mirror of
https://github.com/GrapheneOS/infrastructure.git
synced 2024-12-22 05:35:00 -05:00
add subset of shared configuration files
This commit is contained in:
parent
7d70f11b0c
commit
d24d24926a
512
certbot-ocsp-fetcher
Executable file
512
certbot-ocsp-fetcher
Executable file
@ -0,0 +1,512 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# Unofficial Bash strict mode
|
||||
set \
|
||||
-o errexit \
|
||||
-o errtrace \
|
||||
-o noglob \
|
||||
-o nounset \
|
||||
-o pipefail
|
||||
IFS=$'\n\t'
|
||||
shopt -s inherit_errexit
|
||||
|
||||
exit_with_error() {
|
||||
echo "${@}" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
check_for_dependencies() {
|
||||
if ((BASH_VERSINFO[0] == 4 && \
|
||||
BASH_VERSINFO[1] < 3 || \
|
||||
BASH_VERSINFO[0] < 4)); then
|
||||
exit_with_error \
|
||||
error:$'\t\t'"${0##*/} requires Bash 4.3+."
|
||||
fi
|
||||
|
||||
if ! { command -v openssl >&- &&
|
||||
[[ $(openssl version) =~ ^OpenSSL\ ([[:digit:]]+)\.([[:digit:]]+) ]] &&
|
||||
((BASH_REMATCH[1] == 1 && \
|
||||
BASH_REMATCH[2] >= 1 || \
|
||||
BASH_REMATCH[1] > 1)); }; then
|
||||
# shellcheck disable=2016
|
||||
exit_with_error \
|
||||
error:$'\t\t'"${0##*/} requires OpenSSL 1.1.0+," \
|
||||
'but it is not available on $PATH.'
|
||||
fi
|
||||
}
|
||||
|
||||
parse_cli_arguments() {
|
||||
local -r usage=(
|
||||
"USAGE: ${0}"
|
||||
"[-c/--certbot-dir DIRECTORY]"
|
||||
"[-f/--force-update]"
|
||||
"[-h/--help]"
|
||||
"[-n/--cert-name NAME[,NAME...] [-u/--ocsp-responder URL]]"
|
||||
"[-o/--output-dir DIRECTORY]"
|
||||
"[-q/--quiet]"
|
||||
"[-v/--verbose]"
|
||||
"[-w/--no-reload-webserver]"
|
||||
)
|
||||
|
||||
declare -gl ERROR_ENCOUNTERED
|
||||
|
||||
declare -gi VERBOSITY=1
|
||||
local -r verbosity_error=(
|
||||
"error: -q/--quiet cannot be specified in conjunction with -v/--verbose."
|
||||
)
|
||||
|
||||
while ((${#} > 0)); do
|
||||
local parameter=${1}
|
||||
|
||||
case ${parameter} in
|
||||
-[^-]?*)
|
||||
set -- "-${parameter:1:1}" "-${parameter:2}" "${@:2}"
|
||||
;;
|
||||
-c | --certbot-dir | --certbot-dir=?*)
|
||||
if [[ -v CERTBOT_DIR ]]; then
|
||||
exit_with_error "${usage[@]}"
|
||||
fi
|
||||
|
||||
if [[ ${parameter} =~ --certbot-dir=(.+) ]]; then
|
||||
CERTBOT_DIR=${BASH_REMATCH[1]}
|
||||
else
|
||||
if [[ -n ${2:-} ]]; then
|
||||
CERTBOT_DIR=${2}
|
||||
shift
|
||||
else
|
||||
exit_with_error "${usage[@]}"
|
||||
fi
|
||||
fi
|
||||
|
||||
CERTBOT_DIR=$(
|
||||
realpath \
|
||||
--canonicalize-missing \
|
||||
--relative-base . \
|
||||
-- "${CERTBOT_DIR}"
|
||||
echo x
|
||||
)
|
||||
CERTBOT_DIR=${CERTBOT_DIR%??}
|
||||
shift
|
||||
;;
|
||||
-f | --force-update)
|
||||
if [[ ! -v FORCE_UPDATE ]]; then
|
||||
declare -glr FORCE_UPDATE=true
|
||||
fi
|
||||
shift
|
||||
;;
|
||||
-h | --help)
|
||||
echo >&2 "${usage[@]}"
|
||||
exit
|
||||
;;
|
||||
-n | --cert-name | --cert-name=?*)
|
||||
if [[ ${parameter} =~ --cert-name=(.+) ]]; then
|
||||
local cert_lineages_value=${BASH_REMATCH[1]}
|
||||
shift
|
||||
else
|
||||
if [[ -n ${2:-} ]]; then
|
||||
local cert_lineages_value=${2}
|
||||
shift 2
|
||||
else
|
||||
exit_with_error "${usage[@]}"
|
||||
fi
|
||||
fi
|
||||
|
||||
# Loop over any lineages passed in the same value of --cert-name.
|
||||
OLDIFS=${IFS}
|
||||
IFS=,
|
||||
declare -Ag CERT_LINEAGES
|
||||
# Check if a hardcoded OCSP responder was specified for this set of
|
||||
# lineages.
|
||||
case ${1:-} in
|
||||
-u | --ocsp-responder)
|
||||
if [[ -n ${2:-} ]]; then
|
||||
for lineage_name in ${cert_lineages_value}; do
|
||||
CERT_LINEAGES["${lineage_name}"]=${2}
|
||||
done
|
||||
shift
|
||||
else
|
||||
exit_with_error "${usage[@]}"
|
||||
fi
|
||||
shift
|
||||
;;
|
||||
--ocsp-responder=?*)
|
||||
[[ ${1} =~ --ocsp-responder=(.+) ]]
|
||||
for lineage_name in ${cert_lineages_value}; do
|
||||
CERT_LINEAGES["${lineage_name}"]=${BASH_REMATCH[1]}
|
||||
done
|
||||
shift
|
||||
;;
|
||||
*)
|
||||
# If no OCSP responder was specified, just save the lineage
|
||||
# name as the key, with an empty value.
|
||||
for lineage_name in ${cert_lineages_value}; do
|
||||
CERT_LINEAGES["${lineage_name}"]=
|
||||
done
|
||||
;;
|
||||
esac
|
||||
unset lineage_name cert_lineages_value
|
||||
IFS=${OLDIFS}
|
||||
;;
|
||||
-o | --output-dir | --output-dir=?*)
|
||||
if [[ -v OUTPUT_DIR ]]; then
|
||||
exit_with_error "${usage[@]}"
|
||||
fi
|
||||
|
||||
if [[ ${parameter} =~ --output-dir=(.+) ]]; then
|
||||
OUTPUT_DIR=${BASH_REMATCH[1]}
|
||||
else
|
||||
if [[ -n ${2:-} ]]; then
|
||||
OUTPUT_DIR=${2}
|
||||
shift
|
||||
else
|
||||
exit_with_error "${usage[@]}"
|
||||
fi
|
||||
fi
|
||||
|
||||
OUTPUT_DIR=$(
|
||||
realpath \
|
||||
--canonicalize-missing \
|
||||
--relative-base . \
|
||||
-- "${OUTPUT_DIR}"
|
||||
echo x
|
||||
)
|
||||
OUTPUT_DIR=${OUTPUT_DIR%??}
|
||||
shift
|
||||
;;
|
||||
-q | --quiet)
|
||||
if ((VERBOSITY != 1)); then
|
||||
exit_with_error "${verbosity_error[@]}"
|
||||
else
|
||||
readonly VERBOSITY=0
|
||||
shift
|
||||
fi
|
||||
;;
|
||||
-v | --verbose)
|
||||
if ((VERBOSITY == 0)); then
|
||||
exit_with_error "${verbosity_error[@]}"
|
||||
else
|
||||
VERBOSITY+=1
|
||||
shift
|
||||
fi
|
||||
;;
|
||||
-w | --no-reload-webserver)
|
||||
if [[ ! -v RELOAD_WEBSERVER ]]; then
|
||||
declare -glr RELOAD_WEBSERVER=false
|
||||
fi
|
||||
shift
|
||||
;;
|
||||
*)
|
||||
exit_with_error "${usage[@]}"
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
# When not parsed, the stdout and/or stderr output of all external commands
|
||||
# we call in the script is redirected to file descriptor 3. Depending on the
|
||||
# desired verbosity, we redirect this file descriptor to either stderr or to
|
||||
# /dev/null.
|
||||
if ((VERBOSITY >= 2)); then
|
||||
exec 3>&2
|
||||
else
|
||||
exec 3>/dev/null
|
||||
fi
|
||||
}
|
||||
|
||||
# Set output directory if necessary and check if it's writeable
|
||||
prepare_output_dir() {
|
||||
if [[ -v OUTPUT_DIR ]]; then
|
||||
if [[ ! -e ${OUTPUT_DIR} ]]; then
|
||||
# Don't yet fail if it's not possible to create the directory, so we can
|
||||
# exit with a custom error down below
|
||||
mkdir \
|
||||
--parents \
|
||||
-- "${OUTPUT_DIR}" || true
|
||||
fi
|
||||
else
|
||||
readonly OUTPUT_DIR=.
