https://github.com/cloud-gov/cvd-sync
mirror ClamAV updates to S3 with cvdupdate
https://github.com/cloud-gov/cvd-sync
Last synced: 6 months ago
JSON representation
mirror ClamAV updates to S3 with cvdupdate
- Host: GitHub
- URL: https://github.com/cloud-gov/cvd-sync
- Owner: cloud-gov
- License: other
- Created: 2022-05-24T00:06:29.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2025-05-22T22:17:06.000Z (about 1 year ago)
- Last Synced: 2025-05-22T23:39:04.103Z (about 1 year ago)
- Language: Shell
- Size: 47.9 KB
- Stars: 1
- Watchers: 4
- Forks: 1
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE.md
- Codeowners: CODEOWNERS
- Security: SECURITY.md
Awesome Lists containing this project
README
# cvd-sync
A pipeline for syncing clamav databases into an s3-based mirror.
## Why mirror clamav?
Clamav's public mirror implements rate-limiting, and we run all our traffic
and all our users' traffic out a fixed, small set of egress IPs, so we have
potential to hit those limits, and then have a bad day. Having a mirror
isolates us from that problem (mostly).
## How does it work?
The [docker](./docker/) directory is used to build a docker container used
for running clamav's mirror syncing tool, `cvdupdate`.
We run the `cvdupdate` tool in the container, tracking state in a private s3
bucket, and keeping the virus database in a public website bucket, which then
acts as a mirror.
## development
### sharp edge - rate limiting
Because the `cvdupdate` tool works differently from `freshclam` and is more
resource-intesive, clamav rate limits it much more aggressively. Like 5
updates in an hour and you get locked out for 24 hours.
If you're developing on parts _other_ than the `cvdupdate` step, it's best to
replace it with something like `touch` to fake updates.