Standalone

Repman is an open-source project under the MIT license. This means that you can use it without restrictions for your own use, or in your organizations. There are two ways to install Repman on your server:

  1. Docker installation
  2. Ansible playbooks installation

ℹ️ Before the installation, make sure to configure a domain for Repman.

Domain configuration

Due to the PHP Composer architecture, Repman requires domain configuration to work properly. You can do it in two ways:

  1. Change /etc/hosts on your local machine
  2. Add a DNS record

Hosts file

Add the following lines with your IP address to your /etc/hosts file:

$IP repman.local
$IP repo.repman.local

Add this line for every organization created in Repman:

$IP organization.repo.repman.local

DNS records

Add the following A records to your DNS:

A repman.local
A repo.repman.local
A *.repo.repman.local

Docker

Installation

First, you need to clone the repository from https://github.com/repman-io/repman

$ git clone https://github.com/repman-io/repman.git

To start all containers, run:

$ docker-compose up

Configuration

  • Override with docker-compose.override.yml if needed.
  • Set your domain (APP_HOST) in .env.docker.

.env.docker

  • PHP_URL - app container (php-fpm) URL with port
  • APP_HOST - your domain
  • APP_URL_SCHEME - https or http
  • APP_ALLOWED_PACKAGE_TYPES - list of allowed packages types
  • APP_GITLAB_API_URL - self-hosted GitLab instance URL
  • APP_ENV - application environment - prod or dev
  • APP_DEBUG - 0 - debugging disabled, 1 - debugging enabled
  • APP_SECRET - should be unique to your application
  • DATABASE_URL - database URL
  • TRUSTED_PROXIES - configuration behind a Load Balancer or a Reverse Proxy
  • MAILER_DSN - mailer DSN
  • MAILER_SENDER - mailer sender
  • SENTRY_DSN - Sentry DSN
  • OAUTH_GITHUB_CLIENT_ID - GitHub OAuth app Client ID
  • OAUTH_GITHUB_CLIENT_SECRET - GitHub OAuth app Client Secret
  • OAUTH_GITLAB_CLIENT_ID - GitLab OAuth app Client ID
  • OAUTH_GITLAB_CLIENT_SECRET - GitLab OAuth app Client Secret
  • OAUTH_BITBUCKET_CLIENT_ID - Bitbucket OAuth app Client ID
  • OAUTH_BITBUCKET_CLIENT_SECRET - Bitbucket OAuth app Client Secret
  • OAUTH_BUDDY_CLIENT_ID - Buddy OAuth app Client ID
  • OAUTH_BUDDY_CLIENT_SECRET - Buddy OAuth app Client Secret
  • GA_TRACKING - Google Analytics Tracking Code
  • PROXY_DIST_DIR - absolute path to proxy distributions directory
  • PACKAGES_DIST_DIR - absolute path to packages distributions directory
  • SECURITY_ADVISORIES_DB_DIR - absolute path to advisories database directory

SSL

If you wish to use your own certificate, put the key and the certificate in:

  • docker/nginx/ssl/private/server.key
  • docker/nginx/ssl/certs/server.crt

Otherwise, a self-signed certificate will be generated.

Ansible Playbooks installation

You can use two Ansible (at least version 2.8 is required) playbooks to set up and deploy Repman:

  • ansible/setup.yml
  • ansible/deploy.yml

First, you need to clone the repository from https://github.com/repman-io/repman

$ git clone https://github.com/repman-io/repman.git

Then, install Ansible and create you inventory in the inventories dir, for example ansible/inventories/local:

localhost ansible_connection=local

Once created, all you need to do is run your Ansible playbook and overwrite the server_hostname variable:

ansible-playbook ansible/setup.yml -i ansible/inventories/local --extra-vars '{"server_hostname":"repman.local"}'

To update your working instance, use the deploy playbook:

ansible-playbook ansible/deploy.yml -i ansible/inventories/local --extra-vars '{"server_hostname":"repman.local"}'

CLI commands

  • bin/console repman:metadata:clear-cache - clear packages metadata cache (json files)
  • bin/console repman:create:admin <email> [<password>] - create a new user with admin privileges
  • bin/console repman:create:user <email> [<password>] - create a new (normal) user
  • bin/console repman:proxy:sync-releases - sync proxy releases with packagist.org
  • bin/console repman:security:scan-all - scan all synchronized packages
  • bin/console repman:security:update-db - update security advisories database, scan all packages if updated
  • bin/console repman:package:synchronize <packageId> - synchronize given package

OAuth

GitHub

GitHub OAuth Documentation

Authorization callback URL:

  • https://your-domain.local

Scopes:

  • registration: user:email
  • repositories: read:org, repo

GitLab

GitLab OAuth Documentation

Callback URLs:

  • https://your-domain.local/auth/gitlab/check
  • https://your-domain.local/register/gitlab/check
  • https://your-domain.local/user/token/gitlab/check

Scopes:

  • registration: read_user
  • repositories: api

Bitbucket

Bitbucket OAuth documentation

Callback URL:

  • https://your-domain.local

Scopes:

  • registration: email
  • repositories: repository, webhook

Buddy

Buddy OAuth documentation

Authorization Callback URL:

  • https://your-domain.local

Scopes:

  • registration: USER_EMAIL

Self-hosted GitLab

To integrate with self-hosted GitLab, enter the instance url in the APP_GITLAB_API_URL environment variable:

APP_GITLAB_API_URL=https://gitlab.organization.lan

Telemetry

ℹ️ Telemetry feature works from version 0.5.0

In order to improve Repman, we have introduced a possibility to send over anonymous statistics for the standalone version. If you wish to support our efforts in developing this package, administrators can turn this option on in the instance settings.

What data is collected

  • proxy and private package download count
  • user count
  • organization: members count and type, token count
  • package: type, release dates, last scan results (only status), download count, last error (only bool status)
  • instance: id, version, OS version, PHP version, configuration

Repman is an open-source project so you can check what data is collected and sent directly in the code: TelemetryEndpointTest