From cbc996cb48ac2eeeadd54953c502dc83eb4430dc Mon Sep 17 00:00:00 2001 From: Wesley Moore Date: Sun, 25 Aug 2024 09:56:30 +1000 Subject: [PATCH] Add chimera mirror post --- .../2024/australian-chimera-linux-mirror.md | 73 +++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 v2/content/posts/2024/australian-chimera-linux-mirror.md diff --git a/v2/content/posts/2024/australian-chimera-linux-mirror.md b/v2/content/posts/2024/australian-chimera-linux-mirror.md new file mode 100644 index 0000000..43d1129 --- /dev/null +++ b/v2/content/posts/2024/australian-chimera-linux-mirror.md @@ -0,0 +1,73 @@ ++++ +title = "Australian Chimera Linux Mirror" +date = 2024-08-25T09:17:27+10:00 + +#[extra] +#updated = 2024-06-06T08:24:45+10:00 ++++ + +I have set up a mirror of +[repo.chimeralinux.org](https://repo.chimera-linux.org/) on a server in +Australia (Brisbane). It's been running well for a couple of weeks now. The +[root of the mirror][mirror] shows an index of what is hosted and when it was +last synced. [/chimera] is where the Chimera data lives. + +It mirrors the packages as well as ISO and rootfs downloads. Using the mirror +greatly speeds up package downloads, which in-turn makes things like `apk +upgrade` a lot faster. Some rudimentary testing suggests this this server may +also provide a speed improvement for folks in parts of Asia too. + + + +### How to Use the Mirror + +#### Packages + +Edit the files in `/etc/apk/repositories.d/` to point to the mirror. For example +`/etc/apk/repositories.d/00-repo-main.list` contains this by default: + +``` +https://repo.chimera-linux.org/current/main +``` + +Change that to: + +``` +https://au.mirror.7bit.org/chimera/current/main +``` + +I.e. replace `repo.chimera-linux.org` with `au.mirror.7bit.org/chimera`. + +#### Downloads + +For ISOs and rootfs images visit: . + +### Building and Running the Mirror + +I set up a new server with [BinaryLane] in Brisbane and installed Chimera Linux +on it—yes the mirror is hosted with Chimera. Specifically I installed the +[base-minimal] package set to keep the package count low. On top of that I +installed `nginx` to serve the data and [Lego] (which I added to cports) to +manage TLS certificates from Let's Encrypt. + +To limit access and avoid the use of `root` there are dedicated regular users +for syncing, `lego`, `nginx`, and `www-data`. To allow `lego` to restart +`nginx` when certificates are updated I use a [doas] rule. + +Synchronisation is triggered hourly by a cron job. I use the [atomic-rsync] +script to make updates atomic. The script manages a pair of directories +`chimera-1` and `chimera-2`. The active one is symlinked to `chimera`. The +script syncs into the inactive directory, creating hard links for unchanged +data, then flips the symlink at the end. + +After syncing, the current date is written to a file, which is used by a small +snippet of JavaScript on [the index page][mirror] to show when the data was +last synced. + +[mirror]: https://au.mirror.7bit.org/ +[/chimera]: https://au.mirror.7bit.org/chimera/ +[BinaryLane]: https://www.binarylane.com.au/ +[base-minimal]: https://pkgs.chimera-linux.org/package/current/main/x86_64/base-minimal +[atomic-rsync]: https://github.com/RsyncProject/rsync/blob/9615a2492bbf96bc145e738ebff55bbb91e0bbee/support/atomic-rsync +[Lego]: https://go-acme.github.io/lego/ +[doas]: https://github.com/Duncaen/OpenDoas