|
||||
fi
|
||||
|
||||
if [[ ! -w ${OUTPUT_DIR} ]]; then
|
||||
exit_with_error \
|
||||
error:$'\t\t'"no write access to output directory (\"${OUTPUT_DIR}\")"
|
||||
fi
|
||||
}
|
||||
|
||||
start_in_correct_mode() {
|
||||
# Create temporary directory to store OCSP staple file,
|
||||
# before having checked the certificate status in the response
|
||||
local temp_output_dir
|
||||
temp_output_dir=$(mktemp --directory)
|
||||
readonly temp_output_dir
|
||||
trap "rm -r -- ""${temp_output_dir}" EXIT
|
||||
|
||||
declare -A lineages_processed
|
||||
|
||||
# These two environment variables are set if this script is invoked by Certbot
|
||||
if [[ ! -v RENEWED_DOMAINS || ! -v RENEWED_LINEAGE ]]; then
|
||||
run_standalone
|
||||
else
|
||||
run_as_deploy_hook
|
||||
fi
|
||||
|
||||
print_and_handle_result
|
||||
}
|
||||
|
||||
# Run in "check one or all certificate lineage(s) managed by Certbot" mode
|
||||
# $1 - Path to temporary output directory
|
||||
run_standalone() {
|
||||
readonly CERTBOT_DIR=${CERTBOT_DIR:-/etc/letsencrypt}
|
||||
|
||||
if [[ ! -r ${CERTBOT_DIR} || (-d ${CERTBOT_DIR}/live && ! -r ${CERTBOT_DIR}/live) ]]; then
|
||||
exit_with_error \
|
||||
error:$'\t\t'"can't access ${CERTBOT_DIR}/live"
|
||||
fi
|
||||
|
||||
# Check specific lineage if passed on CLI,
|
||||
# or otherwise all lineages in Certbot's dir
|
||||
if [[ -v CERT_LINEAGES[@] ]]; then
|
||||
for lineage_name in "${!CERT_LINEAGES[@]}"; do
|
||||
if [[ -r ${CERTBOT_DIR}/live/${lineage_name} ]]; then
|
||||
fetch_ocsp_response \
|
||||
"--standalone" \
|
||||
"${temp_output_dir}" \
|
||||
"${lineage_name}" \
|
||||
"${CERT_LINEAGES["${lineage_name}"]}"
|
||||
else
|
||||
exit_with_error \
|
||||
"error:"$'\t\t'"can't access ${CERTBOT_DIR}/live/${lineage_name}"
|
||||
fi
|
||||
done
|
||||
else
|
||||
set +f
|
||||
shopt -s nullglob
|
||||
for lineage_dir in "${CERTBOT_DIR}"/live/*; do
|
||||
set -f
|
||||
|
||||
# Skip non-directories, like Certbot's README file
|
||||
[[ -d ${lineage_dir} ]] || continue
|
||||
|
||||
fetch_ocsp_response \
|
||||
"--standalone" "${temp_output_dir}" "${lineage_dir##*/}"
|
||||
done
|
||||
unset lineage_dir
|
||||
fi
|
||||
}
|
||||
|
||||
# Run in deploy-hook mode, only processing the passed lineage
|
||||
# $1 - Path to temporary output directory
|
||||
run_as_deploy_hook() {
|
||||
if [[ -v CERTBOT_DIR ]]; then
|
||||
# The directory is already inferred from the environment variable that
|
||||
# Certbot passes
|
||||
exit_with_error \
|
||||
error:$'\t\t'"-c/--certbot-dir cannot be passed" \
|
||||
"when run as Certbot hook"
|
||||
fi
|
||||
|
||||
if [[ -v FORCE_UPDATE ]]; then
|
||||
# When run as deploy hook the behavior of this flag is used by default.
|
||||
# Therefore passing this flag would not have any effect.
|
||||
exit_with_error \
|
||||
error:$'\t\t'"-f/--force-update cannot be passed" \
|
||||
"when run as Certbot hook"
|
||||
fi
|
||||
|
||||
if [[ -v CERT_LINEAGES[@] ]]; then
|
||||
# The certificate lineage is already inferred from the environment
|
||||
# variable that Certbot passes
|
||||
exit_with_error \
|
||||
error:$'\t\t'"-n/--cert-name cannot be passed when run as Certbot hook"
|
||||
fi
|
||||
|
||||
fetch_ocsp_response \
|
||||
--deploy_hook "${temp_output_dir}" "${RENEWED_LINEAGE##*/}"
|
||||
}
|
||||
|
||||
# Check if it's necessary to fetch a new OCSP response
|
||||
check_for_existing_ocsp_staple_file() {
|
||||
[[ -f ${OUTPUT_DIR}/${lineage_name}.der ]] || return 1
|
||||
|
||||
# Validate and verify the existing local OCSP staple file
|
||||
local existing_ocsp_response
|
||||
set +e
|
||||
existing_ocsp_response=$(openssl ocsp \
|
||||
-no_nonce \
|
||||
-issuer "${lineage_dir}/chain.pem" \
|
||||
-cert "${lineage_dir}/cert.pem" \
|
||||
-verify_other "${lineage_dir}/chain.pem" \
|
||||
-respin "${OUTPUT_DIR}/${lineage_name}.der" 2>&3)
|
||||
local -ir existing_ocsp_response_rc=${?}
|
||||
set -e
|
||||
readonly existing_ocsp_response
|
||||
|
||||
((existing_ocsp_response_rc == 0)) || return 1
|
||||
|
||||
for existing_ocsp_response_line in ${existing_ocsp_response}; do
|
||||
if [[ ${existing_ocsp_response_line} =~ ^[[:blank:]]*"This Update: "(.+)$ ]]; then
|
||||
local -r this_update=${BASH_REMATCH[1]}
|
||||
elif [[ ${existing_ocsp_response_line} =~ ^[[:blank:]]*"Next Update: "(.+)$ ]]; then
|
||||
local -r next_update=${BASH_REMATCH[1]}
|
||||
fi
|
||||
done
|
||||
[[ -n ${this_update:-} && -n ${next_update:-} ]] || return 1
|
||||
|
||||
# Only continue fetching OCSP response if existing response expires within
|
||||
# half of its lifetime.
|
||||
local -ri response_lifetime_in_seconds=$((\
|
||||
$(date +%s --date "${next_update}") - $(date +%s --date "${this_update}")))
|
||||
(($(date +%s) < \
|
||||
$(date +%s --date "${this_update}") + response_lifetime_in_seconds / 2)) || return 1
|
||||
}
|
||||
|
||||
# Generate file used by ssl_stapling_file in nginx config of websites
|
||||
# $1 - Whether to run as a deploy hook for Certbot, or standalone
|
||||
# $2 - Path to temporary output directory
|
||||
# $3 - Name of certificate lineage
|
||||
# $4 - OCSP endpoint (if specified on command line)
|
||||
fetch_ocsp_response() {
|
||||
local -r temp_output_dir=${2}
|
||||
local -r lineage_name=${3}
|
||||
case ${1} in
|
||||
--standalone)
|
||||
local -r lineage_dir=${CERTBOT_DIR}/live/${lineage_name}
|
||||
|
||||
if [[ ${FORCE_UPDATE:-} != true ]] &&
|
||||
check_for_existing_ocsp_staple_file; then
|
||||
lineages_processed["${lineage_name}"]="not updated"$'\t'"valid staple file on disk"
|
||||
return
|
||||
fi
|
||||
;;
|
||||
--deploy_hook)
|
||||
local -r lineage_dir=${RENEWED_LINEAGE}
|
||||
;;
|
||||
*)
|
||||
return 1
|
||||
;;
