- Arch-mirrors - lists.archlinux.org

misaka.one is tier 1 but upstream is not tier 0
by Marcus B Spencer 23 May '25

23 May '25

misaka.one [1] is tier 1, but still has another tier 1 (23m.com) instead of rsync.archlinux.org as the upstream. [1] https://archlinux.org/mirrors/misaka.one/ -- Regards, Marcus B Spencer

1 0

IRC Channel for mirror related discussions now available
by pitastrudl 19 May '25

19 May '25

Hi all, We've created, some time ago already, a new channel on libera.chat for any Arch Linux mirror / mirrorlist related questions and chat. This is just another communication channel for all things related. It is still advised to report any issues to https://gitlab.archlinux.org/archlinux/arch-mirrors/-/issues for easier visibility and tracking of progress. Thank you for all your contributions, past and future! Channel name: #archlinux-mirrors Regards, Arun

1 0

AI scraping
by Arnold DECHAMPS 11 May '25

11 May '25

Hello everyone, I'm getting a LOT of traffic from AI scrapers (to the point that my mirror starts to become unusable). I heared about a project called Anubis. Would this work on a mirror? Kind regards, Arnold Dechamps

5 8

marcusspencer.xyz domain move
by Marcus B Spencer (deprecated) 11 Apr '25

11 Apr '25

I'm moving from marcusspencer.xyz domain to marcusspencer.us. New primary administrative email is marcus(a)marcusspencer.us. Alternative email is the same as before. There's new-domain-confirmation.marcusspencer.xyz and old-domain-confirmation.marcusspencer.us TXT records for verification. New access methods: * https://arch.mirror.marcusspencer.us:4443/archlinux * rsync://arch.mirror.marcusspencer.us/archlinux I will keep the old domain active for as long as I can (probably until Nov 2026). -- Regards, Marcus B Spencer

1 0

Monitoring Down
by Arnold DECHAMPS 16 Mar '25

16 Mar '25

Hello Everyone, The monitoring page of the arch linux mirrors seem to have frozen 6 hours ago. What is happening? Kind regards, Arnold Dechamps

2 3

mirror.aria-on-the-planet.es scheduled downtime/maintenance
by 小浦方基 (Motoi Kourakata) 22 Feb '25

22 Feb '25

Hi, Due to the maintenance of facility where my server is at, my mirror mirror.aria-on-the-planet.es is expected to be down since 2025 February 23rd 10:00 AM JST until 2025 February 24th 12:00 PM JST (2025/02/23 01:00 - 2025/02/24 15:00 UTC). Sorry for inconvenience. Sincerely, Motoi Kourakata

1 0

Request for Sponsored VMs to Maintain Arch Linux Geomirrors
by Leonidas Spyropoulos 08 Feb '25

08 Feb '25

Hello, As you may be aware, the Arch Linux DevOps team maintains a Tier 1 (T1) geomirror in major geographical regions [0]. These are sponsored physical servers or virtual machines (VMs) that are fully managed by the DevOps team. In addition to serving as a T1 mirror, the geomirror hosts the Arch Linux archive - essential for reproducible builds and rolling back to previous released packages - in the Americas, Europe, and Asia. Furthermore, it provides static endpoints for container images, VM images, libvirt, and WSL images (planned). However, with the sunsetting of Equinix Metal's free tier [1] and the loss of our only contact for the Kape-sponsored servers, these mirrors are now on borrowed time. This email is a request for sponsored VMs to allow the DevOps team to continue maintaining the geomirror infrastructure. Below are the requirements for a sponsored server: - Full root access for DevOps, managed via Ansible and preferable the VM should run Arch Linux - Compliance with the requirements for a T1 mirror as described in the Arch Linux wiki [2] - Really prefer a 1G/s upload _and_ download bandwidth - Expected traffic details are documented in a related GitLab issue [3] We greatly appreciate any volunteers willing to support this effort and look forward to hearing from you. [0]: https://archlinux.org/mirrors/geo.mirror.pkgbuild.com/ [1]: https://deploy.equinix.com/blog/sunsetting-equinix-metal/ [2]: https://wiki.archlinux.org/title/DeveloperWiki:NewMirrors [3]: https://gitlab.archlinux.org/archlinux/infrastructure/-/issues/664 Thank you, Arch Linux DevOps team -- Leonidas Spyropoulos Developer & DevOps PGP: 59E43E106B247368 244740D17C7FD0EC

