Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- mirror.viscomp.bg:/var/storage/mirrors/debian/etc# cat ftpsync-archive.conf
- ########################################################################
- ########################################################################
- ## This is a sample configuration file for the ftpsync mirror script. ##
- ## Most of the values are commented out and just shown here for ##
- ## completeness, together with their default value. ##
- ########################################################################
- ########################################################################
- ## Mirrorname. This is used for things like the trace file name and should always
- ## be the full hostname of the mirror.
- MIRRORNAME=`hostname -f`
- ## Destination of the mirrored files. Should be an empty directory.
- ## CAREFUL, this directory will contain the mirror. Everything else
- ## that might have happened to be in there WILL BE GONE after the mirror sync!
- TO="/var/storage/mirrors/debian/var/archive"
- ## The upstream name of the rsync share.
- ##
- ## You can find out what share names your upstream mirror supports by running
- ## rsync YOURUPSTREAMSERVER::
- ## (You might have to export RSYNC_USER/RSYNC_PASSWORD for this to work)
- RSYNC_PATH="debian-archive-all"
- ## The host we mirror from
- RSYNC_HOST=ftp.de.debian.org
- ## In case we need a user to access the rsync share at our upstream host
- #RSYNC_USER=
- ## If we need a user we also need a password
- #RSYNC_PASSWORD=
- ## Set to "true" to tunnel your rsync through stunnel.
- ##
- ## ftpsync will then use rsync's -e option to wrap the connection
- ## with bin/rsync-ssl-tunnel which sets up an stunnel to connect to
- ## RSYNC_SSL_PORT on the remote site. (This requires server
- ## support, obviously.)
- ##
- ## ftpsync can use either stunnel4, stunnel4-old, or socat to set up the
- ## encrypted tunnel.
- ## o stunnel4 requires at least stunnel4 version 5.15 built aginst openssl
- ## 1.0.2 or later such that the stunnel build supports the checkHost
- ## service-level option. This will cause stunnel to verify both the
- ## peer certificate's validity and that it's actually for the host we wish
- ## to connect to.
- ## o stunnel4-old will skip the checkHost check. As such it will connect
- ## to any peer that is able to present a valid certificate, regardless of
- ## which name it is made out to.
- ## o socat will verify the peer certificate name only starting with version
- ## 1.7.3 (Debian 9.0).
- ## To test if things work, you can run
- ## RSYNC_SSL_PORT=1873 RSYNC_SSL_CAPATH=/etc/ssl/certs RSYNC_SSL_METHOD=socat rsync -e 'bin/rsync-ssl-tunnel' <server>::
- #RSYNC_SSL=false
- #RSYNC_SSL_PORT=1873
- #RSYNC_SSL_CAPATH=/etc/ssl/certs
- #RSYNC_SSL_METHOD=stunnel4
- ## Groups and people responsible for this mirror. These contacts are
- ## used to report irregularities and problems with the mirror. They
- ## must actually accept mail.
- ## Example:
- ## INFO_MAINTAINER="Admins <admins@example.com>, Person <person@example.com>"
- #INFO_MAINTAINER=
- ## Organizations sponsoring this mirror.
- ## Example:
- ## INFO_SPONSOR="Example <https://example.com>"
- #INFO_SPONSOR=
- ## The ISO 3361-1 code of the country hosting this mirror.
- ## Example:
- ## INFO_COUNTRY=DE
- #INFO_COUNTRY=
- ## The location this mirror is hosted in.
- ## Example:
- ## INFO_LOCATION="Example"
- #INFO_LOCATION=
- ## Available throughput for this mirror per second.
- ## Example:
- ## INFO_THROUGHPUT=10Gb
- #INFO_THROUGHPUT=
- ## In which directory should logfiles end up
- ## Note that BASEDIR defaults to $HOME, but can be set before calling the
- ## ftpsync script to any value you want (for example using pam_env)
- LOGDIR="${BASEDIR}/log"
- ## Name of our own logfile.
- ## Note that ${NAME} is set by the ftpsync script depending on the way it
- ## is called. See README for a description of the multi-archive capability
- ## and better always include ${NAME} in this path.
- LOG="${LOGDIR}/${NAME}.log"
- ## The script can send logs (or error messages) to a mail address.
- ## If this is unset it will default to the current user.
- #MAILTO="$LOGNAME"
- ## If you do want a mail about every single sync, set this to false
- ## Everything else will only send mails if a mirror sync fails
- ERRORSONLY="true"
- ## If you want the logs to also include output of rsync, set this to true.
- ## Careful, the logs can get pretty big, especially if it is the first mirror
- ## run
- FULLLOGS="false"
- ## If you do want to exclude files from the mirror run, put --exclude statements here.
- ## See rsync(1) for the exact syntax, these are passed to rsync as written here.
- ## DO NOT TRY TO EXCLUDE ARCHITECTURES OR SUITES WITH THIS, IT WILL NOT WORK!
- #EXCLUDE=""
- ## If you do want to exclude an architecture, this is for you.
- ## Use as space seperated list.
- ## Possible values are:
- ## alpha amd64 arm arm64 armel armhf hppa hurd-i386 i386 ia64 kfreebsd-amd64
- ## kfreebsd-i386 m68k mipsel mips powerpc ppc64el s390 s390x sh sparc source
- ## eg. ARCH_EXCLUDE="alpha arm arm64 armel mipsel mips s390 sparc"
- ## An unset value will mirror all architectures (default!)
- ## Mutually exclusive with ARCH_INCLUDE.
