PROYECTO TIC TAC

http://proyectotictac.wordpress.com
Telfonos: 0426-905.89.44

Cdigo: PTT-LPI-GUSB4 / 0001

Pg.1
Fecha de creacin: 01/03/12
Fecha de actualizacin: 01/03/12

GUIA DE CREACION DE REPOSITORIOS PARA EL

SISTEMA OPERATIVO OFICIAL
DE LA REPUBLICA BOLIVARIANA DE VENEZUELA
GNU / LINUX CANAIMA 3.X

PARA LA ADMINISTRACION PUBLICA NACIONAL, CIUDADANOS Y COMUNIDADES

DE LA REPUBLICA BOLIVARIANA DE VENEZUELA
Repblica Bolivariana de Venezuela
PROTECTO TIC - TAC

PROYECTO TIC TAC

http://proyectotictac.wordpress.com
Telfonos: 0426-905.89.44

Cdigo: PTT-LPI-GUSB4 / 0001

Pg.2
Fecha de creacin: 01/03/12
Fecha de actualizacin: 01/03/12

EQUIPO SERVIDOR PARA EL REPOSITORIO

1.- Instale y configure un Equipo de excelente rendimiento con una Distribucin

Linux DEBIAN o basada en DEBIAN , tal como Canaima 3.0.
2.- En un terminal de root instale un Servidor Web Apache con la linea de
comando:
aptitude install apache2
Nota: Si requiere la instalacin de otro paquete para configurar el servidor web u
optimizar el funcionamiento del Equipo como Repositorio (Mirror) instalelo con
confianza. Una vez instalado el Servidor Apache, ya debe existir la ruta /var/www/ .
3.- Luego en la ruta /var/www/ cree las carpetas debian, debian-security,
canaimarepo, canaimauniv y canaimasegu. Nota asegrese que las mismas tienen
el permiso y el usuario necesario para lograr descargar los archivos del repositorio
externo. Puede lograr esto con la secuencia de comandos siguientes:
chmod 775 debian/ -R
chmod 775 debian-security/ -R
chmod 775 canaimarepo/ -R
chmod 775 canaimauniv/ -R
chmod 775 canaimasegu/ -R
chown -R www-data. debian
chown -R www-data. debian-security
chown -R www-data. canaimarepo
chown -R www-data. canaimauniv
chown -R www-data. canaimasegu

4.- Ahora genere y / o copie el archivo mirror.sh en el home del root (/root/ ) y
programe su ejecucin diaria automtica dentro del archivo crontab que se
Repblica Bolivariana de Venezuela
PROTECTO TIC - TAC

PROYECTO TIC TAC

http://proyectotictac.wordpress.com
Telfonos: 0426-905.89.44

Cdigo: PTT-LPI-GUSB4 / 0001

Pg.3
Fecha de creacin: 01/03/12
Fecha de actualizacin: 01/03/12

encuentra en la ruta /etc/, tal como se muestra a continuacin con la inclusin de

las lineas de comandos siguientes:
## Mirror diario
00 18 * * * /root/mirror.sh

## Mirror diario
00 18

* * *

root /root/mirror.sh

5.- Espere que llegue la hora de ejecucin del script mirror.sh o ejecutelo
inmediatamente mediante la linea de comando ./mirror.sh . Puede chequear el
proceso de generacin y / o actualizacin del repositorio mediante las lineas de
comando:

tail -f debian-mirror.log

cat debian-mirror.log

Repblica Bolivariana de Venezuela

PROTECTO TIC - TAC

PROYECTO TIC TAC

Cdigo: PTT-LPI-GUSB4 / 0001

Pg.4

http://proyectotictac.wordpress.com
Telfonos: 0426-905.89.44

Fecha de creacin: 01/03/12

Fecha de actualizacin: 01/03/12

CONTENIDO DEL SCRIPT MIRROR.SH

#! /bin/sh
set -e
#s script originates from http://www.debian.org/mirror/anonftpsync

# CVS: cvs.debian.org:/cvs/webwml - webwml/english/mirror/anonftpsync

# Version: $Id: anonftpsync,v 1.43 2008-06-15 18:16:04 spaillar Exp $

# Note: You MUST have rsync 2.6.4 or newer, which is available in sarge
# and all newer Debian releases, or at http://rsync.samba.org/

# Don't forget:
# chmod u+x anonftpsync

# Set the variables below to fit your site. You can then use cron to have
# this script run daily to automatically update your copy of the archive.