|
||||
esac
|
||||
shift 3
|
||||
|
||||
# Verify that the leaf certificate is still valid. If the certificate is
|
||||
# expired, we don't have to request a (new) OCSP response.
|
||||
local cert_expiry_output
|
||||
set +e
|
||||
cert_expiry_output=$(openssl x509 \
|
||||
-in "${lineage_dir}/cert.pem" \
|
||||
-checkend 0 \
|
||||
-noout 2>&3)
|
||||
local -ri cert_expiry_rc=${?}
|
||||
set -e
|
||||
if ((cert_expiry_rc != 0)); then
|
||||
ERROR_ENCOUNTERED=true
|
||||
lineages_processed["${lineage_name}"]="not updated"
|
||||
if [[ ${cert_expiry_output} == "Certificate will expire" ]]; then
|
||||
lineages_processed["${lineage_name}"]+=$'\t'"leaf certificate expired"
|
||||
fi
|
||||
return
|
||||
fi
|
||||
|
||||
local ocsp_endpoint
|
||||
if [[ -n ${1-} ]]; then
|
||||
ocsp_endpoint=${1}
|
||||
else
|
||||
ocsp_endpoint=$(openssl x509 \
|
||||
-noout \
|
||||
-ocsp_uri \
|
||||
-in "${lineage_dir}/cert.pem" \
|
||||
2>&3)
|
||||
fi
|
||||
|
||||
# Request, verify and temporarily save the actual OCSP response,
|
||||
# and check whether the certificate status is "good"
|
||||
local ocsp_call_output
|
||||
set +e
|
||||
ocsp_call_output=$(openssl ocsp \
|
||||
-no_nonce \
|
||||
-url "${ocsp_endpoint}" \
|
||||
-issuer "${lineage_dir}/chain.pem" \
|
||||
-cert "${lineage_dir}/cert.pem" \
|
||||
-verify_other "${lineage_dir}/chain.pem" \
|
||||
-respout "${temp_output_dir}/${lineage_name}.der" 2>&3)
|
||||
local -ir ocsp_call_rc=${?}
|
||||
set -e
|
||||
readonly ocsp_call_output=${ocsp_call_output#${lineage_dir}/cert.pem: }
|
||||
local -r cert_status=${ocsp_call_output%%$'\n'*}
|
||||
|
||||
if [[ ${ocsp_call_rc} != 0 || ${cert_status} != good ]]; then
|
||||
ERROR_ENCOUNTERED=true
|
||||
|
||||
lineages_processed["${lineage_name}"]="not updated"
|
||||
if ((VERBOSITY >= 2)); then
|
||||
lineages_processed["${lineage_name}"]+=$'\t'"${ocsp_call_output//[[:space:]]/ }"
|
||||
else
|
||||
lineages_processed["${lineage_name}"]+=$'\t'"${cert_status}"
|
||||
fi
|
||||
|
||||
return
|
||||
fi
|
||||
|
||||
# If arrived here status was good, so move OCSP staple file to definitive
|
||||
# folder
|
||||
mv "${temp_output_dir}/${lineage_name}.der" "${OUTPUT_DIR}/"
|
||||
|
||||
lineages_processed["${lineage_name}"]=updated
|
||||
}
|
||||
|
||||
print_and_handle_result() {
|
||||
local -r header=LINEAGE$'\t'RESULT$'\t'REASON
|
||||
|
||||
for lineage_name in "${!lineages_processed[@]}"; do
|
||||
local lineages_processed_formatted+=$'\n'"${lineage_name}"$'\t'"${lineages_processed["${lineage_name}"]}"
|
||||
done
|
||||
unset lineage_name
|
||||
lineages_processed_formatted=$(sort <<<"${lineages_processed_formatted:-}")
|
||||
readonly lineages_processed_formatted
|
||||
|
||||
if [[ ${RELOAD_WEBSERVER:-} != false ]]; then
|
||||
reload_webserver
|
||||
fi
|
||||
|
||||
local -r output=${header}${lineages_processed_formatted:-}${nginx_status-}
|
||||
|
||||
if ((VERBOSITY >= 1)); then
|
||||
if command -v column >&-; then
|
||||
column -ts$'\t' <<<"${output}"
|
||||
else
|
||||
# shellcheck disable=2016
|
||||
echo >&2 \
|
||||
'Install the BSD utility `column` for properly formatted output.'$'\n'
|
||||
echo "${output}"
|
||||
fi
|
||||
fi
|
||||
|
||||
[[ ${ERROR_ENCOUNTERED:-} != true ]]
|
||||
}
|
||||
|
||||
reload_webserver() {
|
||||
for lineage_name in "${!lineages_processed[@]}"; do
|
||||
if [[ ${lineages_processed["${lineage_name}"]} == updated ]]; then
|
||||
if nginx -s reload >&3 2>&1; then
|
||||
# The last line includes a leading space, to workaround the lack of the
|
||||
# `-n` flag in later versions of `column`.
|
||||
local -r nginx_status=$'\n\n \t'"nginx reloaded"
|
||||
else
|
||||
ERROR_ENCOUNTERED=true
|
||||
local -r nginx_status=$'\n\n \t'"nginx not reloaded"$'\t'"unable to reload nginx service, try manually"
|
||||
fi
|
||||
break
|
||||
fi
|
||||
done
|
||||
unset lineage_name
|
||||
}
|
||||
|
||||
main() {
|
||||
check_for_dependencies
|
||||
|
||||
parse_cli_arguments "${@}"
|
||||
|
||||
prepare_output_dir
|
||||
|
||||
start_in_correct_mode
|
||||
}
|
||||
|
||||
main "${@}"
|
13
certbot-ocsp-fetcher.service
Normal file
13
certbot-ocsp-fetcher.service
Normal file
@ -0,0 +1,13 @@
|
||||
[Unit]
|
||||
Description=Fetch OCSP responses for all certificates issued with Certbot
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
|
||||
# When systemd v244+ is available, this should be uncommented to enable retries
|
||||
# on failure.
|
||||
Restart=on-failure
|
||||
|
||||
User=root
|
||||
Group=root
|
||||
ExecStart=/usr/local/bin/certbot-ocsp-fetcher -o /etc/nginx/ocsp-cache
|
10
certbot-ocsp-fetcher.timer
Normal file
10
certbot-ocsp-fetcher.timer
Normal file
@ -0,0 +1,10 @@
|
||||
[Unit]
|
||||
Description=Nightly run certbot-ocsp-fetcher
|
||||
|
||||
[Timer]
|
||||
OnCalendar=*-*-* 01:00:00
|
||||
RandomizedDelaySec=21600
|
||||
Persistent=true
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
2
hosts
Normal file
2
hosts
Normal file
@ -0,0 +1,2 @@
|
||||
# Static table lookup for hostnames.
|
||||
# See hosts(5) for details.
|
36
local.conf
Normal file
36
local.conf
Normal file
@ -0,0 +1,36 @@
|
||||
net.ipv4.tcp_ecn = 1
|
||||
net.ipv4.tcp_slow_start_after_idle = 0
|
||||
net.ipv4.tcp_fin_timeout = 30
|
||||
net.ipv4.tcp_rfc1337 = 1
|
||||
net.ipv4.tcp_tw_reuse = 1
|
||||
|
||||
net.ipv4.tcp_max_syn_backlog = 4096
|
||||
|
||||
net.ipv4.ip_local_port_range = 1024 65535
|
||||
|
||||
net.ipv4.conf.all.send_redirects = 0
|
||||
net.ipv4.conf.default.send_redirects = 0
|
||||
net.ipv4.conf.all.accept_redirects = 0
|
||||
net.ipv4.conf.default.accept_redirects = 0
|
||||
|
||||
kernel.yama.ptrace_scope = 2
|
||||
|
||||
vm.mmap_rnd_bits = 32
|
||||
vm.mmap_rnd_compat_bits = 16
|
||||
|
||||
kernel.kptr_restrict = 2
|
||||
|
||||
kernel.unprivileged_bpf_disabled = 1
|
||||
net.core.bpf_jit_harden = 2
|
||||
|
||||
kernel.kexec_load_disabled = 1
|
||||
|
||||
kernel.pid_max = 4194304
|
||||
|
||||
fs.protected_regular = 2
|
||||
fs.protected_fifos = 2
|
||||
|
||||
kernel.panic = 10
|
||||
kernel.panic_on_oops = 1
|
||||
|
||||
dev.tty.ldisc_autoload = 0
|
755
mirrorlist
Normal file
755
mirrorlist
Normal file
@ -0,0 +1,755 @@
|
||||
##
|
||||
## Arch Linux repository mirrorlist
|
||||
## Generated on 2021-07-18
|
||||
##
|
||||
|
||||
## Worldwide
|
||||
#Server = http://mirrors.evowise.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch
|
||||
|
||||
## Australia
|
||||
#Server = https://mirror.aarnet.edu.au/pub/archlinux/$repo/os/$arch
|
||||
#Server = http://archlinux.mirror.digitalpacific.com.au/$repo/os/$arch
|
||||
#Server = https://archlinux.mirror.digitalpacific.com.au/$repo/os/$arch
|
||||
#Server = http://ftp.iinet.net.au/pub/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.internode.on.net/pub/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.launtel.net.au/repo/arch/$repo/os/$arch
|
||||
#Server = https://mirror.launtel.net.au/repo/arch/$repo/os/$arch
|
||||
#Server = http://arch.lucassymons.net/$repo/os/$arch
|
||||
#Server = https://arch.lucassymons.net/$repo/os/$arch
|
||||
#Server = http://syd.mirror.rackspace.com/archlinux/$repo/os/$arch
|
||||
#Server = https://syd.mirror.rackspace.com/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.swin.edu.au/archlinux/$repo/os/$arch
|
||||
|
||||
## Austria
|
||||
#Server = http://mirror.digitalnova.at/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.easyname.at/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.reisenbauer.ee/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.reisenbauer.ee/archlinux/$repo/os/$arch
|
||||
|
||||
## Bangladesh
|
||||
#Server = http://mirror.xeonbd.com/archlinux/$repo/os/$arch
|
||||
|
||||
## Belarus
|
||||
#Server = http://ftp.byfly.by/pub/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.datacenter.by/pub/archlinux/$repo/os/$arch
|
||||
|
||||
## Belgium
|
||||
#Server = http://archlinux.cu.be/$repo/os/$arch
|
||||
#Server = http://archlinux.mirror.kangaroot.net/$repo/os/$arch
|
||||
#Server = http://mirror.tiguinet.net/arch/$repo/os/$arch
|
||||
|
||||
## Bosnia and Herzegovina
|
||||
#Server = http://archlinux.mirror.ba/$repo/os/$arch
|
||||
|
||||
## Brazil
|
||||
#Server = http://br.mirror.archlinux-br.org/$repo/os/$arch
|
||||
#Server = http://archlinux.c3sl.ufpr.br/$repo/os/$arch
|
||||
#Server = http://www.caco.ic.unicamp.br/archlinux/$repo/os/$arch
|
||||
#Server = https://www.caco.ic.unicamp.br/archlinux/$repo/os/$arch
|
||||
#Server = http://linorg.usp.br/archlinux/$repo/os/$arch
|
||||
#Server = http://archlinux.pop-es.rnp.br/$repo/os/$arch
|
||||
#Server = http://mirror.ufam.edu.br/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.ufscar.br/archlinux/$repo/os/$arch
|
||||
|
||||
## Bulgaria
|
||||
#Server = https://mirror.darklinux.uk/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.host.ag/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.netix.net/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.telepoint.bg/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.telepoint.bg/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.uni-plovdiv.net/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.uni-plovdiv.net/archlinux/$repo/os/$arch
|
||||
|
||||
## Canada
|
||||
#Server = https://mirror.0xem.ma/arch/$repo/os/$arch
|
||||
#Server = http://mirror.cedille.club/archlinux/$repo/os/$arch
|
||||
#Server = http://archlinux.mirror.colo-serv.net/$repo/os/$arch
|
||||
#Server = http://mirror.csclub.uwaterloo.ca/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.csclub.uwaterloo.ca/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror2.evolution-host.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror2.evolution-host.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.its.dal.ca/archlinux/$repo/os/$arch
|
||||
#Server = http://muug.ca/mirror/archlinux/$repo/os/$arch
|
||||
#Server = https://muug.ca/mirror/archlinux/$repo/os/$arch
|
||||
