Recently I was working with various open source technologies, installing Rocket.Chat, rancher, OKD, k3s, among others, in air-gapped environments.
This is pretty common in the Finance, Defense, Insurance, and Healthcare verticals for highly regulated and secured environments.
We have been using Ubuntu for the past 15 years, so naturally, this is our go-to Linux distribution for on-prem air-gapped environments.
As we prepare to have the packages scanned on their way into the air-gapped environment, the main challenge we faced was to download the package and the dependencies for various software components.
After tinkering with this a few times I’d love to document and share the script we use to download the desired package and its pre-requisites.
For instance, I needed to download NTP, and the software needed to register the ubuntu server to the clients’ Active Directory domain.
So I set the required packages in the PACKAGES variable in my deb-deps.sh script…
PACKAGES=”ntp realmd libnss-sss libpam-sss sssd sssd-tools adcli samba-common-bin oddjob oddjob-mkhomedir packagekit”
for pkg in $PACKAGES;
apt-get download $pkg;
for i in $(apt-cache depends $pkg \
| grep -E ‘Depends|Recommends|Suggests’ \
| cut -d ‘:’ -f 2,3 | sed -e s/'<‘/”/ -e s/’>’/”/);
sudo apt-get download $i 2>>errors.txt;
This way we can prepare the downloads of all the files needed and their dependencies into a single directory — and then copy it to a thumb drive or burn it to a CD.