# TO is the destination for the base of the Debian mirror directory

# (the dir that holds dists/ and ls-lR).
# (mandatory)
TO_SEC=/var/www/debian-security
TO=/var/www/debian/
TO_CANAIMA1=/var/www/canaimarepo/
TO_CANAIMA2=/var/www/canaimauniv/
TO_CANAIMA3=/var/www/canaimasegu/

# RSYNC_HOST is the site you have chosen from the mirrors file.

Repblica Bolivariana de Venezuela

PROTECTO TIC - TAC

PROYECTO TIC TAC

http://proyectotictac.wordpress.com
Telfonos: 0426-905.89.44
# (http://www.debian.org/mirror/list-full)
# (mandatory)
#RSYNC_HOST=ftp.us.debian.org
#RSYNC_HOST=ftp.ie.debian.org
RSYNC_HOST=ftp.ba.debian.org
RSYNC_HOST_SEC=security.debian.org
RSYNC_HOST_CANAIMA1=repositorio.canaima.softwarelibre.gob.ve
RSYNC_HOST_CANAIMA2=universo.canaima.softwarelibre.gob.ve
RSYNC_HOST_CANAIMA3=seguridad.canaima.softwarelibre.gob.ve

# RSYNC_DIR is the directory given in the "Packages over rsync:" line of

# the mirrors file for the site you have chosen to mirror.
# (mandatory)
RSYNC_DIR=debian/
RSYNC_DIR_SEC=debian-security/
RSYNC_DIR_CANAIMA1=canaima/
RSYNC_DIR_CANAIMA2=universo/
RSYNC_DIR_CANAIMA3=seguridad/

# LOGDIR is the directory where the logs will be written to

# (mandatory)
LOGDIR=/root

# ARCH_EXCLUDE can be used to exclude a complete architecture from

# mirrorring. Please use as space seperated list.

Repblica Bolivariana de Venezuela

PROTECTO TIC - TAC

Cdigo: PTT-LPI-GUSB4 / 0001

Pg.5
Fecha de creacin: 01/03/12
Fecha de actualizacin: 01/03/12

PROYECTO TIC TAC

http://proyectotictac.wordpress.com
Telfonos: 0426-905.89.44

Cdigo: PTT-LPI-GUSB4 / 0001

Pg.6
Fecha de creacin: 01/03/12
Fecha de actualizacin: 01/03/12

# Possible values are:

# alpha, amd64, arm, armel, hppa, hurd-i386, i386, ia64, m68k, mipsel, mips, powerpc, s390, sh and sparc
#
# There is one special value: source
# This is not an architecture but will exclude all source code in /pool
#
# eg.
# ARCH_EXCLUDE="alpha arm armel hppa hurd-i386 ia64 m68k mipsel mips s390 sparc"
#
# With a blank ARCH_EXCLUDE you will mirror all available architectures
# (optional)
ARCH_EXCLUDE="alpha amd64 arm armel hppa hurd-i386 ia64 m68k mipsel mips s390 sparc powerpc"

# EXCLUDE is a list of parameters listing patterns that rsync will exclude, in

# addition to the architectures excluded by ARCH_EXCLUDE.
#
# Use ARCH_EXCLUDE to exclude specific architectures or all sources
#
# --exclude stable, testing, unstable options DON'T remove the packages of
# the given distribution. If you want do so, use debmirror instead.
#

# The following example would exclude mostly everything:

EXCLUDE="\
# --exclude stable/ --exclude testing/ --exclude unstable/ \

Repblica Bolivariana de Venezuela

PROTECTO TIC - TAC

PROYECTO TIC TAC

http://proyectotictac.wordpress.com
Telfonos: 0426-905.89.44

Cdigo: PTT-LPI-GUSB4 / 0001

Pg.7
Fecha de creacin: 01/03/12
Fecha de actualizacin: 01/03/12

--exclude source/ \
--exclude *.orig.tar.gz --exclude *.diff.gz --exclude *.dsc \
# --exclude /contrib/ --exclude /non-free/ \
# "

# With a blank EXCLUDE you will mirror the entire archive, except the
# architectures excluded by ARCH_EXCLUDE.
# (optional)
EXCLUDE=

# MAILTO is the address to send logfiles to;

# if it is not defined, no mail will be sent
# (optional)
MAILTO=

# LOCK_TIMEOUT is a timeout in minutes. Defaults to 360 (6 hours).

# This program creates a lock to ensure that only one copy
# of it is mirroring any one archive at any one time.
# Locks held for longer than the timeout are broken, unless
# a running rsync process appears to be connected to $RSYNC_HOST.
LOCK_TIMEOUT=360

# You may establish the connection via a web proxy by setting the environment
# variable RSYNC_PROXY to a hostname:port pair pointing to your web proxy. Note
# that your web proxys configuration must support proxy connections to port 873.
#

