======OS - Linux - Distributions - CentOS - Notes - Set fixed RPM repositories======
In some cases it is useful to change the default RPM repository mechanism of using a dynamic mirrorlist to a fixed mirrorlist.
For example when policy is to not allow direct http to all hosts on the Internet from the internal servers setting fixed RPM repositories will allow you to open http(s) to a limited number of IP addresses for CentOS package updates.
=====Rocky Linux 8=====
====Rocky Linux 8 repositories====
For the Rocky Linux 8 default repositories:
- Check if the .repo files are still set to the default:egrep "^baseurl|^mirrorlist|^#baseurl|^#mirrorlist" /etc/yum.repos.d/Rocky-*.repo
- If all .repo files except Media stil have lines starting with mirrorlist instead of #mirrorlist and #baseurl instead of baseurl, then the mirrorlists are active.
- Make a back-up copy of the .repo files:mkdir /root/yum.repos.d-backup/
cp -p /etc/yum.repos.d/*.repo /root/yum.repos.d-backup/
- Disable the lines starting with mirrorlist (^mirrorlist) by prefixing mirrorlist with a #: sed -i 's/^mirrorlist/#mirrorlist/' /etc/yum.repos.d/Rocky-{AppStream,BaseOS,Debuginfo,Devel,Extras,HighAvailability,NFV,Plus,PowerTools,ResilientStorage,RT,Sources}.repo
- Enable the baseurl lines by removing the # prefix and setting the baseurl to https://ftp.nluug.nl:sed -i 's/^#baseurl=http:\/\/dl.rockylinux.org\/\$contentdir/baseurl=https:\/\/ftp.nluug.nl\/pub\/os\/Linux\/distr\/rocky/' /etc/yum.repos.d/Rocky-{AppStream,BaseOS,Debuginfo,Devel,Extras,HighAvailability,NFV,Plus,PowerTools,ResilientStorage,RT,Sources}.repo
- Check if the .repo files have changed:egrep "^baseurl|^mirrorlist|^#baseurl|^#mirrorlist" /etc/yum.repos.d/Rocky-*.repo
- Clean and re-download the package cache/metadata:dnf clean all && dnf makecache
- [Optional] Disable the dnf-makecache.timer that runs every hour (and refreshes the cache every 3 hours):systemctl stop dnf-makecache.timer
systemctl disable dnf-makecache.timer
Sources:
* [[https://unix.stackexchange.com/questions/579009/why-is-dnf-makecache-timer-needed|StackExchange - Unix & Linux - Why is dnf-makecache.timer needed?]]
* [[https://www.getpagespeed.com/server-setup/fixing-dnf-annoyances-in-centos-rhel-usability-or-bandwidth-choose-your-destiny|GetPageSpeed Blog - Fixing DNF annoyances in CentOS/RHEL: usability or bandwidth. Choose your destiny]]
* [[https://bugzilla.redhat.com/show_bug.cgi?id=1187111|Red Hat Bugzilla - Bug 1187111 - Remove dnf-makecache service/timers ]]
=====CentOS 8=====
====CentOS 8 repositories====
For the CentOS 8 default repositories:
- Check if the .repo files are still set to the default:egrep "^baseurl|^mirrorlist|^#baseurl|^#mirrorlist" /etc/yum.repos.d/CentOS-*.repo
- If all .repo files except Debuginfo, Media, and Sources stil have lines starting with mirrorlist instead of #mirrorlist and #baseurl instead of baseurl, then the mirrorlists are active.
- Make a back-up copy of the .repo files:mkdir /root/yum.repos.d-backup/
cp -p /etc/yum.repos.d/*.repo /root/yum.repos.d-backup/
- Disable the lines starting with mirrorlist (^mirrorlist) by prefixing mirrorlist with a #:
- CentOS 8.3:sed -i 's/^mirrorlist/#mirrorlist/' /etc/yum.repos.d/CentOS-Linux-{AppStream,BaseOS,ContinuousRelease,Devel,Extras,FastTrack,HighAvailability,Plus,PowerTools}.repo
- CentOS 8.2: sed -i 's/^mirrorlist/#mirrorlist/' /etc/yum.repos.d/CentOS-{AppStream,Base,centosplus,CR,Devel,Extras,fasttrack,HA,PowerTools}.repo
- Enable the baseurl lines by removing the # prefix and setting the baseurl to https://ftp.nluug.nl:
- CentOS 8.3: sed -i 's/^#baseurl=http:\/\/mirror.centos.org\/\$contentdir/baseurl=https:\/\/ftp.nluug.nl\/pub\/os\/Linux\/distr\/CentOS/' /etc/yum.repos.d/CentOS-Linux-{AppStream,BaseOS,ContinuousRelease,Devel,Extras,FastTrack,HighAvailability,Plus,PowerTools}.repo
- CentOS 8.2: sed -i 's/^#baseurl=http:\/\/mirror.centos.org\/\$contentdir/baseurl=https:\/\/ftp.nluug.nl\/pub\/os\/Linux\/distr\/CentOS/' /etc/yum.repos.d/CentOS-{AppStream,Base,centosplus,CR,Devel,Extras,fasttrack,HA,PowerTools}.repo
- Check if the .repo files have changed:egrep "^baseurl|^mirrorlist|^#baseurl|^#mirrorlist" /etc/yum.repos.d/CentOS-*.repo
- Clean and re-download the package cache/metadata:dnf clean all && dnf makecache
- [Optional] Disable the dnf-makecache.timer that runs every hour (and refreshes the cache every 3 hours):systemctl stop dnf-makecache.timer
systemctl disable dnf-makecache.timer
Sources:
* [[https://unix.stackexchange.com/questions/579009/why-is-dnf-makecache-timer-needed|StackExchange - Unix & Linux - Why is dnf-makecache.timer needed?]]
