commit 6d1053915ca2e55951bcd4c7faced2b0b085233c Author: gus gus@torproject.org Date: Mon Oct 25 18:57:13 2021 -0300
Better markdown formatting --- content/relay/setup/guard/centos-rhel/contents.lr | 20 ++++++++++---------- content/relay/setup/guard/debian-ubuntu/contents.lr | 14 +++++++------- content/relay/setup/guard/dragonflybsd/contents.lr | 20 ++++++++++---------- content/relay/setup/guard/fedora/contents.lr | 14 +++++++------- content/relay/setup/guard/freebsd/contents.lr | 19 ++++++++++--------- content/relay/setup/guard/netbsd/contents.lr | 16 +++++++++------- content/relay/setup/guard/openbsd/contents.lr | 19 ++++++++++--------- 7 files changed, 63 insertions(+), 59 deletions(-)
diff --git a/content/relay/setup/guard/centos-rhel/contents.lr b/content/relay/setup/guard/centos-rhel/contents.lr index 0d8372b..fc5b7d8 100644 --- a/content/relay/setup/guard/centos-rhel/contents.lr +++ b/content/relay/setup/guard/centos-rhel/contents.lr @@ -6,19 +6,19 @@ title: CentOS/RHEL --- body:
-# 1. Enable Automatic Software Updates +### 1. Enable Automatic Software Updates
One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable [automatic software updates](updates) for your operating system.
-# 2. Install `epel-release` +### 2. Install `epel-release`
-To install `tor` on CentOS/RHEL, you need to enable the use of the [EPEL](https://fedoraproject.org/wiki/EPEL) Repository first. To do so, you must install the `epel-release` package: +To install `tor` package on CentOS/RHEL, you need to install the [EPEL](https://fedoraproject.org/wiki/EPEL) repository first:
``` # yum install epel-release ```
-Recent versions of CentOS/RHEL are using `dnf` instead of `yum`, so the command to install the package would be: +Recent versions of CentOS/RHEL are using `dnf` instead of `yum`:
``` # dnf install epel-release @@ -26,7 +26,7 @@ Recent versions of CentOS/RHEL are using `dnf` instead of `yum`, so the command
If you are on a recent version that uses `dnf`, please keep using it for the following steps where `yum` is called on this setup guide.
-# 3. Configure Tor Project's Repository +### 3. Configure Tor Project's Repository
Configuring the Tor Project's Repository for CentOS/RHEL consists basically on setting up `/etc/yum.repos.d/Tor.repo` with the following content:
@@ -42,7 +42,7 @@ cost=100
More information about it can be found [here](https://support.torproject.org/rpm/).
-# 4. Install `tor` +### 4. Package installation
Once you are set with EPEL and the Tor repositories, you are now able to install the package:
@@ -52,9 +52,9 @@ Once you are set with EPEL and the Tor repositories, you are now able to install
Please note that when you are installing the first package from the EPEL repository you will be asked about verifying the EPEL's GPG signing key. Please ensure the key matches with the one available on the [Fedora Project website](https://getfedora.org/keys/). This will also happens when installing packages from Tor's repository for the first time - again you must ensure the key matches.
-# 5. Configure `/etc/tor/torrc` +### 5. Configuration file
-This is a very simple version of the `torrc` configuration file in order to run a Middle/Guard relay on the Tor network: +Put the configuration file `/etc/tor/torrc` in place:
``` Nickname myNiceRelay # Change "myNiceRelay" to something you like @@ -64,7 +64,7 @@ ExitRelay 0 SocksPort 0 ```
-# 6. Enable and Start `tor` +### 6. Enable and Start `tor`
Recent versions os CentOS/RHEL which ship with systemd:
@@ -79,7 +79,7 @@ Should you use an older release like CentOS/RHEL 6, that will be: # service tor start ```
-# 7. Final Notes +### 7. Final Notes
If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes. diff --git a/content/relay/setup/guard/debian-ubuntu/contents.lr b/content/relay/setup/guard/debian-ubuntu/contents.lr index a93ba19..95f9eef 100644 --- a/content/relay/setup/guard/debian-ubuntu/contents.lr +++ b/content/relay/setup/guard/debian-ubuntu/contents.lr @@ -6,16 +6,16 @@ title: Debian/Ubuntu --- body:
-# 1. Enable Automatic Software Updates +### 1. Enable Automatic Software Updates
One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable [automatic software updates](updates) for your operating system.
-# 2. Configure Tor Project's Repository +### 2. Configure Tor Project's Repository
Configuring the Tor Project's package repository for Debian/Ubuntu is documented **[here](https://support.torproject.org/apt/tor-deb-repo/)**. Please follow those instructions before proceeding.