#Server = http://arch.powerfly.ca/$repo/os/$arch
|
||||
#Server = https://arch.powerfly.ca/$repo/os/$arch
|
||||
#Server = http://archlinux.mirror.rafal.ca/$repo/os/$arch
|
||||
#Server = http://mirror.scd31.com/arch/$repo/os/$arch
|
||||
#Server = https://mirror.scd31.com/arch/$repo/os/$arch
|
||||
#Server = http://mirror.sergal.org/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.sergal.org/archlinux/$repo/os/$arch
|
||||
|
||||
## Chile
|
||||
#Server = http://mirror.anquan.cl/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.archlinux.cl/$repo/os/$arch
|
||||
#Server = http://mirror1.cl.netactuate.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror1.cl.netactuate.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.ufro.cl/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.ufro.cl/archlinux/$repo/os/$arch
|
||||
|
||||
## China
|
||||
#Server = http://mirrors.163.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.bfsu.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.bfsu.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.cqu.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.cqu.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.dgut.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.dgut.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.hit.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.hit.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.lzu.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.neusoft.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.neusoft.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.nju.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.nju.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.redrock.team/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.redrock.team/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.sjtug.sjtu.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.tuna.tsinghua.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.tuna.tsinghua.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.ustc.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.ustc.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.xjtu.edu.cn/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.zju.edu.cn/archlinux/$repo/os/$arch
|
||||
|
||||
## Colombia
|
||||
#Server = http://mirrors.udenar.edu.co/archlinux/$repo/os/$arch
|
||||
|
||||
## Croatia
|
||||
#Server = http://archlinux.iskon.hr/$repo/os/$arch
|
||||
|
||||
## Czechia
|
||||
#Server = http://mirror.dkm.cz/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.dkm.cz/archlinux/$repo/os/$arch
|
||||
#Server = https://europe.mirror.pkgbuild.com/$repo/os/$arch
|
||||
#Server = http://ftp.fi.muni.cz/pub/linux/arch/$repo/os/$arch
|
||||
#Server = http://ftp.linux.cz/pub/linux/arch/$repo/os/$arch
|
||||
#Server = http://gluttony.sin.cvut.cz/arch/$repo/os/$arch
|
||||
#Server = https://gluttony.sin.cvut.cz/arch/$repo/os/$arch
|
||||
#Server = http://mirrors.nic.cz/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.sh.cvut.cz/arch/$repo/os/$arch
|
||||
#Server = https://ftp.sh.cvut.cz/arch/$repo/os/$arch
|
||||
#Server = http://mirror.vpsfree.cz/archlinux/$repo/os/$arch
|
||||
|
||||
## Denmark
|
||||
#Server = http://mirrors.dotsrc.org/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.dotsrc.org/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.one.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.one.com/archlinux/$repo/os/$arch
|
||||
|
||||
## Ecuador
|
||||
#Server = http://mirror.cedia.org.ec/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.espoch.edu.ec/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.uta.edu.ec/archlinux/$repo/os/$arch
|
||||
|
||||
## Estonia
|
||||
#Server = http://mirror.cspacehostings.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.cspacehostings.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.xtom.ee/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.xtom.ee/archlinux/$repo/os/$arch
|
||||
|
||||
## Finland
|
||||
#Server = https://arch.mcstrugs.org/$repo/os/$arch
|
||||
#Server = http://mirror.arctic.lol/ArchMirror/$repo/os/$arch
|
||||
#Server = http://arch.mirror.far.fi/$repo/os/$arch
|
||||
#Server = http://mirror.hosthink.net/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.srv.fail/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.wuki.li/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.wuki.li/archlinux/$repo/os/$arch
|
||||
#Server = http://arch.yhtez.xyz/$repo/os/$arch
|
||||
#Server = https://arch.yhtez.xyz/$repo/os/$arch
|
||||
|
||||
## France
|
||||
#Server = http://archlinux.de-labrusse.fr/$repo/os/$arch
|
||||
#Server = http://mirror.archlinux.ikoula.com/archlinux/$repo/os/$arch
|
||||
#Server = https://archlinux.vi-di.fr/$repo/os/$arch
|
||||
#Server = http://archlinux.mirrors.benatherton.com/$repo/os/$arch
|
||||
#Server = http://mirror.cyberbits.eu/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.cyberbits.eu/archlinux/$repo/os/$arch
|
||||
#Server = http://archlinux.datagr.am/$repo/os/$arch
|
||||
#Server = https://mirrors.eric.ovh/arch/$repo/os/$arch
|
||||
#Server = http://mirror.ibcp.fr/pub/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.lastmikoi.net/archlinux/$repo/os/$arch
|
||||
#Server = https://arch-mirror.cloud.louifox.house/$repo/os/$arch
|
||||
#Server = http://archlinux.mailtunnel.eu/$repo/os/$arch
|
||||
#Server = https://archlinux.mailtunnel.eu/$repo/os/$arch
|
||||
#Server = http://mir.archlinux.fr/$repo/os/$arch
|
||||
#Server = http://mirrors.celianvdb.fr/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.celianvdb.fr/archlinux/$repo/os/$arch
|
||||
#Server = http://arch.nimukaito.net/$repo/os/$arch
|
||||
#Server = https://arch.nimukaito.net/$repo/os/$arch
|
||||
#Server = http://mirror.oldsql.cc/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.oldsql.cc/archlinux/$repo/os/$arch
|
||||
#Server = http://archlinux.mirrors.ovh.net/archlinux/$repo/os/$arch
|
||||
#Server = http://archlinux.polymorf.fr/$repo/os/$arch
|
||||
#Server = http://archlinux.rezopole.net/$repo/os/$arch
|
||||
#Server = https://mirrors.slaanesh.org/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.standaloneinstaller.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.sysa.tech/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.thekinrar.fr/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.u-strasbg.fr/linux/distributions/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.wormhole.eu/archlinux/$repo/os/$arch
|
||||
#Server = http://mirroir.wptheme.fr/archlinux/$repo/os/$arch
|
||||
#Server = https://mirroir.wptheme.fr/archlinux/$repo/os/$arch
|
||||
#Server = http://arch.yourlabs.org/$repo/os/$arch
|
||||
#Server = https://arch.yourlabs.org/$repo/os/$arch
|
||||
|
||||
## Georgia
|
||||
#Server = http://archlinux.grena.ge/$repo/os/$arch
|
||||
#Server = https://archlinux.grena.ge/$repo/os/$arch
|
||||
|
||||
## Germany
|
||||
#Server = http://mirror.23media.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.23media.com/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.agdsn.de/pub/mirrors/archlinux/$repo/os/$arch
|
||||
#Server = https://ftp.agdsn.de/pub/mirrors/archlinux/$repo/os/$arch
|
||||
#Server = https://appuals.com/archlinux/$repo/os/$arch
|
||||
#Server = http://artfiles.org/archlinux.org/$repo/os/$arch
|
||||
#Server = https://mirror.bethselamin.de/$repo/os/$arch
|
||||
#Server = http://mirror.chaoticum.net/arch/$repo/os/$arch
|
||||
#Server = https://mirror.chaoticum.net/arch/$repo/os/$arch
|
||||
#Server = http://mirror.checkdomain.de/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.checkdomain.de/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.clientvps.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.clientvps.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.dogado.de/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.f4st.host/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.f4st.host/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.fau.de/archlinux/$repo/os/$arch
|
||||
#Server = https://ftp.fau.de/archlinux/$repo/os/$arch
|
||||
#Server = https://pkg.fef.moe/archlinux/$repo/os/$arch
|
||||
#Server = https://dist-mirror.fem.tu-ilmenau.de/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.fsrv.services/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.fsrv.services/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.gnomus.de/$repo/os/$arch
|
||||
#Server = http://www.gutscheindrache.com/mirror/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.gwdg.de/pub/linux/archlinux/$repo/os/$arch
|
||||
#Server = http://archlinux.honkgong.info/$repo/os/$arch
|
||||
#Server = http://ftp.hosteurope.de/mirror/ftp.archlinux.org/$repo/os/$arch
|
||||
#Server = http://ftp-stud.hs-esslingen.de/pub/Mirrors/archlinux/$repo/os/$arch
|
||||
#Server = http://archlinux.mirror.iphh.net/$repo/os/$arch
|
||||
#Server = http://arch.jensgutermuth.de/$repo/os/$arch
|
||||
#Server = https://arch.jensgutermuth.de/$repo/os/$arch
|
||||
#Server = http://mirror.kumi.systems/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.kumi.systems/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.fra10.de.leaseweb.net/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.fra10.de.leaseweb.net/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.metalgamer.eu/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.metalgamer.eu/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.mikrogravitation.org/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.mikrogravitation.org/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.pkgbuild.com/$repo/os/$arch
|
||||
#Server = http://mirror.moson.org/arch/$repo/os/$arch
|
||||
#Server = https://mirror.moson.org/arch/$repo/os/$arch
|
||||
