- Arch-mirrors - lists.archlinux.org

marcusspencer.xyz domain move
by Marcus B Spencer (deprecated) 11 Apr '25

11 Apr '25

I'm moving from marcusspencer.xyz domain to marcusspencer.us. New primary administrative email is marcus(a)marcusspencer.us. Alternative email is the same as before. There's new-domain-confirmation.marcusspencer.xyz and old-domain-confirmation.marcusspencer.us TXT records for verification. New access methods: * https://arch.mirror.marcusspencer.us:4443/archlinux * rsync://arch.mirror.marcusspencer.us/archlinux I will keep the old domain active for as long as I can (probably until Nov 2026). -- Regards, Marcus B Spencer

1 0

Monitoring Down
by Arnold DECHAMPS 16 Mar '25

16 Mar '25

Hello Everyone, The monitoring page of the arch linux mirrors seem to have frozen 6 hours ago. What is happening? Kind regards, Arnold Dechamps

2 3

mirror.aria-on-the-planet.es scheduled downtime/maintenance
by 小浦方基 (Motoi Kourakata) 22 Feb '25

22 Feb '25

Hi, Due to the maintenance of facility where my server is at, my mirror mirror.aria-on-the-planet.es is expected to be down since 2025 February 23rd 10:00 AM JST until 2025 February 24th 12:00 PM JST (2025/02/23 01:00 - 2025/02/24 15:00 UTC). Sorry for inconvenience. Sincerely, Motoi Kourakata

1 0

Request for Sponsored VMs to Maintain Arch Linux Geomirrors
by Leonidas Spyropoulos 08 Feb '25

08 Feb '25

Hello, As you may be aware, the Arch Linux DevOps team maintains a Tier 1 (T1) geomirror in major geographical regions [0]. These are sponsored physical servers or virtual machines (VMs) that are fully managed by the DevOps team. In addition to serving as a T1 mirror, the geomirror hosts the Arch Linux archive - essential for reproducible builds and rolling back to previous released packages - in the Americas, Europe, and Asia. Furthermore, it provides static endpoints for container images, VM images, libvirt, and WSL images (planned). However, with the sunsetting of Equinix Metal's free tier [1] and the loss of our only contact for the Kape-sponsored servers, these mirrors are now on borrowed time. This email is a request for sponsored VMs to allow the DevOps team to continue maintaining the geomirror infrastructure. Below are the requirements for a sponsored server: - Full root access for DevOps, managed via Ansible and preferable the VM should run Arch Linux - Compliance with the requirements for a T1 mirror as described in the Arch Linux wiki [2] - Really prefer a 1G/s upload _and_ download bandwidth - Expected traffic details are documented in a related GitLab issue [3] We greatly appreciate any volunteers willing to support this effort and look forward to hearing from you. [0]: https://archlinux.org/mirrors/geo.mirror.pkgbuild.com/ [1]: https://deploy.equinix.com/blog/sunsetting-equinix-metal/ [2]: https://wiki.archlinux.org/title/DeveloperWiki:NewMirrors [3]: https://gitlab.archlinux.org/archlinux/infrastructure/-/issues/664 Thank you, Arch Linux DevOps team -- Leonidas Spyropoulos Developer & DevOps PGP: 59E43E106B247368 244740D17C7FD0EC

3 4

critical rsync security release 3.4.0
by wahrwolf 14 Jan '25

14 Jan '25

We'd like to raise awareness about a rsync security release version 3.4.0-1 as described in our advisory [ASA-202501-1](https://security.archlinux.org/ASA-202501-1). In the most severe CVE, an attacker only requires anonymous read access to a rsync server, such as a public mirror, to execute arbitrary code on the machine the server is running on. Additionally, attackers can take control of a malicious server and read/write arbitrary files of any connected client. Sensitive data, such as OpenPGP and SSH keys, can be extracted, and malicious code can be executed by overwriting files such as `~/.bashrc` or `~/.popt`. We highly advise anyone who runs an rsync daemon or client prior to 3.3.1-1 to upgrade and reboot their systems immediately. As Arch Linux mirrors are mostly synchronized using rsync, we highly advise any mirror administrator to act immediately, even though the packages themselves are cryptographically signed. On Arch Linux infrastructure side we have secured all our affected servers and mirrors.