Repblica Bolivariana de Venezuela

PROTECTO TIC - TAC

PROYECTO TIC TAC

http://proyectotictac.wordpress.com
Telfonos: 0426-905.89.44

Cdigo: PTT-LPI-GUSB4 / 0001

Pg.8
Fecha de creacin: 01/03/12
Fecha de actualizacin: 01/03/12

# RSYNC_PROXY="IP:PORT"
# export RSYNC_PROXY=$RSYNC_PROXY

# There should be no need to edit anything below this point, unless there
# are problems.

#-----------------------------------------------------------------------------#
# If you are accessing a rsync server/module which is password-protected,
# uncomment the following lines (and edit the other file).

# . ftpsync.conf
# export RSYNC_PASSWORD
# RSYNC_HOST=$RSYNC_USER@$RSYNC_HOST
#-----------------------------------------------------------------------------#

# Check for some environment variables

if [ -z "$TO" ] || [ -z "$RSYNC_HOST" ] || [ -z "$RSYNC_DIR" ] || [ -z "$LOGDIR" ]; then
echo "One of the following variables seems to be empty:"
echo "TO, RSYNC_HOST, RSYNC_DIR or LOGDIR"
exit 2
fi

# Note: on some non-Debian systems, hostname doesn't accept -f option.

# If that's the case on your system, make sure hostname prints the full
# hostname, and remove the -f option. If there's no hostname command,
# explicitly replace `hostname -f` with the hostname.
HOSTNAME=`hostname -f`

Repblica Bolivariana de Venezuela

PROTECTO TIC - TAC

PROYECTO TIC TAC

http://proyectotictac.wordpress.com
Telfonos: 0426-905.89.44

# The hostname must match the "Site" field written in the list of mirrors.
# If hostname doesn't returns the correct value, fill and uncomment below
# HOSTNAME=mirror.domain.tld
LOCK="${TO}/Archive-Update-in-Progress-${HOSTNAME}"

# The temp directory used by rsync --delay-updates is not

# world-readable remotely. It must be excluded to avoid errors.
TMP_EXCLUDE="--exclude .~tmp~/"

# Exclude architectures defined in $ARCH_EXCLUDE

for ARCH in $ARCH_EXCLUDE; do
EXCLUDE=$EXCLUDE"\
--exclude binary-$ARCH/ \
--exclude disks-$ARCH/ \
--exclude installer-$ARCH/ \
--exclude Contents-$ARCH.gz \
--exclude Contents-$ARCH.diff/ \
--exclude arch-$ARCH.files \
--exclude arch-$ARCH.list.gz \
--exclude *_$ARCH.deb \
--exclude *_$ARCH.udeb "
if [ "$ARCH" = "source" ]; then
SOURCE_EXCLUDE="\
--exclude source/ \
--exclude *.tar.gz \
--exclude *.diff.gz \

Repblica Bolivariana de Venezuela

PROTECTO TIC - TAC

Cdigo: PTT-LPI-GUSB4 / 0001

Pg.9
Fecha de creacin: 01/03/12
Fecha de actualizacin: 01/03/12

PROYECTO TIC TAC

http://proyectotictac.wordpress.com
Telfonos: 0426-905.89.44
--exclude *.dsc "
fi
done

# Logfile
LOGFILE=$LOGDIR/debian-mirror.log
# optionally, use the rsync module name in the log file name:
# LOGFILE=$LOGDIR/$(echo $RSYNC_DIR | tr / _)-mirror.log
# LOGFILE=$LOGDIR/${RSYNC_DIR/\//_}-mirror.log

# Get in the right directory and set the umask to be group writable
#
cd $HOME
umask 002

# If we are running mirror script for the first time, create the
# destination directory and the trace directory underneath it
if [ ! -d "${TO}/project/trace/" ]; then
mkdir -p ${TO}/project/trace
fi
# Check to see if another sync is in progress
if [ -f "$LOCK" ]; then
# Note: this requires the findutils find; for other finds, adjust as necessary
if [ "`find $LOCK -maxdepth 1 -cmin -$LOCK_TIMEOUT`" = "" ]; then
# Note: this requires the procps ps; for other ps', adjust as necessary
if ps ax | grep '[r]'sync | grep -q $RSYNC_HOST; then
echo "stale lock found, but a rsync is still running, aiee!"