#Server = http://mirrors.n-ix.net/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.n-ix.net/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.netcologne.de/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.netcologne.de/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.niyawe.de/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.niyawe.de/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.orbit-os.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.orbit-os.com/archlinux/$repo/os/$arch
|
||||
#Server = http://packages.oth-regensburg.de/archlinux/$repo/os/$arch
|
||||
#Server = https://packages.oth-regensburg.de/archlinux/$repo/os/$arch
|
||||
#Server = http://phinau.de/arch/$repo/os/$arch
|
||||
#Server = https://phinau.de/arch/$repo/os/$arch
|
||||
#Server = https://mirror.pseudoform.org/$repo/os/$arch
|
||||
#Server = https://www.ratenzahlung.de/mirror/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.halifax.rwth-aachen.de/archlinux/$repo/os/$arch
|
||||
#Server = https://ftp.halifax.rwth-aachen.de/archlinux/$repo/os/$arch
|
||||
#Server = http://linux.rz.rub.de/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.satis-faction.de/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.satis-faction.de/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.selfnet.de/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.selfnet.de/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.spline.inf.fu-berlin.de/mirrors/archlinux/$repo/os/$arch
|
||||
#Server = https://ftp.spline.inf.fu-berlin.de/mirrors/archlinux/$repo/os/$arch
|
||||
#Server = http://archlinux.thaller.ws/$repo/os/$arch
|
||||
#Server = https://archlinux.thaller.ws/$repo/os/$arch
|
||||
#Server = http://ftp.tu-chemnitz.de/pub/linux/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.ubrco.de/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.ubrco.de/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.undisclose.de/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.undisclose.de/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.uni-bayreuth.de/linux/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.uni-hannover.de/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.uni-kl.de/pub/linux/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.united-gameserver.de/archlinux/$repo/os/$arch
|
||||
#Server = https://arch.unixpeople.org/$repo/os/$arch
|
||||
#Server = http://ftp.wrz.de/pub/archlinux/$repo/os/$arch
|
||||
#Server = https://ftp.wrz.de/pub/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.wtnet.de/arch/$repo/os/$arch
|
||||
#Server = https://mirror.wtnet.de/arch/$repo/os/$arch
|
||||
#Server = http://mirrors.xtom.de/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.xtom.de/archlinux/$repo/os/$arch
|
||||
#Server = http://arch.mirror.zachlge.org/$repo/os/$arch
|
||||
#Server = https://arch.mirror.zachlge.org/$repo/os/$arch
|
||||
|
||||
## Greece
|
||||
#Server = http://ftp.cc.uoc.gr/mirrors/linux/archlinux/$repo/os/$arch
|
||||
#Server = https://repo.greeklug.gr/data/pub/linux/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.myaegean.gr/linux/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.ntua.gr/pub/linux/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.otenet.gr/linux/archlinux/$repo/os/$arch
|
||||
|
||||
## Hong Kong
|
||||
#Server = https://asia.mirror.pkgbuild.com/$repo/os/$arch
|
||||
#Server = http://mirror-hk.koddos.net/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror-hk.koddos.net/archlinux/$repo/os/$arch
|
||||
#Server = http://hkg.mirror.rackspace.com/archlinux/$repo/os/$arch
|
||||
#Server = https://hkg.mirror.rackspace.com/archlinux/$repo/os/$arch
|
||||
#Server = https://arch-mirror.wtako.net/$repo/os/$arch
|
||||
#Server = http://mirror.xtom.com.hk/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.xtom.com.hk/archlinux/$repo/os/$arch
|
||||
|
||||
## Hungary
|
||||
#Server = http://ftp.ek-cer.hu/pub/mirrors/ftp.archlinux.org/$repo/os/$arch
|
||||
#Server = http://archmirror.hbit.sztaki.hu/archlinux/$repo/os/$arch
|
||||
#Server = http://nova.quantum-mirror.hu/mirrors/pub/archlinux/$repo/os/$arch
|
||||
#Server = http://quantum-mirror.hu/mirrors/pub/archlinux/$repo/os/$arch
|
||||
#Server = http://super.quantum-mirror.hu/mirrors/pub/archlinux/$repo/os/$arch
|
||||
#Server = https://nova.quantum-mirror.hu/mirrors/pub/archlinux/$repo/os/$arch
|
||||
#Server = https://quantum-mirror.hu/mirrors/pub/archlinux/$repo/os/$arch
|
||||
#Server = https://super.quantum-mirror.hu/mirrors/pub/archlinux/$repo/os/$arch
|
||||
|
||||
## Iceland
|
||||
#Server = http://mirror.system.is/arch/$repo/os/$arch
|
||||
#Server = https://mirror.system.is/arch/$repo/os/$arch
|
||||
|
||||
## India
|
||||
#Server = http://mirror.cse.iitk.ac.in/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.piconets.webwerks.in/archlinux-mirror/$repo/os/$arch
|
||||
#Server = https://mirrors.piconets.webwerks.in/archlinux-mirror/$repo/os/$arch
|
||||
|
||||
## Indonesia
|
||||
#Server = http://mirror.cloudweeb.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.faizuladib.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.gi.co.id/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.gi.co.id/archlinux/$repo/os/$arch
|
||||
#Server = http://vpsmurah.jagoanhosting.com/archlinux/$repo/os/$arch
|
||||
#Server = https://vpsmurah.jagoanhosting.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.labkom.id/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.papua.go.id/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.papua.go.id/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.poliwangi.ac.id/archlinux/$repo/os/$arch
|
||||
#Server = http://suro.ubaya.ac.id/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.telkomuniversity.ac.id/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.telkomuniversity.ac.id/archlinux/$repo/os/$arch
|
||||
|
||||
## Iran
|
||||
#Server = http://mirror.hostiran.ir/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.hostiran.ir/archlinux/$repo/os/$arch
|
||||
#Server = http://repo.iut.ac.ir/repo/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.nak-mci.ir/arch/$repo/os/$arch
|
||||
#Server = http://mirror.rasanegar.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.rasanegar.com/archlinux/$repo/os/$arch
|
||||
|
||||
## Ireland
|
||||
#Server = http://ftp.heanet.ie/mirrors/ftp.archlinux.org/$repo/os/$arch
|
||||
#Server = https://ftp.heanet.ie/mirrors/ftp.archlinux.org/$repo/os/$arch
|
||||
|
||||
## Israel
|
||||
#Server = http://mirror.isoc.org.il/pub/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.isoc.org.il/pub/archlinux/$repo/os/$arch
|
||||
#Server = https://archlinux.mivzakim.net/$repo/os/$arch
|
||||
|
||||
## Italy
|
||||
#Server = https://archmirror.it/repos/$repo/os/$arch
|
||||
#Server = http://archlinux.mirror.garr.it/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.prometeus.net/archlinux/$repo/os/$arch
|
||||
#Server = http://archlinux.mirror.server24.net/$repo/os/$arch
|
||||
#Server = https://archlinux.mirror.server24.net/$repo/os/$arch
|
||||
|
||||
## Japan
|
||||
#Server = http://mirrors.cat.net/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.cat.net/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.tsukuba.wide.ad.jp/Linux/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.jaist.ac.jp/pub/Linux/ArchLinux/$repo/os/$arch
|
||||
#Server = https://ftp.jaist.ac.jp/pub/Linux/ArchLinux/$repo/os/$arch
|
||||
|
||||
## Kazakhstan
|
||||
#Server = http://mirror.hoster.kz/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.hoster.kz/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.ps.kz/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.ps.kz/archlinux/$repo/os/$arch
|
||||
|
||||
## Kenya
|
||||
#Server = http://archlinux.mirror.liquidtelecom.com/$repo/os/$arch
|
||||
#Server = https://archlinux.mirror.liquidtelecom.com/$repo/os/$arch
|
||||
|
||||
## Latvia
|
||||
#Server = http://archlinux.koyanet.lv/archlinux/$repo/os/$arch
|
||||
#Server = https://archlinux.koyanet.lv/archlinux/$repo/os/$arch
|
||||
|
||||
## Lithuania
|
||||
#Server = http://mirrors.atviras.lt/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.atviras.lt/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.ims.nksc.lt/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.ims.nksc.lt/archlinux/$repo/os/$arch
|
||||
|
||||
## Luxembourg
|
||||
#Server = http://archlinux.mirror.root.lu/$repo/os/$arch
|
||||
|
||||
## Mexico
|
||||
#Server = https://arch.mirror.jsc.mx/$repo/os/$arch
|
||||
|
||||
## Moldova
|
||||
#Server = http://mirror.ihost.md/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.ihost.md/archlinux/$repo/os/$arch
|
||||
|
||||
## Monaco
|
||||
#Server = http://archlinux.qontinuum.space/$repo/os/$arch
|
||||
#Server = https://archlinux.qontinuum.space:4443/$repo/os/$arch
|
||||
|
||||
## Netherlands
|
||||
#Server = https://archlinux.beccacervello.it/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.cj2.nl/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.cj2.nl/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.daan.vodka/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.erickochen.nl/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.erickochen.nl/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.i3d.net/pub/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.i3d.net/pub/archlinux/$repo/os/$arch
|
||||
#Server = https://arch.jeweet.net/$repo/os/$arch
|
||||
#Server = http://mirror.koddos.net/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.koddos.net/archlinux/$repo/os/$arch
|
||||
#Server = http://arch.mirrors.lavatech.top/$repo/os/$arch
|
||||
#Server = https://arch.mirrors.lavatech.top/$repo/os/$arch
|
||||
#Server = http://mirror.ams1.nl.leaseweb.net/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.ams1.nl.leaseweb.net/archlinux/$repo/os/$arch
|
||||
#Server = http://archlinux.mirror.liteserver.nl/$repo/os/$arch
|
||||
#Server = https://archlinux.mirror.liteserver.nl/$repo/os/$arch
|
||||
