Bye Bye Apple SUS

| Comments

I have known about Greg Neagle’s reposado for a long time, and each and every time I had some problem with the official Apple SUS server I thought on moving to open source. So two days ago when I noticed that the 10.7.4 delta and the combo were not showing on my two SUS server I said “that is enough!”

There are a number of reasons for you to use and Apple OSX server while offering services to your OSX clients, but hopefully after this tutorial, offering updates local won’t be one of them.

As everything in life this have some pros and some cons, here I try to list them on a positive way

Apple Official SUS pros:

  •  Everything is done graphically in Server Admin, checkboxes and stuff.
  •  The server syncs every night automatically ¿at 3:00am?
  •  You get the helpful Access.log, Error.log and Sync.log
  •  Automatically removes deprecated/obsolete updates
  •  Handles the URI rewrites automatically
  •  You know it by heart, you studied it and yet you got your Apple certification 8-)

Reposado pros:

  • It is open source
  • Allows you to create multiple branches in one server
  • You can keep the deprecated/obsolete updates for as long as you want
  • Server returns ETags to clients
  • You get support for Mountain Lion today!
  • You can do cool stuff with the URi rewrites manually
  • Less bugs
  • You save the 40€ that costs the server licence. Insert drinks here?!

What you need:

  • A OSX client // I am using a 10.7.4 vanilla
  • Xcode command line tools // for git
  • Static IP
  • A cool DNS name ;)
  • Enough free disk space // As of today >150GB should do

The installation/configuration:

NOTE: With this you are actually mirroring the Update from Apple. Until I prepare and you follow my next chapter called “Hola reposado!”“ you will not be able to select which updates you want to offer, you will just be a mirror of the Apple Server in your own network. Consequences on this may vary :S

Navigate to the Applications folder

bash-3.2$ cd /Applications

Download the latest reposado

bash-3.2$ git clone

Enter the code folder

bash-3.2$ cd reposado/code

Don’t panic here we’ll change this permissions back later

bash-3.2$ chmod -R 777 /Library/WebServer/Documents

Create the folder where the metada will be stored

bash-3.2$ mkdir /Library/WebServer/Documents/metadata

Let’s configure reposado with this folders, and port 8088 to imitate the official SUS service

bash-3.2$ ./repoutil --configure
Path to store replicated catalogs and updates [None]: /Library/WebServer/Documents/
Path to store Reposado metadata [None]: /Library/WebServer/Documents/metadata/
Base URL for your local Software Update Service (Example: -- leave empty if you are not replicating updates) [None]: http://YourCoolDNSName:8088

Now let’s download the updates from Apple

bash-3.2$ ./repo_sync

You just downloaded ~104GB of updates :o

Now let’s get the rewrite working

Edit the apache configuration file

bash-3.2$ vi /etc/apache2/httpd.conf

Insert this in line 52 to look like this

Listen 8088
Listen 80
< /IfDefine>

Edit line 285 to look like this

# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
AllowOverride All
# Controls who can get stuff from this server.

Make sure the rewrite module will be loaded by checking that there is no # sign on this output

bash-3.2$ cat /etc/apache2/httpd.conf | grep rewrite_module
LoadModule rewrite_module libexec/apache2/

Download this .htaccess file

And move it to the appropriate location

bash-3.2$ mv ~/Downloads/htaccess /Library/WebServer/Documents/.htaccess

Reset back the permissions and set _www as owner

bash-3.2$ chmod -R 755 /Library/WebServer/Documents/
bash-3.2$ chown -R _www /Library/WebServer/Documents/

You are done! Now just go to the Sharing pane in System Preferences and start the Web Sharing

Bonus track:

To do the simple task of adding and removing updates we are going to install also Margarita. Margarita is a web-end for reposado that allows you to add, remove and list the updates of all the branches from a graphical interface.

Navigate to the Applications folder

bash-3.2$ cd /Applications/

Clone Margarita

bash-3.2$ git clone

Install the only dependency

bash-3.2$ easy_install flask

Point Margarita to where reposado is

bash-3.2$ ln -s /Applications/reposado/code/reposadolib /Applications/margarita/
bash-3.2$ ln -s /Applications/reposado/code/preferences.plist /Applications/margarita/

If you want you can also download this favicon.ico so you don’t see that error 404 in the debug

Then put it in place

bash-3.2$ cp ~/Downloads/favicon.ico /Library/WebServer/Documents/

And launch Margarita!

bash-3.2$ sudo -u _www python /Applications/margarita/ -p 5000 -b -d

For security purposes this command will bind Margarita to accesible only from the localhost when visiting

On the next chapter how to create a branch and filter what you offer to your OSX clients