Repblica Bolivariana de Venezuela

PROTECTO TIC - TAC

Cdigo: PTT-LPI-GUSB4 / 0001

Pg.10
Fecha de creacin: 01/03/12
Fecha de actualizacin: 01/03/12

PROYECTO TIC TAC

http://proyectotictac.wordpress.com
Telfonos: 0426-905.89.44

Cdigo: PTT-LPI-GUSB4 / 0001

Pg.11
Fecha de creacin: 01/03/12
Fecha de actualizacin: 01/03/12

exit 1
else
echo "stale lock found (not accessed in the last $LOCK_TIMEOUT minutes), forcing update!"
rm -f $LOCK
fi
else
echo "current lock file exists, unable to start rsync!"
exit 1
fi
fi

touch $LOCK
# Note: on some non-Debian systems, trap doesn't accept "exit" as signal
# specification. If that's the case on your system, try using "0".
trap "rm -f $LOCK" exit

set +e

# First sync /pool

rsync --recursive --links --hard-links --times \
--verbose \
--timeout=3600 \
$TMP_EXCLUDE $EXCLUDE $SOURCE_EXCLUDE \
$RSYNC_HOST::$RSYNC_DIR/pool/ $TO/pool/ >> $LOGFILE 2>&1
result=$?

Repblica Bolivariana de Venezuela

PROTECTO TIC - TAC

PROYECTO TIC TAC

http://proyectotictac.wordpress.com
Telfonos: 0426-905.89.44
if [ "$result" = 0 ]; then
# Now sync the remaining stuff
rsync --recursive --links --hard-links --times \
--verbose \
--delay-updates --delete-after \
--timeout=3600 \
--exclude "Archive-Update-in-Progress-${HOSTNAME}" \
--exclude "project/trace/${HOSTNAME}" \
$TMP_EXCLUDE $EXCLUDE $SOURCE_EXCLUDE \
$RSYNC_HOST::$RSYNC_DIR/ $TO >> $LOGFILE 2>&1

LANG=C date -u > "${TO}/project/trace/${HOSTNAME}"

else
echo "ERROR: Help, something weird happened" | tee -a $LOGFILE
echo "mirroring /pool exited with exitcode" $result | tee -a $LOGFILE
fi

#Rsync security
rsync --recursive --links --hard-links --times --verbose --compress --delete \
--exclude "Archive-Update-in-Progress-${HOSTNAME}" \
--exclude "project/trace/${HOSTNAME}" \
$TMP_EXCLUDE $EXCLUDE $SOURCE_EXCLUDE \
$RSYNC_HOST_SEC::$RSYNC_DIR_SEC/ $TO_SEC >> $LOGFILE 2>&1

Repblica Bolivariana de Venezuela

PROTECTO TIC - TAC

Cdigo: PTT-LPI-GUSB4 / 0001

Pg.12
Fecha de creacin: 01/03/12
Fecha de actualizacin: 01/03/12

PROYECTO TIC TAC

http://proyectotictac.wordpress.com
Telfonos: 0426-905.89.44

Cdigo: PTT-LPI-GUSB4 / 0001

Pg.13
Fecha de creacin: 01/03/12
Fecha de actualizacin: 01/03/12

#### Rsync Canaima1

rsync --recursive --links --hard-links --times --verbose --compress --delete \
--exclude "Archive-Update-in-Progress-${HOSTNAME}" \
--exclude "project/trace/${HOSTNAME}" \
$TMP_EXCLUDE $EXCLUDE $SOURCE_EXCLUDE \
$RSYNC_HOST_CANAIMA1::$RSYNC_DIR_CANAIMA1/ $TO_CANAIMA1 >> $LOGFILE 2>&1

#### Rsync Canaima2

rsync --recursive --links --hard-links --times --verbose --compress --delete \
--exclude "Archive-Update-in-Progress-${HOSTNAME}" \
--exclude "project/trace/${HOSTNAME}" \
$TMP_EXCLUDE $EXCLUDE $SOURCE_EXCLUDE \
$RSYNC_HOST_CANAIMA2::$RSYNC_DIR_CANAIMA2/ $TO_CANAIMA2 >> $LOGFILE 2>&1

#### Rsync Canaima3

rsync --recursive --links --hard-links --times --verbose --compress --delete \
--exclude "Archive-Update-in-Progress-${HOSTNAME}" \
--exclude "project/trace/${HOSTNAME}" \
$TMP_EXCLUDE $EXCLUDE $SOURCE_EXCLUDE \
$RSYNC_HOST_CANAIMA3::$RSYNC_DIR_CANAIMA3/ $TO_CANAIMA3 >> $LOGFILE 2>&1

if [ -n "$MAILTO" ]; then
mail -s "debian archive synced" $MAILTO < $LOGFILE
fi

savelog $LOGFILE >/dev/null

rm $LOCK

Repblica Bolivariana de Venezuela

PROTECTO TIC - TAC