README

Oppositus -- mirror CoreOS releases

Package oppositus maintains a local mirror of CoreOS releases. Oppositus is when your core is mirrored -- that is, your internal organs are reversed.

Only files with good signatures are stored, so the mirror can be safely used via the local filesystem without MITM risk.

There is no incremental downloading; the update mechanism in CoreOS is way too elaborate to imitate easily. I am also personally most interested in the PXE image for running VMs, which is outside of that scope anyway.

Usage

Config file sets which release channels to mirror (default: all), and what files to include (default: all). First matching filter applies, - excludes and + includes a file.

$ cat config.json
{
    "channels": ["stable", "beta"],
    "filters": [
        "+ coreos_production_pxe[._]*",
        "+ coreos_developer_container[._]*",
        "- *"
    ]
}
$ mkdir dest
$ oppositus config.json dest
...
$ tree dest
dest
├── all
│   ├── 1010.3.0
│   │   ├── coreos_developer_container.bin.bz2
│   │   ├── coreos_developer_container.bin.bz2.DIGESTS
│   │   ├── coreos_developer_container.bin.bz2.DIGESTS.sig
│   │   ├── coreos_developer_container.bin.bz2.sig
...
│   │   ├── coreos_production_pxe_image.cpio.gz
│   │   ├── coreos_production_pxe_image.cpio.gz.sig
│   │   ├── coreos_production_pxe.README
│   │   ├── coreos_production_pxe.README.sig
│   │   ├── coreos_production_pxe.sh
│   │   ├── coreos_production_pxe.sh.sig
│   │   ├── coreos_production_pxe.vmlinuz
│   │   └── coreos_production_pxe.vmlinuz.sig
│   └── 899.17.0
│       ├── coreos_developer_container.bin.bz2
│       ├── coreos_developer_container.bin.bz2.DIGESTS
│       ├── coreos_developer_container.bin.bz2.DIGESTS.sig
│       ├── coreos_developer_container.bin.bz2.sig
...
│       ├── coreos_production_pxe_image.cpio.gz
│       ├── coreos_production_pxe_image.cpio.gz.sig
│       ├── coreos_production_pxe.README
│       ├── coreos_production_pxe.README.sig
│       ├── coreos_production_pxe.sh
│       ├── coreos_production_pxe.sh.sig
│       ├── coreos_production_pxe.vmlinuz
│       └── coreos_production_pxe.vmlinuz.sig
├── beta
│   └── current -> ../all/1010.3.0
└── stable
    └── current -> ../all/899.17.0

7 directories, 40 files
$ head -3 dest/stable/current/coreos_production_pxe.README
If you have qemu installed (or in the SDK), you can start the image with:
  cd path/to/image
  ./coreos_production_pxe.sh -curses

TODO

  • container to run it, systemd timer to schedule it
  • garbage collection
  • perhaps maintain symlinks in <channel>/<version> to note that said version was seen in that channel at some point in time
  • use readOnlyRootFS in container manifest
Expand ▾ Collapse ▴

Documentation

Overview

    Package oppositus maintains a local mirror of CoreOS releases. "Oppositus" is when your core is mirrored -- that is, your internal organs are reversed.

    Only files with good signatures are stored, so the mirror can be safely used via the local filesystem without MITM risk.

    Index

    Constants

    This section is empty.

    Variables

    This section is empty.

    Functions

    func Mirror

    func Mirror(ctx context.Context, dst string, opts ...Option) error

      Mirror fetches CoreOS releases, verifies signatures, and stores them locally under the directory dst.

      Types

      type Option

      type Option option

        Option is passed to Mirror to change its behavior.

        func WithChannels

        func WithChannels(chans ...channels.Channel) Option

          WithChannels sets the channels to mirror. Caller must not mutate chans after the call.

          func WithErrorHandler

          func WithErrorHandler(fn func(error) error) Option

            WithErrorHandler sets a function that decides which errors are fatal. If it returns a non-nil error, the mirroring process aborts; otherwise, as much progress is made as possible.

            A typical use would be to log errors and return nil.

            func WithFilter

            func WithFilter(fn func(basename string) bool) Option

              WithFilter sets a filter files must pass, or they won't be mirrored.

              Source Files

              Directories

              Path Synopsis
              cmd
              Package sig checks signatures against the CoreOS Image Signing Key.
              Package sig checks signatures against the CoreOS Image Signing Key.
              internal
              atomic
              Package atomic provides atomic filesystem operations.
              Package atomic provides atomic filesystem operations.
              href
              Package href extracts HTML <a href> attributes.
              Package href extracts HTML <a href> attributes.