#Server = http://mirror.lyrahosting.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.lyrahosting.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.mijn.host/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.mijn.host/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.neostrada.nl/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.neostrada.nl/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.nluug.nl/os/Linux/distr/archlinux/$repo/os/$arch
|
||||
#Server = http://archlinux.mirror.pcextreme.nl/$repo/os/$arch
|
||||
#Server = https://archlinux.mirror.pcextreme.nl/$repo/os/$arch
|
||||
#Server = http://mirror.serverion.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.serverion.com/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.snt.utwente.nl/pub/os/linux/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.tarellia.net/distr/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.tarellia.net/distr/archlinux/$repo/os/$arch
|
||||
#Server = http://archlinux.mirror.wearetriple.com/$repo/os/$arch
|
||||
#Server = https://archlinux.mirror.wearetriple.com/$repo/os/$arch
|
||||
#Server = http://mirror-archlinux.webruimtehosting.nl/$repo/os/$arch
|
||||
#Server = https://mirror-archlinux.webruimtehosting.nl/$repo/os/$arch
|
||||
#Server = http://mirrors.xtom.nl/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.xtom.nl/archlinux/$repo/os/$arch
|
||||
|
||||
## New Caledonia
|
||||
#Server = http://mirror.lagoon.nc/pub/archlinux/$repo/os/$arch
|
||||
#Server = http://archlinux.nautile.nc/archlinux/$repo/os/$arch
|
||||
#Server = https://archlinux.nautile.nc/archlinux/$repo/os/$arch
|
||||
|
||||
## New Zealand
|
||||
#Server = http://mirror.2degrees.nz/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.2degrees.nz/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.fsmg.org.nz/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.fsmg.org.nz/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.smith.geek.nz/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.smith.geek.nz/archlinux/$repo/os/$arch
|
||||
|
||||
## North Macedonia
|
||||
#Server = http://arch.softver.org.mk/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.onevip.mk/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.t-home.mk/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.t-home.mk/archlinux/$repo/os/$arch
|
||||
|
||||
## Norway
|
||||
#Server = http://mirror.archlinux.no/$repo/os/$arch
|
||||
#Server = https://mirror.archlinux.no/$repo/os/$arch
|
||||
#Server = http://archlinux.uib.no/$repo/os/$arch
|
||||
#Server = http://mirror.neuf.no/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.neuf.no/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.terrahost.no/linux/archlinux/$repo/os/$arch
|
||||
|
||||
## Pakistan
|
||||
#Server = http://repo.inara.pk/archlinux/$repo/os/$arch
|
||||
#Server = https://repo.inara.pk/archlinux/$repo/os/$arch
|
||||
|
||||
## Paraguay
|
||||
#Server = http://archlinux.mirror.py/archlinux/$repo/os/$arch
|
||||
|
||||
## Poland
|
||||
#Server = http://ftp.icm.edu.pl/pub/Linux/dist/archlinux/$repo/os/$arch
|
||||
#Server = https://ftp.icm.edu.pl/pub/Linux/dist/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.juniorjpdj.pl/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.juniorjpdj.pl/archlinux/$repo/os/$arch
|
||||
#Server = http://arch.midov.pl/arch/$repo/os/$arch
|
||||
#Server = https://arch.midov.pl/arch/$repo/os/$arch
|
||||
#Server = http://arch.nixlab.pl/$repo/os/$arch
|
||||
#Server = https://arch.nixlab.pl/$repo/os/$arch
|
||||
#Server = http://mirror.onet.pl/pub/mirrors/archlinux/$repo/os/$arch
|
||||
#Server = http://piotrkosoft.net/pub/mirrors/ftp.archlinux.org/$repo/os/$arch
|
||||
#Server = http://mirror.sfinae.tech/pub/mirrors/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.sfinae.tech/pub/mirrors/archlinux/$repo/os/$arch
|
||||
#Server = http://repo.skni.umcs.pl/archlinux/$repo/os/$arch
|
||||
#Server = https://repo.skni.umcs.pl/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.vectranet.pl/archlinux/$repo/os/$arch
|
||||
|
||||
## Portugal
|
||||
#Server = http://glua.ua.pt/pub/archlinux/$repo/os/$arch
|
||||
#Server = https://glua.ua.pt/pub/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.rnl.tecnico.ulisboa.pt/pub/archlinux/$repo/os/$arch
|
||||
#Server = https://ftp.rnl.tecnico.ulisboa.pt/pub/archlinux/$repo/os/$arch
|
||||
|
||||
## Romania
|
||||
#Server = http://mirrors.chroot.ro/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.chroot.ro/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.efect.ro/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.efect.ro/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.go.ro/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.go.ro/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.hostico.ro/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.hostico.ro/archlinux/$repo/os/$arch
|
||||
#Server = http://archlinux.mirrors.linux.ro/$repo/os/$arch
|
||||
#Server = http://mirrors.m247.ro/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.nav.ro/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.nxthost.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.nxthost.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.pidginhost.com/arch/$repo/os/$arch
|
||||
#Server = https://mirrors.pidginhost.com/arch/$repo/os/$arch
|
||||
|
||||
## Russia
|
||||
#Server = http://mirror.surf/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.surf/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.nw-sys.ru/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.nw-sys.ru/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.powernet.com.ru/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.rol.ru/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.rol.ru/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.truenetwork.ru/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.truenetwork.ru/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.yandex.ru/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.yandex.ru/archlinux/$repo/os/$arch
|
||||
#Server = http://archlinux.zepto.cloud/$repo/os/$arch
|
||||
|
||||
## Serbia
|
||||
#Server = http://arch.petarmaric.com/$repo/os/$arch
|
||||
#Server = http://mirror.pmf.kg.ac.rs/archlinux/$repo/os/$arch
|
||||
|
||||
## Singapore
|
||||
#Server = http://mirror.0x.sg/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.0x.sg/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.aktkn.sg/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.aktkn.sg/archlinux/$repo/os/$arch
|
||||
#Server = https://download.nus.edu.sg/mirror/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.guillaumea.fr/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.guillaumea.fr/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.nus.edu.sg/archlinux/$repo/os/$arch
|
||||
|
||||
## Slovakia
|
||||
#Server = http://mirror.lnx.sk/pub/linux/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.lnx.sk/pub/linux/archlinux/$repo/os/$arch
|
||||
#Server = http://tux.rainside.sk/archlinux/$repo/os/$arch
|
||||
|
||||
## Slovenia
|
||||
#Server = http://archimonde.ts.si/archlinux/$repo/os/$arch
|
||||
#Server = https://archimonde.ts.si/archlinux/$repo/os/$arch
|
||||
|
||||
## South Africa
|
||||
#Server = http://archlinux.za.mirror.allworldit.com/archlinux/$repo/os/$arch
|
||||
#Server = https://archlinux.za.mirror.allworldit.com/archlinux/$repo/os/$arch
|
||||
#Server = http://za.mirror.archlinux-br.org/$repo/os/$arch
|
||||
#Server = http://mirror.is.co.za/mirror/archlinux.org/$repo/os/$arch
|
||||
#Server = http://arch.opnmirror.co.za/$repo/os/$arch
|
||||
#Server = https://arch.opnmirror.co.za/$repo/os/$arch
|
||||
#Server = http://mirrors.urbanwave.co.za/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.urbanwave.co.za/archlinux/$repo/os/$arch
|
||||
|
||||
## South Korea
|
||||
#Server = http://mirror.anigil.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.anigil.com/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.harukasan.org/archlinux/$repo/os/$arch
|
||||
#Server = https://ftp.harukasan.org/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.lanet.kr/pub/archlinux/$repo/os/$arch
|
||||
#Server = https://ftp.lanet.kr/pub/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.premi.st/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.premi.st/archlinux/$repo/os/$arch
|
||||
|
||||
## Spain
|
||||
#Server = https://mirror.cloroformo.org/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.librelabucm.org/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.librelabucm.org/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.rediris.es/mirror/archlinux/$repo/os/$arch
|
||||
#Server = http://sharing.thelinuxsect.com/archlinux/$repo/os/$arch
|
||||
|
||||
## Sweden
|
||||
#Server = http://ftp.acc.umu.se/mirror/archlinux/$repo/os/$arch
|
||||
#Server = https://ftp.acc.umu.se/mirror/archlinux/$repo/os/$arch
|
||||
#Server = http://ftpmirror.infania.net/mirror/archlinux/$repo/os/$arch
|
||||
#Server = https://ftp.ludd.ltu.se/mirrors/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.lysator.liu.se/pub/archlinux/$repo/os/$arch
|
||||
#Server = https://ftp.lysator.liu.se/pub/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.myrveln.se/pub/linux/archlinux/$repo/os/$arch
|
||||
#Server = https://ftp.myrveln.se/pub/linux/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.osbeck.com/archlinux/$repo/os/$arch
|
||||
#Server = http://tedwall.se/archlinux/$repo/os/$arch
|
||||
#Server = https://tedwall.se/archlinux/$repo/os/$arch
|
||||
|
||||
## Switzerland
|
||||
#Server = http://pkg.adfinis.com/archlinux/$repo/os/$arch
|
||||
#Server = https://pkg.adfinis.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.init7.net/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.init7.net/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.puzzle.ch/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.puzzle.ch/archlinux/$repo/os/$arch
