CentOS - Create a mirror

If you happen to have a sufficient connection (requirements) and enough resources to spare, I'd encourage you to think about hosting a mirror server for one of your favorite projects. In my case, I will demonstrate the creation of a public mirror for centos in my local LAN environment.

Software you will need:

• tmux
• rsync
• A webserver of your choice (I will use nginx)

First up, let's create the basic directory structure for serving the files. My basic webroot will be /srv/mirror and the specific synced content will reside in subdirectories so that the structure looks as follows:

/srv/ 
└── mirror 
  ├── centos 
  ├── epel 
  └── whatever

First, create the webroot and from here on out, rsync will do the rest.

 [archy@repo01 ~]$ mkdir /srv/mirror  
 [archy@repo01 ~]$ mkdir -p /etc/nginx/{sites-available,sites-enabled}  

I will be using rsync to sync the content every 4 hours. This will lead to this line in your crontab:

 0 */4 * * * /usr/bin/rsync -vrlptgoDzH --progress --delete --delay-updates rsync://some.mirror.org/centos/ /srv/mirror/centos/  

From here on out, I will be using tmux for terminal multiplexing due to the initial sync taking quite some time.

 [archy@repo01 ~]$ tmux new -s reposync  
 [archy@repo01 ~]$ rsync -vrlptgoDzH --progress --delete --delay-updates rsync://some.mirror.org/centos/ /srv/mirror/centos/  

With that running, open a new pane in tmux ((ctrl +b) + c) and start configuring your web server (Nginx in my case).

I will be using the Debian-style directory structure since It's a very nice separation in my opinion but this is not the standard. To enable it, you'll have to add this line to the http{ } section in the nginx.conf

 [archy@repo01 ~]$ sudo vim /etc/nginx/nginx.conf  

   include /etc/nginx/sites-enabled/*;  

Now create the vhost for that will serve the repo content and enable it

 [archy@repo01 ~]$ sudo vim /etc/nginx/sites-available/http_mirror.archyslife.lan.conf  

 server {  
     listen             80;  
     server_name           mirror.archyslife.lan;  
     access_log           /var/log/nginx/https_mirror.archyslife.lan-access.log;  
     error_log            /var/log/nginx/https_mirror.archyslife.lan-error.log;  
     root              /srv/mirror;  
     location / {  
           try_files $uri $uri/ =404;  
           autoindex on;  
      }  
 }  

 [archy@repo01 ~]$ sudo ln -s /etc/nginx/sites-available/http_mirror.archyslife.lan.conf /etc/nginx/sites-enabled/  

Since I'm running CentOS with SELinux enforcing (which I strongly encourage you to) I will have to adjust the file context.

 [archy@repo01 ~]$ sudo semanage fcontext -a -t httpd_sys_content_t '/srv/mirror(/.*?)'  
 [archy@repo01 ~]$ sudo restorecon -Rv /srv/mirror  

Note that this could take some time depending on how much content has been downloaded so far.

Next up, create some firewall rules:

 [archy@repo01 ~]$ sudo firewall-cmd --add-service=http --permanent  
 [archy@repo01 ~]$ sudo firewall-cmd --reload  

The last thing to do is to check the Nginx config, start and enable the Nginx service.

 [archy@repo01 ~]$ sudo nginx -t  
 [archy@repo01 ~]$ sudo systemctl start nginx.service  
 [archy@repo01 ~]$ sudo systemctl enable nginx.service  

Now just wait until the content sync has finished and your mirror should be functional.

Feel free to comment and / or suggest a topic.