- ## Notice: source must not be excluded on an official/public mirror
- ARCH_EXCLUDE="alpha arm arm64 armel armhf hppa hurd-i386 ia64 kfreebsd-amd64 kfreebsd-i386 m68k mipsel mips64el mips powerpc ppc64el s390 s390x sh sparc"
- ## If you do want to include only a set of architectures, this is for you.
- ## Use as space seperated list.
- ## Possible values are:
- ## alpha amd64 arm arm64 armel armhf hppa hurd-i386 i386 ia64 kfreebsd-amd64
- ## kfreebsd-i386 m68k mipsel mips powerpc ppc64el s390 s390x sh sparc source
- ## eg. ARCH_INCLUDE="amd64 i386 source"
- ## An unset value will mirror all architectures (default!)
- ## Arch all will be included automatically if one binary arch is included.
- ## Mutually exclusive with ARCH_EXCLUDE.
- ## Notice: source needs to be included on an official/public mirror
- # For some reason this is not working for archive mirror....
- ARCH_INCLUDE="i386 amd64 source"
- ## Do we have leaf mirror to signal we are done and they should sync?
- ## If so set it to true and make sure you configure runmirrors.mirrors
- ## and runmirrors.conf for your need.
- #HUB=false
- ## We do create three logfiles for every run. To save space we rotate them, this
- ## defines how many we keep
- LOGROTATE=64
- ## Our own lockfile (only one sync should run at any time)
- #LOCK="${TO}/Archive-Update-in-Progress-${MIRRORNAME}"
- # Timeout for the lockfile, in case we have bash older than v4 (and no /proc)
- # LOCKTIMEOUT=${LOCKTIMEOUT:-3600}
- ## The following file is used to make sure we will end up with a correctly
- ## synced mirror even if we get multiple pushes in a short timeframe
- #UPDATEREQUIRED="${TO}/Archive-Update-Required-${MIRRORNAME}"
- ## Number of seconds to sleep before retrying to sync whenever upstream
- ## is found to be updating while our update is running
- #UIPSLEEP=1200
- ## Number of times the update operation will be retried when upstream
- ## is found to be updating while our update is running.
- ## Note that these are retries, so: 1st attempt + retries = total attempts
- #UIPRETRIES=3
- ## The trace file is used by a mirror check tool to see when we last
- ## had a successful mirror sync. Make sure that it always ends up in
- ## project/trace and always shows the full hostname.
- ## This is *relative* to ${TO}
- #TRACE="project/trace/${MIRRORNAME}"
- ## The local hostname to be written to the trace file.
- #TRACEHOST="$(hostname -f)"
- ## We sync our mirror using rsync (everything else would be insane), so
- ## we need a few options set.
- ## The rsync program
- RSYNC=rsync
- ## Extra rsync options as defined by the local admin.
- ## There is no default by ftpsync.
- ##
- ## Please note that these options are added to EVERY rsync call.
- ## Also note that these are added at the beginning of the rsync call, as
- ## the very first set of options.
- ## Please ensure you do not add a conflict with the usual rsync options as
- ## shown below.
- # RSYNC_EXTRA=""
- ## limit I/O bandwidth. Value is KBytes per second, unset or 0 means unlimited
- #RSYNC_BW=""
- ## BE VERY CAREFUL WHEN YOU CHANGE THE RSYNC_OPTIONS! BETTER DON'T!
- ## BE VERY CAREFUL WHEN YOU CHANGE THE RSYNC_OPTIONS! BETTER DON'T!
- ## BE VERY CAREFUL WHEN YOU CHANGE THE RSYNC_OPTIONS! BETTER DON'T!
- ## BE VERY CAREFUL WHEN YOU CHANGE THE RSYNC_OPTIONS! BETTER DON'T!
- ## Default rsync options every rsync invocation sees.
- #RSYNC_OPTIONS="-prltvHSB8192 --chmod=D755,F644 --timeout 3600 --stats"
- ## Options the first pass gets. We do not want the Packages/Source indices
- ## here, and we also do not want to delete any files yet.
- #RSYNC_OPTIONS1="--exclude=Packages* --exclude=Sources* --exclude=Release* --exclude=InRelease --include=i18n/by-hash/** --exclude=i18n/* --exclude=ls-lR*"
- ## Options the second pass gets. Now we want the Packages/Source indices too
- ## and we also want to delete files. We also want to delete files that are
- ## excluded.
- #RSYNC_OPTIONS2="--max-delete=40000 --delay-updates --delete --delete-excluded"
- ## You may establish the connection via a web proxy by setting the environment
- ## variable RSYNC_PROXY to a hostname:port pair pointing to your web proxy. Note
- ## that your web proxy's configuration must support proxy connections to port 873.
- # RSYNC_PROXY=
- ## The following three options are used in case we want to "callback" the host
- ## we got pushed from.
- #CALLBACKUSER="archvsync"
- #CALLBACKHOST="none"
- #CALLBACKKEY="none"
- ## Hook scripts can be run at various places during the sync.
- ## Leave them blank if you don't want any
- ## Hook1: After lock is acquired, before first rsync
- ## Hook2: After first rsync, if successful
- ## Hook3: After second rsync, if successful
- ## Hook4: Right before leaf mirror triggering
- ## Hook5: After leaf mirror trigger, only if we have slave mirrors (HUB=true)
- ##
- ## Note that Hook3 and Hook4 are likely to be called directly after each other.
- ## Difference is: Hook3 is called *every* time the second rsync was successful,
- ## but even if the mirroring needs to re-run thanks to a second push.
- ## Hook4 is only effective if we are done with mirroring.
- #HOOK1=
- #HOOK2=
- #HOOK3=
- #HOOK4=
- #HOOK5=
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement