Creating a local mirror for Red Hat based systems

April 16, 2018 - Reading time: 3 minutes

I created this script to create a local repository of RPM packages based on the repositories available to the system (very important, otherwise it won't work). To automate initial and further syncs I'm simply using Cron.

The machine is a basic system that is used as a webserver (apache, nginx or python SimpleHTTPServer)

I created a directory for RHEL7 (named "7"), you should do this for all versions, before running the script and started python SimpleHTTPServer in /var/www/html/ and opened port 80 in firewalld. This is just a proof-of-concept so nothing fancy.

This is the script:

while read VERSION REPO; do
reposync --gpgcheck -l --repoid=$REPO --download_path=$BASEDIRECTORY/$VERSION/
if [ ! -d "$BASEDIRECTORY/$VERSION/$REPO/repodata" ]; then
createrepo --update -v $BASEDIRECTORY/$VERSION/$REPO/
done <$1

This is the repos file:

7 rhel-7-server-extras-rpm
7 rhel-7-server-optional-rpms
7 rhel-7-server-rh-common-rpms
7 rhel-7-server-rpms
7 rhel-7-server-satellite-tools-6.3-rpms
7 rhel-server-rhscl-7-rpms

And to run it, just do:

sh /root/ /var/www/repos

For older RHEL repositories, you should put them in the content view (when using Satellite) or make sure you can access them. Since they won't automagically appear in your yum repolist you will have to create a repo file yourself. Copy and adapt the snippet for all repositories and to keep things clean, create a repo file for every Red Hat version. (or CentOS, ...). SSLcerts should be just the same as the ones from a working RHEL7 entry.


metadata_expire = 1
sslclientcert = /etc/pki/entitlement/6369168190531272611.pem
baseurl =$basearch/os
ui_repoid_vars = releasever basearch
sslverify = 1
name = Red Hat Enterprise Linux 6 Server (RPMs)
sslclientkey = /etc/pki/entitlement/6369168190531272611-key.pem
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
enabled = 1
sslcacert = /etc/rhsm/ca/katello-server-ca.pem
gpgcheck = 1

For simpleHTTP you can use these 2 neat tricks:

Run SimpleHTTP as a SystemD service

Enable SSL on SimpleHTTP


Koen Diels

I'm a freelance system and network engineer from Mechelen (BE) and I'm available for ad-hoc and long term projects.

>>my resume<<