DeveloperWiki:NewMirrors - ArchWiki (original) (raw)

Adding a new mirror

This text should outline the procedure for adding a new mirror for Arch packages.

Notes about private mirrors

• Bandwidth is not free for the mirrors. They must pay for all the data they serve you
  • This still applies although you pay your ISP
  • A full mirror is over 100 GiB in size
• There are many packages that will be downloaded that you will likely never use
• Mirror operators will much prefer you to download only the packages you need
• Really please look at the alternatives listed in pacman/Tips and tricks#Network shared pacman cache before setting up a private mirror

2-tier mirroring scheme

Due to the high load and bandwidth limits Arch Linux uses 2-tier mirroring scheme.

There are few tier 1 mirrors that sync directly from archlinux.org every hour.

All other mirrors should sync from one of tier 1 mirrors. Syncing from archlinux.org is not allowed.

For the mirror administrator

Tier 2 requirements

• Disk-space >= 100 GiB
• Sync off a tier 1 mirror (see https://archlinux.org/mirrors/tier/1/)
• Sync all contents of the upstream mirror (i.e. do not sync only some repositories)
• Do not sync more often than every hour, but you should sync at least once a day
• Sync on a random minute so it is more likely the requests will be spaced out with other mirrors
• Use the following rsync options: -rlptH --safe-links --delete-delay --delay-updates
• If you ever wish to send downtime notifications to our users, please use the arch-mirrors-announce list. You do not need to subscribe to be able to post.
• http or https support

Tier 1 requirements

• Tier 2 requirements
• Bandwidth >= 100 Mbit/s
• rsync support
• Proven reliability (be a tier 2 mirror for a while and have reasonable uptime, response to out-of-sync notifications etc.)

You can use rsync directly or the syncrepo-template.sh script as a starting point. Please note that the script tries to minimize load and bandwidth used (about 3 MiB of metadata for each rsync run as of 2018-03-01) in case there are no changes. Feel free to remove this check if you do not sync very often or your upstream mirror does not provide the lastupdate file.

rsync over TLS

NoteVerification of digital certificates can only be done with gnutls and openssl SSL types when using rsync-ssl(1). When enabling tls=1 option in syncrepo-template.sh file, openssl is used by default.

If you wish to use rsync over TLS, Arch Linux is offering endpoints with rsync over TLS via the geo mirrors and the T0 for T1 mirrors to sync from. You can use rsync-ssl(1) which is a wrapper for rsync(1). The port is exposed at 874 which rsync-ssl uses by default.

To set up rsync over TLS for your mirror you may follow the same patterns as it was implemented by Arch Linux which is by fronting the rsync daemon with nginx using TLS. Using tcp load balancing, supported by nginx-mod-stream , nginx connects to the rsync socket and forwards the requests. rsync needs use proxy = on feature enabled in its configuration to work and the SSL certificates are presented by nginx. For further implementation the changes that were done on the Arch Linux side can be viewed on the Arch Linux GitLab. Another way to produce a similar result would be by using stunnel.

Create a feature-request

Note

• We are not accepting new ftp mirrors.
• If you are submitting a change to an already existing mirror:
  • Please submit it with the account you submitted the mirror originally on Arch Linux GitLab or send an email with the contact email used for the mirror.
  • Optionally also paste the link of the mirror being changed from here: https://archlinux.org/mirrors/.

Go to https://gitlab.archlinux.org/archlinux/arch-mirrors/-/issues and create a feature-request containing the following information:

• Mirror domain name
• Geographical location of the mirror (country)
• URLs for supported access methods (http, https, rsync) (no ftp)
• Your mirror's available bandwidth
• An administrative contact email (optional, see below)
• An alternative administrative contact email (optional)
• (tier 1 mirrors) Rsync IPs so your server(s) can be allowed to sync off tier 0 (rsync.archlinux.org)
• (tier 2 mirrors) The name of tier 1 mirror you are syncing from. You can find available tier 1 mirrors in https://archlinux.org/mirrors/tier/1/

The contact email(s) will be used by Arch Linux staff to contact the mirror administrator if they have questions regarding the mirror or if there are problems with the mirror. If a contact email is not provided, the mirror listing may be removed at any time, especially if problems occur, without prior contact to the admin.

If the mirror administrator is adding or modifying a URL to an already existing mirror, they can specify so in the request with the link to the existing mirror.

Contact info and mailing lists

Feel free to join the arch-mirrors mailing list which can be used for general discussion about our mirrors. If you want to inform our users about downtime of your mirror please use the arch-mirrors-announce mailing list. You do not need to subscribe to be able to post to arch-mirrors-announce.

If you want to reach the Arch Linux staff for questions, you can either use the arch-mirrors list, you can open a bug report on our tracker or you can send a mail to mirrors@archlinux.org. There is also the #archlinux-mirrors IRC channel for any discussions or questions.

The Arch Linux side

• Add the mirror info to the Django admin site
• Regenerate the rsync whitelist with the gen_rsyncd.conf.pl script - only for tier 1 mirrors, or when disabling access to a previously untiered mirror (also done by an hourly cronjob)
• Regenerate the pacman-mirrorlist package

Mirror size

To give you an impression how much space will be needed for a mirror here are some numbers (as of 2023-05-23):

Mandatory:

• pool (all packages) - 80 GiB
• repositories (core, core-testing, extra, extra-testing, gnome-unstable, kde-unstable, multilib, multilib-testing) - total ~200 MiB

Optional:

• iso - 5 GiB (encouraged)
• archive - 15 GiB (permanently frozen)
• other - 18 GiB
• sources - 114 GiB
• images - 6 GiB
• wsl - 500 MiB
• pool/*-debug - 60 GiB (will likely grow in the future)

Most mirrors do not sync archive, other and sources directories, but sync everything else (including temporary repositories), so usually you will need about 70 GiB reserved for Arch Linux mirror.

However, note that the required space may temporarily increase when a big rebuild happens and thus many packages exist twice in different versions. Please plan in a buffer of 30 GiB to 50 GiB on top of the above mentioned values.