Attention : support for WAPT 1.8.2 ended on June the 30th 2022.

There are known vulnerabilities in WAPT dependencies in WAPT 1.8.2 branch. Please upgrade to the latest supported version. CVE listing (non exhaustive) :
  • * python engine : python 2.7 (CVE-2020-10735, CVE-2015-20107, CVE-2022-0391, CVE-2021-23336, CVE-2021-3177, CVE-2020-27619, CVE-2020-26116, CVE-2019-20907, CVE-2020-8492, etc.)
  • * cryptography : openssl : CVE-2022-2068, CVE-2022-1292, CVE-2022-0778, CVE-2021-4160, CVE-2021-3712, CVE-2021-23841, CVE-2021-23840, CVE-2021-23839, CVE-2020-1971, CVE-2020-1968, CVE-2019-1551
  • * python dependencies : cryptography (CVE-2020-36242, CVE-2020-25659), eventlet (CVE-2021-21419), jinja2 (CVE-2020-28493), psutil (CVE-2019-18874), waitress (CVE-2022-31015), lxml (CVE-2021-4381, CVE-2021-28957, CVE-2020-27783, CVE-2018-19787), ujson (CVE-2022-31117, CVE-2022-31116, CVE-2021-45958), python-ldap (CVE-2021-46823)

Working with multiple public or private repositories

Multi-repository is now supported by WAPT. This functionality is useful in several use cases:

  • to use a secondary private repository, hosting business application packages, independently of your main repository;

  • to have remote repositories closer to users in a multi-site architecture scenario;

  • to allow the usage of an open repository and a secondary repository with restricted access (licensed software..);

Multi-repository WAPT architecture

Multi-repository WAPT architecture

Attention

When using repositories with different signers, the additional signer’s public certificates must be added to C:\Program Files (x86)\wapt\ssl. You then must deploy WAPT agent with both keys.

Please refer to the documentation to create the WAPT agent.

Configuring the WAPT agents

  • repositories parameter:

    The parameter repository in the [global] section of the wapt-get.ini file allows to set several options for package repositories, for example private and tranquilit sections here, where their settings are set in additional sections of that file.

    repositories=private,tranquilit

  • settings of secondary repositories

    [private]
repo_url=https://srvwapt.mydomain.lan/wapt

[tranquilit]
repo_url=https://wapt.tranquil.it/wapt

    With that configuration, WAPT clients will now see packages from the main repository and from the secondary repository.

    The WAPT agents will look for updates on both repositories.

    wapt-get search

    Packages from the secondary repository will also be visible using the web interface http://127.0.0.1:8088 on WAPT equipped devices.

Configuring the WAPT console with several private repositories

After having configured the WAPT agent for using multiple repositories, we can make the two repositories show up in the WAPT console.

To do so, modify %appdata%localwaptconsolewaptconsole.ini file:

[private]
repo_url=https://srvwapt.mydomain.lan/wapt

[tranquilit]
repo_url=https://wapt.tranquil.it/wapt