|
||||
#Server = https://theswissbay.ch/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.ungleich.ch/mirror/packages/archlinux/$repo/os/$arch
|
||||
|
||||
## Taiwan
|
||||
#Server = http://archlinux.ccns.ncku.edu.tw/archlinux/$repo/os/$arch
|
||||
#Server = http://free.nchc.org.tw/arch/$repo/os/$arch
|
||||
#Server = https://free.nchc.org.tw/arch/$repo/os/$arch
|
||||
#Server = http://archlinux.cs.nctu.edu.tw/$repo/os/$arch
|
||||
#Server = http://shadow.ind.ntou.edu.tw/archlinux/$repo/os/$arch
|
||||
#Server = https://shadow.ind.ntou.edu.tw/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.tku.edu.tw/Linux/ArchLinux/$repo/os/$arch
|
||||
#Server = http://ftp.yzu.edu.tw/Linux/archlinux/$repo/os/$arch
|
||||
#Server = https://ftp.yzu.edu.tw/Linux/archlinux/$repo/os/$arch
|
||||
|
||||
## Thailand
|
||||
#Server = https://mirror.cyberbits.asia/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.kku.ac.th/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.kku.ac.th/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror2.totbb.net/archlinux/$repo/os/$arch
|
||||
|
||||
## Turkey
|
||||
#Server = http://ftp.linux.org.tr/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.veriteknik.net.tr/archlinux/$repo/os/$arch
|
||||
|
||||
## Ukraine
|
||||
#Server = http://archlinux.ip-connect.vn.ua/$repo/os/$arch
|
||||
#Server = https://archlinux.ip-connect.vn.ua/$repo/os/$arch
|
||||
#Server = http://mirror.mirohost.net/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.mirohost.net/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.nix.org.ua/linux/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.nix.org.ua/linux/archlinux/$repo/os/$arch
|
||||
|
||||
## United Kingdom
|
||||
#Server = http://archlinux.uk.mirror.allworldit.com/archlinux/$repo/os/$arch
|
||||
#Server = https://archlinux.uk.mirror.allworldit.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.bytemark.co.uk/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.bytemark.co.uk/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.gethosted.online/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.gethosted.online/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.manchester.m247.com/arch-linux/$repo/os/$arch
|
||||
#Server = http://mirrors.melbourne.co.uk/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.melbourne.co.uk/archlinux/$repo/os/$arch
|
||||
#Server = http://www.mirrorservice.org/sites/ftp.archlinux.org/$repo/os/$arch
|
||||
#Server = https://www.mirrorservice.org/sites/ftp.archlinux.org/$repo/os/$arch
|
||||
#Server = http://mirror.netweaver.uk/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.netweaver.uk/archlinux/$repo/os/$arch
|
||||
#Server = http://lon.mirror.rackspace.com/archlinux/$repo/os/$arch
|
||||
#Server = https://lon.mirror.rackspace.com/archlinux/$repo/os/$arch
|
||||
#Server = http://arch.serverspace.co.uk/arch/$repo/os/$arch
|
||||
#Server = http://archlinux.mirrors.uk2.net/$repo/os/$arch
|
||||
#Server = http://mirrors.ukfast.co.uk/sites/archlinux.org/$repo/os/$arch
|
||||
#Server = https://mirrors.ukfast.co.uk/sites/archlinux.org/$repo/os/$arch
|
||||
|
||||
## United States
|
||||
#Server = http://mirrors.acm.wpi.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.advancedhosters.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.aggregate.org/archlinux/$repo/os/$arch
|
||||
#Server = https://america.mirror.pkgbuild.com/$repo/os/$arch
|
||||
#Server = http://ca.us.mirror.archlinux-br.org/$repo/os/$arch
|
||||
#Server = http://il.us.mirror.archlinux-br.org/$repo/os/$arch
|
||||
#Server = http://mirror.arizona.edu/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.arizona.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://arlm.tyzoid.com/$repo/os/$arch
|
||||
#Server = https://arlm.tyzoid.com/$repo/os/$arch
|
||||
#Server = https://mirror.ava.dev/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.cat.pdx.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.cc.columbia.edu/pub/linux/archlinux/$repo/os/$arch
|
||||
#Server = http://arch.mirror.constant.com/$repo/os/$arch
|
||||
#Server = https://arch.mirror.constant.com/$repo/os/$arch
|
||||
#Server = http://mirror.cs.pitt.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.cs.vt.edu/pub/ArchLinux/$repo/os/$arch
|
||||
#Server = http://mirror.cybersecurity.nmt.edu/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.cybersecurity.nmt.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://distro.ibiblio.org/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.es.its.nyu.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.ette.biz/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.ette.biz/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.gigenet.com/archlinux/$repo/os/$arch
|
||||
#Server = http://www.gtlib.gatech.edu/pub/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.hackingand.coffee/arch/$repo/os/$arch
|
||||
#Server = https://mirror.hackingand.coffee/arch/$repo/os/$arch
|
||||
#Server = https://mirror.hodgepodge.dev/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.hostup.org/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.hostup.org/archlinux/$repo/os/$arch
|
||||
#Server = http://arch.hu.fo/archlinux/$repo/os/$arch
|
||||
#Server = https://arch.hu.fo/archlinux/$repo/os/$arch
|
||||
#Server = http://repo.ialab.dsu.edu/archlinux/$repo/os/$arch
|
||||
#Server = https://repo.ialab.dsu.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.kernel.org/archlinux/$repo/os/$arch
|
||||
Server = https://mirrors.kernel.org/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.dal10.us.leaseweb.net/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.mia11.us.leaseweb.net/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.sfo12.us.leaseweb.net/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.wdc1.us.leaseweb.net/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.dal10.us.leaseweb.net/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.mia11.us.leaseweb.net/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.sfo12.us.leaseweb.net/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.wdc1.us.leaseweb.net/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.liquidweb.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.lty.me/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.lty.me/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.lug.mtu.edu/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.lug.mtu.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.math.princeton.edu/pub/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.metrocast.net/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.kaminski.io/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.kaminski.io/archlinux/$repo/os/$arch
|
||||
#Server = http://iad.mirrors.misaka.one/archlinux/$repo/os/$arch
|
||||
#Server = https://iad.mirrors.misaka.one/archlinux/$repo/os/$arch
|
||||
#Server = http://repo.miserver.it.umich.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.mit.edu/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.mit.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.ocf.berkeley.edu/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.ocf.berkeley.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://archmirror1.octyl.net/$repo/os/$arch
|
||||
#Server = https://archmirror1.octyl.net/$repo/os/$arch
|
||||
#Server = http://ftp.osuosl.org/pub/archlinux/$repo/os/$arch
|
||||
#Server = http://arch.mirrors.pair.com/$repo/os/$arch
|
||||
#Server = http://dfw.mirror.rackspace.com/archlinux/$repo/os/$arch
|
||||
#Server = http://iad.mirror.rackspace.com/archlinux/$repo/os/$arch
|
||||
#Server = http://ord.mirror.rackspace.com/archlinux/$repo/os/$arch
|
||||
#Server = https://dfw.mirror.rackspace.com/archlinux/$repo/os/$arch
|
||||
#Server = https://iad.mirror.rackspace.com/archlinux/$repo/os/$arch
|
||||
#Server = https://ord.mirror.rackspace.com/archlinux/$repo/os/$arch
|
||||
#Server = http://plug-mirror.rcac.purdue.edu/archlinux/$repo/os/$arch
|
||||
#Server = https://plug-mirror.rcac.purdue.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.rit.edu/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.rit.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.rutgers.edu/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.rutgers.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.siena.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.sonic.net/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.sonic.net/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.phx1.us.spryservers.net/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.phx1.us.spryservers.net/archlinux/$repo/os/$arch
|
||||
#Server = http://arch.mirror.square-r00t.net/$repo/os/$arch
|
||||
#Server = https://arch.mirror.square-r00t.net/$repo/os/$arch
|
||||
#Server = http://mirror.stephen304.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.stephen304.com/archlinux/$repo/os/$arch
|
||||
#Server = http://ftp.sudhip.com/archlinux/$repo/os/$arch
|
||||
#Server = https://ftp.sudhip.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.pit.teraswitch.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirror.pit.teraswitch.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.umd.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.vtti.vt.edu/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.xmission.com/archlinux/$repo/os/$arch
|
||||
#Server = http://mirrors.xtom.com/archlinux/$repo/os/$arch
|
||||
#Server = https://mirrors.xtom.com/archlinux/$repo/os/$arch
|
||||
#Server = https://zxcvfdsa.com/arch/$repo/os/$arch
|
||||
|
||||
## Vietnam
|
||||
#Server = http://f.archlinuxvn.org/archlinux/$repo/os/$arch
|
||||
#Server = http://mirror.bizflycloud.vn/archlinux/$repo/os/$arch
|
45
pacman.conf
Normal file
45
pacman.conf
Normal file
@ -0,0 +1,45 @@
|
||||
[options]
