3,250
edits
Changes
Jump to navigation
Jump to search
Line 123:
Line 123: + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
→Configuration a hub
The configuration file is well documented but we will discuss some of the features here.
The configuration file is well documented but we will discuss some of the features here.
{{Incomplete}}
{{Incomplete}}
===Configure your mirror as hub===
this is intented to do on an already synced mirror in push mode.
==== setting up rsync as server====
as root.
open /etc/xinetd.d/rsync and remove the disabled line
vim /etc/xinetd.d/rsync
create a rsyncd.conf file
vim /etc/rsyncd.conf
then add this
# rsync.conf
uid = {USEROWNING THE MIRROR FILES}
gid = {GROUP OWNING THE MIRROR FILES}
use chroot = yes
max connections = 5
timeout = 300
read only = true
strict modes = true
transfer logging = true
dont compress = *.gz *.tgz *.zip *.z *.rpm *.deb *.iso *.bz2 *.tbz
[smeserver]
path = /home/e-smith/files/ibays/{IBAY}/html
comment = SME Server Mirror
hosts allow = {YOUR CLIENT IP}
install xinetd
yum install xinetd
configure as services
ln -s /etc/rc.d/init.d/e-smith-service /etc/rc7.d/S91xinetd
config set xinetd service status enabled
config set rsyncd service TCPPort 873 access public status enabled
signal-event remoteaccess-update
service xinetd start
configure hosts.allow
mkdir -p /etc/e-smith/templates-custom/etc/hosts.allow/
echo "rsync: ALL" > /etc/e-smith/templates-custom/etc/hosts.allow/rsync
signal-event remoteaccess-update
==== create a rsa file ====
as user responsible of ftpsync.
ssh-keygen -qt rsa -b 1024 -C "contribs-push@{MY MIRROR}" -f ~/.ssh/contribs-push\@{MY MIRROR}.rsa
then to protect the key and limit it to one usage and only one IP. You need to change {MY MIRROR} and {MY HUB IP }
echo "no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty,command=\"~/bin/ftpsync\",from=\"{MY HUB IP }\" "|cat - ~/.ssh/contribs-push\@{MY MIRROR}.rsa.pub > ~/.ssh/contribs-push.tmp && mv ~/.ssh/contribs-push.tmp ~/.ssh/contribs-push\@{MY MIRROR}.rsa
.pub
finally protect your keys
chmod 0600 ~/.ssh/contribs-push\@{MY MIRROR}.rs*
'''
never give your private key, only send your public (.pub) to the downstream mirror.'''
==== setting up ftpsync-smeserver.conf====
as user responsible of ftpsync.
this step will allow your ftpsync to know that he need to trigger another server
edit ~/etc/ftpsync-smeserver.conf
vim ~/etc/ftpsync-smeserver.conf
under the line #HUB=false, insert
HUB=true
==== setting up runmirrors-smeserver.conf====
as user responsible of ftpsync.
vim ~/etc/runmirrors-smeserver.conf
then comment out the following line and adapt it to the path of you private key
KEYFILE=.ssh/contribs-push\@{MY MIRROR}.rsa
==== setting up runmirrors-smeserver.mirror====
as user responsible of ftpsync.
edit the file
vim ~/etc/runmirrors-smeserver.mirror
add the following at the end of the file
mhop {NAME FOR LOG PURPOSE} {YOUR CLIENT ADRESS} {YOUR CLIENT USER} -p {YOUR CLIENT SSH PORT}
===Configure your mirror under another hub===
follow : http://wiki.contribs.org/Mirrors#How_to_become_a_mirror_site.3F
except you will have to import your own public key (generated just above)
then you will have to tunes :
vim ~/etc/ftpsync-smeserver.conf
change RSYNC_HOST= to point to your hub mirror
RSYNC_HOST={HUB MIRROR ADRESSE}
tada! you are done!