}