277
edits
Infrastructure/Mirrors: Difference between revisions
no edit summary
No edit summary |
|||
|
Mirrors is a standalone [https://www.dell.com/en-us/shop/povw/poweredge-r730xd/1000 Dell R730xd] server (3.5" drive bay variant) running FreeBSD.
It uses ZFS as the filesystem for the root pool and primary pool that's used for the distribution mirrors (the pool named <code>lug</code>)
used to use salt, broke when upgrading from FreeBSD 12-14▼
▲It used to use salt, but it broke when upgrading from FreeBSD 12-14. Currently, all maintenance is done by hand (this is a good thing)
At its core, a mirror server performs two functions:▼
▲At its core, a mirror server performs two functions:
# Synchronizing the content from upstream mirrors to itself
# Hosting that downloaded content for end-users and other downstream mirrors to pull from
On our mirrors, this is accomplished with archvsync+cron to synchronize content with upstream, and vsftpd+rsyncd+nginx to handle hosting the content.
=== Certificate maintenance: ===
Put the certificate (the 'intermediate' download option from our Certificate Authority) in <code>/usr/local/share/certs/mirrors_lug_mtu_edu_bundle.cer</code>, and the key in <code>/usr/local/share/certs/mirrors_lug_mtu_edu.key</code>
then run: <code>service nginx re'''load'''</code> <!-- Note: "reload" and NOT "restart", as "restart" kills all existing http(s) connections, while reload just applies the settings to new inbound connections. It also won't kill the background daemon if the settings are not valid. -->
You can view the nginx configuration in <code>/usr/local/etc/nginx/nginx.conf</code> to view and change settings. This file is no longer managed by salt, and can be edited by hand.
=== Pulling from upstream ===
| |||