Some notes from creating ftp0.twn.freebsd.org:
On the master rsync host (e.g. ftp-mirror0.isc.freebsd.org) add the new site netblocks to /usr/local/etc/rsync/rsyncd.conf and restart rsyncd.
On the jail host:
zfs create -o mountpoint=/ftp zroot/ftp rsync -aH rsync://ftp.tw.freebsd.org/FreeBSD/ /ftp/ (Choose a local fast relatively complete mirror) rsync -aH --partial --delete rsync://ftp-mirror0.isc.freebsd.org/FreeBSD-master/ /ftp/ mkdir -p /j/jails/ftp0/home/ftp/pub/FreeBSD echo "/ftp /j/jails/ftp0/home/ftp/pub/FreeBSD nullfs ro 0 0" > /etc/fstab.ftp0 cd /j/jails/ftp0/home/ftp/pub/; for i in favicon.ico .message index.html; do fetch http://ftp0.bme.freebsd.org/$i; done
... and update .message and index.html as appropriate.
The initial sync from a potentially untrusted local mirror is fine, as the second rsync will fix up any differences when run against the master. The second rsync should be pretty quick as there is very little data to actually transfer, but it is worth timing it to establish how long a full sync takes (as we timelimit the syncs run from cron).
The datastore is mounted readonly into the jail, all updates to the datastore are done by the host. On the host, copy /root/ftpsync.sh from one of the other mirrors, and set up a cron job to mirror hourly.
Install packages ftp/vsftpd and www/nginx. Copy /usr/local/etc/nginx/nginx.conf and /usr/local/etc/vsftpd.conf from another host, and update as appropriate.
vsftpd is run from inetd, so add it to jail /etc/inetd.conf:
#[/max-child[/max-connections-per-ip-per-minute[/max-child-per-ip]]] ftp stream tcp nowait/100/20/20 root /usr/local/libexec/vsftpd vsftpd ftp stream tcp6 nowait/100/20/20 root /usr/local/libexec/vsftpd vsftpd
Jail rc.conf additions: