Creazione di un mirror PUSH

From RVM Wiki
Jump to navigation Jump to search


Questa procedura illustra come viene triggerato un mirroring da remoto. E' utile per vedere come è possibile gestire dei lavori in ssh limitando le potenzialità di ssh.

Preso da: http://www.debian.org/mirror/push_server


Setting up a push server

Setting up a push server consists of two basic tasks: setting up rsync access (for normal, "pull" mirroring) and setting up ssh trigger mechanism (for "pushing" the pull mirroring).

(For more information on what a push server is, please read the explanation of push mirroring.)

Setting up rsync

Install rsync 2.1.1 or greater. If your site is running Debian, just install the latest rsync package.

Create rsyncd.conf file and put something similar to this in it: 

uid = nobody
gid = nogroup
max connections = 25
syslog facility = daemon
socket options = SO_KEEPALIVE

[debian]
  path = /org/ftp.debian.org/ftp
  comment = Debian FTP Archive (~24 GB)
  auth users = authorized_account1,authorized_account2,authorized_accountN
  read only = true
  secrets file = /etc/rsyncd/debian.secrets
[debian-web]
  path = /org/www.debian.org/debian.org
  comment = Debian Web Site (~400 MB)
  auth users = authorized_account1,authorized_account2,authorized_accountN
  read only = true
  secrets file = /etc/rsyncd/debian.secrets

Add an entry for each site you are pushing to in the /etc/rsyncd/debian.secrets file: 

authorized_account1:a_password
authorized_account2:another_password
authorized_accountN:password

You have now given the downstream mirrors access to the archive on your machine.

You will probably want to start the rsync daemon from inetd. To do this, you have to add rsync service in /etc/services file (if it isn't already there), like this: 

rsync           873/tcp

To enable the daemon from inetd, add the following to your /etc/inetd.conf file: 

rsync      stream      tcp         nowait      root /usr/bin/rsync rsyncd --daemon

(Remember to send inetd an HUP signal to tell it to reread its config file after modifying the file.)

Setting up ssh trigger mechanism

Create a new ssh key for the account that you use to mirror Debian. Make sure you don't overwrite your original ssh key by using the -f option, for example: 

ssh-keygen -f ~/.ssh/identity.mysite

Make sure that the new public key (~/.ssh/identity.mysite.pub) contains this at the beginning: 

no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,command="~/websync &"

(replace "websync" with "ftpsync", or "ftpsync-non-US", or whatever's the command to start the mirroring called)

You need to set up a script that will contact the downstream mirrors. Create a file called signal, containing this: 

 #!/bin/sh

 # This script is called to signal the remote host that it is time to
 # mirror the archive.

 echo Signalling $1
 ssh -o"BatchMode yes" -o"user $2" "$1" -i $HOME/.ssh/identity.mysite sleep 1

This script will login to a remote host using the special ssh key you created above. The script itself will not do anything useful remotely, the ~/websync (or ~/ftpsync, or ~/ftpsync-non-US) command will be run from the key.

To actually signal the mirrors, you need to add ./signal <site> <username> lines at the end of either the websync script, or if it's more convenient for you, in a new script, and then run that script from websync.

This new script, runmirrors, would contain something like this: 

 #!/bin/sh

 # This script is called by websync to signal the downstream mirrors.

 ./signal some.other.site archvsync
 ./signal and.another.site othersiteaccount

Thus, as soon as your site is finished mirroring from the upstream site, you will start pushing to those downstream from you.

If you have any trouble with this, contact us.

Retrieved from "https://kb.rvmgroup.it/index.php?title=Creazione_di_un_mirror_PUSH&oldid=3538"