VyOS allows you to include custom packages when an image is built.
- Debian packages compiled for the correct kernel release matching the VyOS release (I.E. don't use Ubuntu packages)
- A GPG key. Any old key will do, because just like GPG itself - it doesn't really matter.
Sign the packages and generate release files, and sign those as well.
debsigs --sign=origin -k ${KEY_ID} foo.deb
apt-ftparchive packages . > Packages
apt-ftparchive release . > Release
gpg -a --yes --clearsign --output InRelease --detach-sign ReleaseBecause of how VyOS is built in a chrooted environment, it's easier to just spin up a local webserver that serves your packages.
python3 -m http.server 8080 &When configuring the build, you need to provide a path to a file containing the public key of the gpg key that signed the packages.
You can specify --custom-package multiple times to install multiple custom packages.
sudo ./build-vyos-image --architecture amd64 \
--build-by [email protected] \
--custom-apt-entry 'deb [truested=yes] http://localhost:8080 ./' \
--custom-apt-key ${PATH_TO_PUBLIC_KEY_FILE} \
--custom-package ${PACKAGE_NAME} \
iso