3 4

critical rsync security release 3.4.0
by wahrwolf 14 Jan '25

14 Jan '25

We'd like to raise awareness about a rsync security release version 3.4.0-1 as described in our advisory [ASA-202501-1](https://security.archlinux.org/ASA-202501-1). In the most severe CVE, an attacker only requires anonymous read access to a rsync server, such as a public mirror, to execute arbitrary code on the machine the server is running on. Additionally, attackers can take control of a malicious server and read/write arbitrary files of any connected client. Sensitive data, such as OpenPGP and SSH keys, can be extracted, and malicious code can be executed by overwriting files such as `~/.bashrc` or `~/.popt`. We highly advise anyone who runs an rsync daemon or client prior to 3.3.1-1 to upgrade and reboot their systems immediately. As Arch Linux mirrors are mostly synchronized using rsync, we highly advise any mirror administrator to act immediately, even though the packages themselves are cryptographically signed. On Arch Linux infrastructure side we have secured all our affected servers and mirrors.

1 0

Re: Splitting the Arch Linux repo and archive server
by gromit 27 Dec '24

27 Dec '24

On 24/12/27 02:55PM, Kristian Klausen wrote: > Hi all, Hello everyone, > The DevOps team is working on splitting[0] the repo server and the archive > server, which are currently still located on the same box > (gemini.archlinux.org) This reason for splitting it is mainly due to I/O > issues and to ensure separation of concerns. Please see [1] and [2] for a > bit more context. > > We have already ordered the new repo server (AX41-NVMe[3] with an extra 1 TB > NVMe SSD) and switched the rsync endpoint for the mirrors 7 months ago[2], > so now the time has come to move the home of the repos from gemini to the > new repo server. > Christian and I are planning on taking a stab on this in a few hours, during > which the access to the repos will be cut off. We have now successfully finished the maintenance and all services should be reachable again as usual. If you still find things that are amiss please let us know! We still need to fix the archiving setup in the coming days, but the disruptive part of the maintenance work is done. === Information for Packagers === The new repo server has the following host keys, which can also be checked in our [ssh-hostkeys textfile][4]: 256 SHA256:uR8mRzpo828jM6U1jmdBxXvHEiDbuNSwpLur5odBrRA repos.archlinux.org (ECDSA) 256 SHA256:JApvSFU4OvaafW5ebe3ktmlp41WSsOffCkOBvtdNeDU repos.archlinux.org (ED25519) 3072 SHA256:wlSAfyb4o94izuemzbOILFeVPgDZd0Y9n890gq1pyxY repos.archlinux.org (RSA) 256 MD5:55:ee:72:27:c3:9d:f0:c3:89:b4:24:ff:75:dd:60:bf repos.archlinux.org (ECDSA) 256 MD5:90:98:6c:ee:72:b5:a6:dc:bf:ae:12:39:2e:99:b2:c4 repos.archlinux.org (ED25519) 3072 MD5:48:53:1e:51:81:7f:40:fd:ee:7c:dc:06:7c:98:a3:9e repos.archlinux.org (RSA) === Information for Mirror Admins === The rsync deamon is active again and mirroring should continue as usual! Cheers, Kristian and Christian [4]: https://gitlab.archlinux.org/archlinux/infrastructure/-/blob/master/docs/ss…

1 0

Fwd: Splitting the Arch Linux repo and archive server
by gromit 27 Dec '24

27 Dec '24

Dear Mirror Admins, we also want to inform you about the planned maintenance below. Cheers, Kristian & Christian Arch Linux DevOps Team

1 0