|
||||
# The following paths are commented out with their default values listed.
|
||||
# If you wish to use different paths, uncomment and update the paths.
|
||||
#RootDir = /
|
||||
#DBPath = /var/lib/pacman/
|
||||
#CacheDir = /var/cache/pacman/pkg/
|
||||
LogFile = /dev/null
|
||||
#GPGDir = /etc/pacman.d/gnupg/
|
||||
#HookDir = /etc/pacman.d/hooks/
|
||||
HoldPkg = pacman glibc
|
||||
#XferCommand = /usr/bin/curl -L -C - -f -o %o %u
|
||||
#XferCommand = /usr/bin/wget --passive-ftp -c -O %o %u
|
||||
#CleanMethod = KeepInstalled
|
||||
Architecture = auto
|
||||
|
||||
# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup
|
||||
#IgnorePkg =
|
||||
#IgnoreGroup =
|
||||
|
||||
#NoUpgrade =
|
||||
#NoExtract =
|
||||
|
||||
# Misc options
|
||||
UseSyslog
|
||||
Color
|
||||
#NoProgressBar
|
||||
CheckSpace
|
||||
VerbosePkgLists
|
||||
#ParallelDownloads = 5
|
||||
ILoveCandy
|
||||
|
||||
# By default, pacman accepts packages signed by keys that its local keyring
|
||||
# trusts (see pacman-key and its man page), as well as unsigned packages.
|
||||
SigLevel = Required DatabaseOptional
|
||||
LocalFileSigLevel = Optional
|
||||
#RemoteFileSigLevel = Required
|
||||
|
||||
[core]
|
||||
Include = /etc/pacman.d/mirrorlist
|
||||
|
||||
[extra]
|
||||
Include = /etc/pacman.d/mirrorlist
|
||||
|
||||
[community]
|
||||
Include = /etc/pacman.d/mirrorlist
|
119
sshd_config
Normal file
119
sshd_config
Normal file
@ -0,0 +1,119 @@
|
||||
# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
|
||||
|
||||
# This is the sshd server system-wide configuration file. See
|
||||
# sshd_config(5) for more information.
|
||||
|
||||
# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/bin
|
||||
|
||||
# The strategy used for options in the default sshd_config shipped with
|
||||
# OpenSSH is to specify options with their default value where
|
||||
# possible, but leave them commented. Uncommented options override the
|
||||
# default value.
|
||||
|
||||
#Port 22
|
||||
#AddressFamily any
|
||||
#ListenAddress 0.0.0.0
|
||||
#ListenAddress ::
|
||||
|
||||
HostKey /etc/ssh/ssh_host_ed25519_key
|
||||
HostKeyAlgorithms ssh-ed25519
|
||||
KexAlgorithms curve25519-sha256
|
||||
PubkeyAcceptedKeyTypes ssh-ed25519
|
||||
Ciphers chacha20-poly1305@openssh.com,aes128-gcm@openssh.com,aes256-gcm@openssh.com
|
||||
MACs hmac-sha2-512-etm@openssh.com
|
||||
|
||||
# Ciphers and keying
|
||||
#RekeyLimit default none
|
||||
|
||||
# Logging
|
||||
#SyslogFacility AUTH
|
||||
#LogLevel INFO
|
||||
|
||||
# Authentication:
|
||||
|
||||
#LoginGraceTime 2m
|
||||
#PermitRootLogin prohibit-password
|
||||
#StrictModes yes
|
||||
#MaxAuthTries 6
|
||||
#MaxSessions 10
|
||||
|
||||
#PubkeyAuthentication yes
|
||||
|
||||
# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
|
||||
# but this is overridden so installations will only check .ssh/authorized_keys
|
||||
AuthorizedKeysFile .ssh/authorized_keys
|
||||
|
||||
#AuthorizedPrincipalsFile none
|
||||
|
||||
#AuthorizedKeysCommand none
|
||||
#AuthorizedKeysCommandUser nobody
|
||||
|
||||
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
|
||||
#HostbasedAuthentication no
|
||||
# Change to yes if you don't trust ~/.ssh/known_hosts for
|
||||
# HostbasedAuthentication
|
||||
#IgnoreUserKnownHosts no
|
||||
# Don't read the user's ~/.rhosts and ~/.shosts files
|
||||
#IgnoreRhosts yes
|
||||
|
||||
# To disable tunneled clear text passwords, change to no here!
|
||||
PasswordAuthentication no
|
||||
#PermitEmptyPasswords no
|
||||
|
||||
# Change to no to disable s/key passwords
|
||||
ChallengeResponseAuthentication no
|
||||
|
||||
# Kerberos options
|
||||
#KerberosAuthentication no
|
||||
#KerberosOrLocalPasswd yes
|
||||
#KerberosTicketCleanup yes
|
||||
#KerberosGetAFSToken no
|
||||
|
||||
# GSSAPI options
|
||||
#GSSAPIAuthentication no
|
||||
#GSSAPICleanupCredentials yes
|
||||
|
||||
# Set this to 'yes' to enable PAM authentication, account processing,
|
||||
# and session processing. If this is enabled, PAM authentication will
|
||||
# be allowed through the ChallengeResponseAuthentication and
|
||||
# PasswordAuthentication. Depending on your PAM configuration,
|
||||
# PAM authentication via ChallengeResponseAuthentication may bypass
|
||||
# the setting of "PermitRootLogin without-password".
|
||||
# If you just want the PAM account and session checks to run without
|
||||
# PAM authentication, then enable this but set PasswordAuthentication
|
||||
# and ChallengeResponseAuthentication to 'no'.
|
||||
UsePAM yes
|
||||
|
||||
#AllowAgentForwarding yes
|
||||
#AllowTcpForwarding yes
|
||||
#GatewayPorts no
|
||||
#X11Forwarding no
|
||||
#X11DisplayOffset 10
|
||||
#X11UseLocalhost yes
|
||||
#PermitTTY yes
|
||||
PrintMotd no # pam does that
|
||||
#PrintLastLog yes
|
||||
#TCPKeepAlive yes
|
||||
#PermitUserEnvironment no
|
||||
#Compression delayed
|
||||
#ClientAliveInterval 0
|
||||
#ClientAliveCountMax 3
|
||||
#UseDNS no
|
||||
#PidFile /run/sshd.pid
|
||||
#MaxStartups 10:30:100
|
||||
#PermitTunnel no
|
||||
#ChrootDirectory none
|
||||
#VersionAddendum none
|
||||
|
||||
# no default banner path
|
||||
#Banner none
|
||||
|
||||
# override default of no subsystems
|
||||
Subsystem sftp /usr/lib/ssh/sftp-server
|
||||
|
||||
# Example of overriding settings on a per-user basis
|
||||
#Match User anoncvs
|
||||
# X11Forwarding no
|
||||
# AllowTcpForwarding no
|
||||
# PermitTTY no
|
||||
# ForceCommand cvs server
|
10
unbound.conf
Normal file
10
unbound.conf
Normal file
@ -0,0 +1,10 @@
|
||||
server:
|
||||
qname-minimisation: yes
|
||||
trust-anchor-file: /etc/unbound/trusted-key.key
|
||||
tls-cert-bundle: /etc/ssl/certs/ca-certificates.crt
|
||||
|
||||
forward-zone:
|
||||
name: "."
|
||||
forward-tls-upstream: yes
|
||||
forward-addr: 1.0.0.1@853#cloudflare-dns.com
|
||||
forward-addr: 1.1.1.1@853#cloudflare-dns.com
|
Loading…
Reference in New Issue
Block a user