* [[https://www.getpagespeed.com/server-setup/fixing-dnf-annoyances-in-centos-rhel-usability-or-bandwidth-choose-your-destiny|GetPageSpeed Blog - Fixing DNF annoyances in CentOS/RHEL: usability or bandwidth. Choose your destiny]]
* [[https://bugzilla.redhat.com/show_bug.cgi?id=1187111|Red Hat Bugzilla - Bug 1187111 - Remove dnf-makecache service/timers ]]
====EPEL====
For the [[https://fedoraproject.org/wiki/EPEL|EPEL]] repository installed with:dnf install epel-release
- Check if the .repo files are still set to the default:egrep "^metalink|^baseurl|^#metalink|^#baseurl" /etc/yum.repos.d/epel*.repo
- If all EPEL .repo files have lines starting with metalink instead of #metalink and #baseurl instead of baseurl, then the metalinks are active.
- Make a back-up copy of the .repo files:mkdir /root/yum.repos.d-backup/
cp -p /etc/yum.repos.d/epel*.repo /root/yum.repos.d-backup/
- Disable the lines starting with metalink (^metalink) by prefixing metalink with a #:sed -i 's/^metalink/#metalink/' /etc/yum.repos.d/epel*.repo
- Enable the baseurl lines by removing the # prefix and setting the baseurl to https://ftp.nluug.nl:
- CentOS 8: sed -i 's/^#baseurl=https:\/\/download.fedoraproject.org\/pub\/epel/baseurl=https:\/\/ftp.nluug.nl\/pub\/os\/Linux\/distr\/fedora-epel/' /etc/yum.repos.d/epel*.repo
- CentOS 7: sed -i 's/^#baseurl=http:\/\/download.fedoraproject.org\/pub\/epel/baseurl=https:\/\/ftp.nluug.nl\/pub\/os\/Linux\/distr\/fedora-epel/' /etc/yum.repos.d/epel*.repo
- Check if the .repo files have changed:egrep "^metalink|^baseurl|^#metalink|^#baseurl" /etc/yum.repos.d/epel*.repo
- Clean and re-download the package cache/metadata:dnf clean all && dnf makecache
=====CentOS 7=====
====CentOS 7 repositories====
For the CentOS 7 default repositories:
- Check if the .repo files are still set to the default:egrep "^baseurl|^mirrorlist|^#baseurl|^#mirrorlist" /etc/yum.repos.d/CentOS-*.repo
- If all .repo files except Debuginfo, Media, and Sources stil have lines starting with mirrorlist instead of #mirrorlist and #baseurl instead of baseurl, then the mirrorlists are active.
- Make a back-up copy of the .repo files:mkdir /root/yum.repos.d-backup/
cp -p /etc/yum.repos.d/*.repo /root/yum.repos.d-backup/
- Disable the lines starting with mirrorlist (^mirrorlist) by prefixing mirrorlist with a #:sed -i 's/^mirrorlist/#mirrorlist/' /etc/yum.repos.d/CentOS-{Base,CR,fasttrack}.repo
- Enable the baseurl lines by removing the # prefix and setting the baseurl to https://ftp.nluug.nl:sed -i 's/^#baseurl=http:\/\/mirror.centos.org\/centos/baseurl=https:\/\/ftp.nluug.nl\/pub\/os\/Linux\/distr\/CentOS/' /etc/yum.repos.d/CentOS-{Base,CR,fasttrack}.repo
- To change to vault.centos.org for a specific older version (7.7.1908 in this example):
- sed -i 's/^#baseurl=http:\/\/mirror.centos.org\/centos\/\$releasever/baseurl=https:\/\/vault.centos.org\/7.7.1908/' /etc/yum.repos.d/CentOS-{Base,CR,fasttrack}.repo
- And disable the yum fastestmirror plugin:sed -i 's/enabled\=1/enabled\=0/' /etc/yum/pluginconf.d/fastestmirror.conf
- Check if the .repo files have changed:egrep "^baseurl|^mirrorlist|^#baseurl|^#mirrorlist" /etc/yum.repos.d/CentOS-*.repo
- Clean and re-download the package cache/metadata:yum clean all && yum makecache