1. Guides
  2. Debian APT repository support

Guides

Debian APT repository support

ToDesktop now supports Linux APT repositories, making it easier to distribute your application to Debian-based Linux distributions (including Ubuntu, Linux Mint, Pop!_OS, and others). This feature allows your Linux users to:

  • Install your application using their familiar package manager
  • Receive automatic updates through their system's standard update mechanism
  • Verify package authenticity using cryptographic signatures

With the APT repository feature, your Linux users can install and update your application just like any other system package, providing a seamless and native experience.

Prerequisites

Before using the APT repository feature, you must enable the Linux Debian artifact in your build settings:

  1. Navigate to your app's Build and Deploy settings in the ToDesktop dashboard
  2. Ensure "Linux Debian" is enabled as an artifact
WARNING

If you have previously built your application without the Linux Debian artifact enabled, you'll need to create a new build with this option selected for the APT repository to work.

Setting Up the APT Repository

Users of your application can add your ToDesktop APT repository to their system using the following methods:

Quick Repository Setup

The easiest way for users to add your repository is with this one-line command:

        sudo curl -o /etc/apt/sources.list.d/{YOUR_APP_NAME}.sources https://dl.todesktop.com/{YOUR_APP_ID}/apt/{YOUR_APP_NAME}.sources

This will download the repository configuration file directly to the proper location in their system.

If you're using a custom domain:

        sudo curl -o /etc/apt/sources.list.d/{YOUR_APP_NAME}.sources https://{YOUR_CUSTOM_DOMAIN}/apt/{YOUR_APP_NAME}.sources

Installing Your Application

After adding the repository, users can install your application with:

        sudo apt update && sudo apt install {YOUR_APP_NAME}

That's it! The package manager will handle downloading and installing your application, and will automatically check for updates when the user runs system updates.

Automatic Updates

One of the main advantages of distributing your application through an APT repository is seamless automatic updates. Once users have installed your application using APT, they'll receive updates whenever you publish new versions to your ToDesktop repository.

Keeping Your App Up-to-Date

Users can update your application along with their other system packages using standard APT commands:

        sudo apt update && sudo apt upgrade

This command:

  1. Checks for updates to all installed packages (including your application)
  2. Downloads and installs any available updates

Many Linux distributions also provide automated update mechanisms or graphical update managers that will notify users when updates to your application are available.

For users who want to update only your application, they can run:

        sudo apt update && sudo apt install --only-upgrade {YOUR_APP_NAME}

Custom PGP Key for Repository Signing

By default, ToDesktop signs your APT repository packages with our standard PGP key. However, you can now use your own PGP key for signing, which provides an additional layer of verification that the packages come from you.

Creating a PGP Key

If you don't already have a PGP key, you can create one using GPG:

  1. Quick key generation (recommended for most users):
        gpg --quick-generate-key "Your Company Name <[email protected]>" default default never
  1. Export your private key:
        gpg --export-secret-keys --armor [email protected] > private-key.asc

For more advanced key generation options, you can use:

        gpg --full-generate-key

Uploading Your PGP Key to ToDesktop

INFO

Your PGP key is stored securely using Azure KeyVault.

Screenshot of the location of the Linux PGP Key (beta) card in the ToDesktop app

To use your custom PGP key for signing Linux packages:

  1. Go to your app settings in the ToDesktop dashboard
  2. Navigate to the "Certificates" section
  3. Find the "Linux PGP Key (beta)" card
  4. Click "Add PGP Key"
  5. Select your private key file (the .asc file you exported)
  6. If your key is password-protected, enter the password
  7. Click "Save"

Once uploaded, ToDesktop will automatically use your PGP key to sign all packages in your APT repository. Users who previously added your repository will need to update their GPG key:

        curl -fsSL https://dl.todesktop.com/{YOUR_APP_ID}/apt/gpg.key | sudo gpg --dearmor -o /usr/share/keyrings/{YOUR_APP_NAME}.gpg

Benefits of Using Your Own PGP Key

  • Brand consistency: The PGP key will show your organization's name in the signature
  • Portability: If in the future you decided to move away from ToDesktop then you would have the possibility of migrating seamlessly because you don't have to change the key.
  • Security: Our PGP key is shared with all ToDesktop customers, so using your own key provides an additional layer of security.

Note that if you don't provide a custom PGP key, ToDesktop will continue to sign your repository with our default key, so this step is optional.

Previous <- Releasing an application
Next Creating a development or staging app ->