Fedora EPEL 7 mirror pinning

This guide aims to help in pinning down the repository location to a known FQDN, so it can be set in the allowlists, without affecting the performance of downloads.

Virtual Machine

AWS User Data / GCP Startup Script

#!/bin/bash -ex
sed --in-place=.orig --regexp-extended 's%#baseurl=http://(download.example|download.fedoraproject.org)/pub/epel/%baseurl=https://mirrors.edge.kernel.org/fedora-epel/%g' /etc/yum.repos.d/epel*.repo
sed --in-place --regexp-extended 's%^metalink=%#metalink=%g' /etc/yum.repos.d/epel*.repo

The commands simply replace Fedora's default mirror redirector with a known, reliable CDN, making a backup file (with extension .orig) in the process.

Container

Dockerfile

FROM centos:7

RUN yum install --assumeyes epel-release && \
    sed --in-place=.orig --regexp-extended 's%#baseurl=http://(download.example|download.fedoraproject.org)/pub/epel/%baseurl=https://mirrors.edge.kernel.org/fedora-epel/%g' /etc/yum.repos.d/epel*.repo && \
    sed --in-place --regexp-extended 's%^metalink=%#metalink=%g' /etc/yum.repos.d/epel*.repo && \
    yum clean expire-cache

Allowlist

FQDNs

mirrors.edge.kernel.org

DiscrimiNAT Annotation

discriminat:tls:mirrors.edge.kernel.org

Alternative Mirrors

Although mirrors.edge.kernel.org is a CDN with geo-located caches, you may want to pick a specific https mirror from Fedora's official mirrors list.

Virtual Machine​

AWS User Data / GCP Startup Script​

Container​

Dockerfile​

Allowlist​

FQDNs​

DiscrimiNAT Annotation​

Alternative Mirrors​