Alma 9 Local Mirror

Kory Albert

3 min read
Alma 9 Local Mirror

As the amount of virtual machines has grown in my environment, so has the amount of updates. Updating Linux is a breeze because of the package managers. This can even be automated with tools like unattended-upgrade on Debian-based distros, Ansible playbooks, or simple cron jobs.

Most of these jobs run in the middle of the night when no one is using the internet. I don't have a metered internet connection either, so it's not the end of the world having multiple machines reach out to the same server over and over again for the same package, but what waste... As of this writing, I have about 15 VMs reaching out and pulling from the Alma repos. I think there is a better way to do this.

I decided to create one more VM to mitigate this. Linux comes with a tool called reposync to create your own local mirror. I couldn't find any tutorials on how to set this up on Alma 9. So this was some trial and error, but it wasn't too hard to get going. My initial concern was space, how much was it going to be to pull a whole repo down? Turns out it's only about 20GB.

First, we need to install the web server and set up indexing so we can view the files and the package manager can browse and download them. We can install apache or nginx, I went with nginx on this build.

let's install yum-utils while we are at it, this will include reposync

dnf install nginx yum-utils

Let's set up the folder structure for the repo and web server. I use /var/www/ since that's what I am used to, you can use anything.

mkdir -p /var/www/repos/almalinux/9/X86_64/os
chmod -R 755 /var/www/repos

Here I mounted an iscsi drive. This would be optional but, it's normally how I set up extra storage since TrueNAS has my bulk storage. If you do this the only thing to note is that SElinux needs to be set permissive.

We can write a simple config for nginx to point to this folder.

vim /etc/nginx/conf.d/repo.conf

include /etc/nginx/conf.d/*.conf;

server {
    # listen on port 80
    listen 80;

    # server name
    server_name mirror.local.lan;

    # default location
    location / {
    
      # root directory
      root /var/www/repos;
      autoindex on;

    }
  }

Now we can start the nginx and make sure we can browse the directory structure.
systemctl enable --now nginx

Let's start to pull down the repos, this needs to be done for "baseos" and "appstream"

reposync -p /var/www/repos/almalinux/9/X86_64/os --repo=baseos --download-metadata
reposync -p /var/www/repos/almalinux/9/X86_64/os --repo=appstream --download-metadata

After these download, we can create a cronjob to sync up once a day. I choose to do this in the middle of the night.

crontab -e

00 2 * * * reposync -p /var/www/repos/almalinux/9/X86_64/os --repo=baseos --download-metadata
00 2 * * * reposync -p /var/www/repos/almalinux/9/X86_64/os --repo=appstream --download-metadata

Now lets update the repo files on the servers. Ultimately, this will be put in my golden image but I will need to update the existing machines and test. The /etc/yum.repos.d/almalinux-baseos.repo and /etc/yum.repos.d/almalinux-appstream.repo need to be revised. I found the URL capitalization was important, so if you get an error take a look there.

[baseos]
name=AlmaLinux $releasever - BaseOS
#mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/baseos
baseurl=http://mirror.local.lan/almalinux/$releasever/X86_64/os/baseos
enabled=1
gpgcheck=1
countme=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
metadata_expire=86400
enabled_metadata=1

[appstream]
name=AlmaLinux $releasever - AppStream
#mirrorlist=https://mirrors.almalinux.org/mirrorlist/$releasever/appstream
baseurl=http://mirror.local.lan/almalinux/$releasever/X86_64/os/appstream
enabled=1
gpgcheck=1
countme=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-AlmaLinux-9
metadata_expire=86400
enabled_metadata=1

Now when we run dnf update we will see it pull from our local mirror at around 100Mbps depending on your network.