GitHub Mirror Script

Simple script to mirror GitHub repositories as bare repos on local disk.

It accepts a TOML config file with source targets in one of these forms:

• OWNER
• OWNER/REPO

Each source may have its own Personal Access Token to access private repositories.

Features

• Resolves repositories from users, orgs, or explicit owner/repo.
• Supports per-source GitHub PAT tokens.
• Mirrors repositories as bare repos with all refs.
• Creates/updates repositories under:
  • ROOT_DIR/github.com/OWNER/REPO
• Writes logs to stderr with configurable level:
  • INFO, WARN, ERROR
• Supports configurable prune behavior on fetch.
• Supports configurable fork filtering (ignore_forks).
• Redacts credentials in logged git commands.

Requirements

• Python 3.11+ (uses tomllib)
• git installed and available in PATH
• Network access to GitHub API and git remotes

Config format (TOML)

See config.example.toml.

Example:

root_dir = '~/mirrors'
log_level = 'INFO' # INFO | WARN | ERROR
prune = true
ignore_forks = true

[[sources]]
target = 'octocat' # user or org
# token = 'ghp_...'

[[sources]]
target = 'github' # org
# token = 'ghp_...'

[[sources]]
target = 'torvalds/linux' # specific repo
# token = 'ghp_...'

Usage

Run with positional config argument:

python3 github_mirror.py config.toml

Docker

Build:

docker build -t github-mirror .

Run:

docker run --rm \
  -v "$PWD/config.toml:/config.toml:ro" \
  -v "$HOME/mirrors:/mirrors" \
  github-mirror /config.toml

Notes

• If prune = true, fetch uses --prune.
• If prune = false, fetch does not remove stale refs.
• If ignore_forks = true, fork repositories are skipped.
• If ignore_forks = false, forks are mirrored too.
• Tokens are used for API and git remote access when provided.
• Logged git commands are sanitized to avoid leaking token values.