1 0

Re: Splitting the Arch Linux repo and archive server
by gromit 27 Dec '24

27 Dec '24

On 24/12/27 02:55PM, Kristian Klausen wrote: > Hi all, Hello everyone, > The DevOps team is working on splitting[0] the repo server and the archive > server, which are currently still located on the same box > (gemini.archlinux.org) This reason for splitting it is mainly due to I/O > issues and to ensure separation of concerns. Please see [1] and [2] for a > bit more context. > > We have already ordered the new repo server (AX41-NVMe[3] with an extra 1 TB > NVMe SSD) and switched the rsync endpoint for the mirrors 7 months ago[2], > so now the time has come to move the home of the repos from gemini to the > new repo server. > Christian and I are planning on taking a stab on this in a few hours, during > which the access to the repos will be cut off. We have now successfully finished the maintenance and all services should be reachable again as usual. If you still find things that are amiss please let us know! We still need to fix the archiving setup in the coming days, but the disruptive part of the maintenance work is done. === Information for Packagers === The new repo server has the following host keys, which can also be checked in our [ssh-hostkeys textfile][4]: 256 SHA256:uR8mRzpo828jM6U1jmdBxXvHEiDbuNSwpLur5odBrRA repos.archlinux.org (ECDSA) 256 SHA256:JApvSFU4OvaafW5ebe3ktmlp41WSsOffCkOBvtdNeDU repos.archlinux.org (ED25519) 3072 SHA256:wlSAfyb4o94izuemzbOILFeVPgDZd0Y9n890gq1pyxY repos.archlinux.org (RSA) 256 MD5:55:ee:72:27:c3:9d:f0:c3:89:b4:24:ff:75:dd:60:bf repos.archlinux.org (ECDSA) 256 MD5:90:98:6c:ee:72:b5:a6:dc:bf:ae:12:39:2e:99:b2:c4 repos.archlinux.org (ED25519) 3072 MD5:48:53:1e:51:81:7f:40:fd:ee:7c:dc:06:7c:98:a3:9e repos.archlinux.org (RSA) === Information for Mirror Admins === The rsync deamon is active again and mirroring should continue as usual! Cheers, Kristian and Christian [4]: https://gitlab.archlinux.org/archlinux/infrastructure/-/blob/master/docs/ss…

1 0

Fwd: Splitting the Arch Linux repo and archive server
by gromit 27 Dec '24

27 Dec '24

Dear Mirror Admins, we also want to inform you about the planned maintenance below. Cheers, Kristian & Christian Arch Linux DevOps Team

1 0

extra.db missing on multiple mirrors
by Niklas Yann Wettengel 29 Oct '24

29 Oct '24

Hi, I noticed the extra.db-file (/extra/os/x86_64/extra.db) is missing on multiple Tier 1 mirrors: - ftp.halifax.rwth-aachen.de - mirror.23m.com - mirror.selfnet.de maybe an upstream problem? Best Regards Niklas

5 4

RFC Final Comment Period: Mirror definition - Proposal for new mirror administration routines and mirror requirements
by pitastrudl 01 Oct '24

01 Oct '24

An RFC has now entered its Final Comment Period. In 14 days, discussion will end and the proposal will either be accepted, rejected or withdrawn: https://gitlab.archlinux.org/archlinux/rfcs/-/merge_requests/29 Please visit the above link for discussion. Summary: Before this proposal, all tasks surrounding mirrors were manual and in free-text form. This RFC therefore outlines the definitions and guidelines surrounding both becoming but also maintaining and decommissioning a mirrors in a new format using TOML and GitLab.

1 0

repo.jing.rocks summer maintenance
by Jing Luo 14 Sep '24

14 Sep '24

Hello all, repo.jing.rocks will have a "summer maintenance" intermittently from 2024-09-15 00:00 UTC to 2024-09-23 15:00 UTC. This is to replace some drives and improve stability and robustness in general, so hopefully it will continue to serve the community for years. The maintenance window is long because I have a $dayjob and I need to pick the music to play when I work on servers. Ideally you _should_ see no service interruption, but it may serve stale mirrors for a few hours at a time during the week. This is because I plan to remount the NFS backend readonly but point it to the backup storage, before the main storage server is shutdown. But as all sysadmins know sometimes sh*t happens because life is just a sh*tshow. So let's all be prepared, if you use repo.jing.rocks as your upstream. Sorry for the inconvenience. *** repo.jing.rocks is a mirror site that mirrors many free software projects and distros, 110 TB in total, namely debian, archlinux, fedora, ubuntu, devuan, trisquel, linux-libre, dragora, parabola, openbsd, etc. It is probably the largest mirror collection in Japan, also a T1 mirror of archlinux, using residential 10Gbps internet and 100% renewable energy. -- Jing Luo About me: https://jing.rocks/about/ GPG Fingerprint: 4E09 8D19 00AA 3F72 1899 2614 09B3 316E 13A1 1EFC

1 0