Initial commit

2 weeks ago · ca1bef6cc2
7 changed files with 187 additions and 0 deletions
--- a/.containerignore
+++ b/.containerignore
@ -0,0 +1 @@
+.git
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+.claude
--- a/34
+++ b/34
@ -0,0 +1,34 @@
+FROM registry.fedoraproject.org/fedora:latest
+
+# Variables for URLs and versions
+ARG CENTOS_VERSION=10
+ARG EPEL_VERSION=10
+ARG RSYNC_MIRROR=rsync://mirror.in2p3.fr
+ARG CENTOS_PATH=/pub/linux/centos-stream/${CENTOS_VERSION}-stream/
+ARG EPEL_PATH=/pub/epel/${EPEL_VERSION}/
+
+# Install required tools
+RUN dnf install -y rsync nginx && \
+    dnf clean all
+
+# Copy exclusions file
+COPY rsync-excludes.txt /etc/rsync-excludes.txt
+
+# Build rsync options and sync repositories
+RUN <<EOR
+set -Eeuo pipefail
+mkdir -p /var/www/centos/${CENTOS_VERSION}-stream
+mkdir -p /var/www/epel/${EPEL_VERSION}
+RSYNC_OPTS="-azH --progress --delete --exclude-from=/etc/rsync-excludes.txt"
+rsync ${RSYNC_OPTS} ${RSYNC_MIRROR}${CENTOS_PATH} /var/www/centos/${CENTOS_VERSION}-stream/
+rsync ${RSYNC_OPTS} ${RSYNC_MIRROR}${EPEL_PATH} /var/www/epel/${EPEL_VERSION}/
+EOR
+
+# Configure nginx
+COPY nginx.conf /etc/nginx/nginx.conf
+
+# Expose port 8080
+EXPOSE 8080
+
+# Start nginx in foreground mode
+CMD ["nginx", "-g", "daemon off;"]
--- a/README.md
+++ b/README.md
@ -0,0 +1,52 @@
+# Local mirror for CentOS Stream & EPEL
+
+Creates local mirrors of the CentOS Stream & EPEL repositories and stores them as container images to keep an history and optimize storage consumption.
+
+## Usage
+
+Create & serve the mirror.
+
+```sh
+# Create a local mirror of CentOS Stream 10
+./build.sh
+
+# Serve the mirror on port 8080
+podman run --rm --name mirror-centos-stream-10-$(date -I) -p 8080:8080 localhost/mirrors/centos-stream-10:$(date -I)
+
+# Mirror is alive!
+curl http://localhost:8080/centos/10-stream/BaseOS/x86_64/iso/SHA256SUM
+
+# Archive the mirror for posterity
+podman tag localhost/mirrors/centos-stream-10:$(date -I) quay.io/nmasse-redhat/centos-stream-10:$(date -I)
+podman push --compression-format=none quay.io/nmasse-redhat/centos-stream-10:$(date -I)
+```
+
+To use it in a working system, create `/etc/yum.repos.d/local-mirror.repo` with the following content:
+
+```ini
+[local-centos-stream]
+name=Local CentOS Stream $releasever
+baseurl=http://local.mirror.tld:8080/centos/10-stream/BaseOS/$basearch/os/
+enabled=1
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-Official
+
+[local-epel]
+name=Local EPEL $releasever
+baseurl=http://local.mirror.tld:8080/epel/10/Everything/$basearch/
+enabled=1
+gpgcheck=1
+gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-10
+```
+
+To perform an unattended install, add the following lines in your kickstart file:
+
+```
+url --url=http://local.mirror.tld/centos/10-stream/BaseOS/$basearch/os/
+repo --name=epel --baseurl=http://local.mirror.tld:8080/epel/10/Everything/$basearch/
+```
+
+## Authors
+
+- Claude Code
+- Nicolas Massé
--- a/build.sh
+++ b/build.sh
@ -0,0 +1,19 @@
+#!/bin/bash
+
+set -Eeuo pipefail
+
+declare CENTOS_VERSION="10"
+declare TS="$(date -I)"
+declare -a PODMAN_ARGS=()
+
+# Run rsync on the previous dataset if available, to speed up transfer and save on storage.
+if podman image inspect "localhost/mirrors/centos-stream-${CENTOS_VERSION}:latest" &>/dev/null; then
+  PODMAN_ARGS+=( --from "localhost/mirrors/centos-stream-${CENTOS_VERSION}:latest" )
+fi
+
+podman build -t "localhost/mirrors/centos-stream-${CENTOS_VERSION}:${TS}" "${PODMAN_ARGS[@]}" .
+podman tag "localhost/mirrors/centos-stream-${CENTOS_VERSION}:${TS}" "localhost/mirrors/centos-stream-${CENTOS_VERSION}:latest"
+
+# Here you can add the "podman push" command to send the mirror to your registry.
+# Do not forget to disable layer compression otherwise the push & pull operations
+# will be very slow!
--- a/nginx.conf
+++ b/nginx.conf
@ -0,0 +1,47 @@
+user nginx;
+worker_processes auto;
+error_log /dev/stderr;
+pid /run/nginx.pid;
+
+include /usr/share/nginx/modules/*.conf;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /dev/stdout  main;
+
+    sendfile            on;
+    tcp_nopush          on;
+    tcp_nodelay         on;
+    keepalive_timeout   65;
+    types_hash_max_size 4096;
+
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+
+    server {
+        listen       8080 default_server;
+        listen       [::]:8080 default_server;
+        server_name  _;
+        root         /var/www;
+
+        # Autoindex pour navigation dans les répertoires
+        autoindex on;
+        autoindex_exact_size off;
+        autoindex_localtime on;
+
+        error_page 404 /404.html;
+        location = /404.html {
+        }
+
+        error_page 500 502 503 504 /50x.html;
+        location = /50x.html {
+        }
+    }
+}
--- a/rsync-excludes.txt
+++ b/rsync-excludes.txt
@ -0,0 +1,33 @@
+# ISO images
+#*.iso
+#*.img
+#*-CHECKSUM
+
+# Temporary files
+.~tmp~/
+**/.tmp/
+
+# Select CentOS Stream repositories to exclude
+# **/AppStream/**
+# **/BaseOS/**
+# **/CRB/**
+**/HighAvailability/**
+**/NFV/**
+# **/RT/**
+
+# Select EPEL repositories to exclude
+# **/Everything/**
+
+# Exclude sources ?
+**/source/**
+
+# Exclude debug RPM ?
+**/debug/**
+
+# Select specific architectures to exclude
+**/i686/**
+**/aarch64/**
+**/ppc64le/**
+**/s390x/**
+# **/x86_64/**
+# **/noarch/**