-# 3. Install `tor` +### 3. Package installation
Ensure you update the packages database before installing the package, than call `apt` to install it:
@@ -24,9 +24,9 @@ Ensure you update the packages database before installing the package, than call # apt install tor ```
-# 4. Configure `/etc/tor/torrc` +### 4. Configuration file
-This is a very simple version of the `torrc` configuration file in order to run a Middle/Guard relay on the Tor network: +Put the configuration file `/etc/tor/torrc` in place
``` Nickname myNiceRelay # Change "myNiceRelay" to something you like @@ -36,7 +36,7 @@ ExitRelay 0 SocksPort 0 ```
-# 5. Restart the Service +### 5. Restart the service
Restart the `tor` daemon, so your configuration changes take effect:
@@ -44,7 +44,7 @@ Restart the `tor` daemon, so your configuration changes take effect: # systemctl restart tor@default ```
-# 6. Final Notes +### 6. Final Notes
If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes. diff --git a/content/relay/setup/guard/dragonflybsd/contents.lr b/content/relay/setup/guard/dragonflybsd/contents.lr index d98ec6f..1b0c979 100644 --- a/content/relay/setup/guard/dragonflybsd/contents.lr +++ b/content/relay/setup/guard/dragonflybsd/contents.lr @@ -2,15 +2,15 @@ _model: page --- color: primary --- -title: DragonflyBSD +title: DragonFlyBSD --- body:
-# 1. Enable Automatic Software Updates +### 1. Enable Automatic Software Updates
One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable automatic software updates for your operating system.
-# 2. Bootstrap `pkg` +### 2. Bootstrap `pkg`
DragonFlyBSD's daily snapshots and releases (starting with 3.4) come with `pkg` already installed. Upgrades from earlier releases, however, will not have it. If `pkg` is missing on the system for any reason, it can be quickly bootstrapped without having to build it from source or even having **DPorts** installed:
@@ -22,7 +22,7 @@ DragonFlyBSD's daily snapshots and releases (starting with 3.4) come with `pkg` # rehash ```
-### 2.1. Recommended Steps to Setup `pkg` +#### 2.1. Recommended Steps to Setup `pkg`
Here, it will be similar to what we have on a **FreeBSD** system, and we are going to use HTTPS to fetch our packages, and updates - so here we also need an extra package to help us out (ca_root_nss).
@@ -48,7 +48,7 @@ After applying all these changes, we update the packages list again and try to c # pkg upgrade -y -f ```
-# 3. Install `tor` DragonFlyBSD's Package +### 3. Package installation
Install the `tor` package:
@@ -63,9 +63,9 @@ Install the `tor` package: # pkg install tor-devel ```
-# 4. Configure `/usr/local/etc/tor/torrc` +### 4. Configuration file
-This is a very simple version of the `torrc` configuration file in order to run a Middle/Guard relay on the Tor network: +Put the configuration file `/usr/local/etc/tor/torrc` in place
``` Nickname myNiceRelay # Change "myNiceRelay" to something you like @@ -76,7 +76,7 @@ SocksPort 0 Log notice syslog ```
-# 5. Start `tor` +### 5. Start the service
Here we set `tor` to start at boot time and use the setuid feature, in order to bind to lower ports like 443 (the daemon itself will still run as a regular non-privileged user).
@@ -86,7 +86,7 @@ Here we set `tor` to start at boot time and use the setuid feature, in order to # service tor start ```
-# 6. Final Notes +### 6. Final Notes
If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes. @@ -99,4 +99,4 @@ section: Middle/Guard relay --- section_id: relay-operations --- -subtitle: How to deploy a Middle/Guard relay on DragonflyBSD +subtitle: How to deploy a Middle/Guard relay on DragonFlyBSD diff --git a/content/relay/setup/guard/fedora/contents.lr b/content/relay/setup/guard/fedora/contents.lr index a3fb9cd..26a016b 100644 --- a/content/relay/setup/guard/fedora/contents.lr +++ b/content/relay/setup/guard/fedora/contents.lr @@ -6,11 +6,11 @@ title: Fedora --- body:
-# 1. Enable Automatic Software Updates +### 1. Enable Automatic Software Updates
One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable [automatic software updates](updates) for your operating system.
-# 2. Configure Tor Project's Repository +### 2. Configure Tor Project's Repository
Configuring the Tor Project's Repository for Fedora consists basically on setting up `/etc/yum.repos.d/Tor.repo` with the following content:
@@ -26,17 +26,17 @@ cost=100
More information about it can be found [here](https://support.torproject.org/rpm/).
-# 3. Install `tor` +### 3. Package installation
-Once you are set with EPEL and the Tor repositories, you are now able to install the package: +Install the `tor` package:
``` # dnf install tor ```
-# 4. Configure `/etc/tor/torrc` +### 4. Configuration file
-This is a very simple version of the `torrc` configuration file in order to run a Middle/Guard relay on the Tor network: +Put the configuration file `/etc/tor/torrc` in place:
``` Nickname myNiceRelay # Change "myNiceRelay" to something you like @@ -46,7 +46,7 @@ ExitRelay 0 SocksPort 0 ```
-# 5. Enable and Start `tor` +# 5. Start the service
``` # systemctl enable --now tor diff --git a/content/relay/setup/guard/freebsd/contents.lr b/content/relay/setup/guard/freebsd/contents.lr index 7431c8c..9d05331 100644 --- a/content/relay/setup/guard/freebsd/contents.lr +++ b/content/relay/setup/guard/freebsd/contents.lr @@ -6,11 +6,11 @@ title: FreeBSD --- body:
-# 1. Enable Automatic Software Updates +### 1. Enable Automatic Software Updates
One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable [automatic software updates](updates) for your operating system.
-# 2. Bootstrap `pkg` +### 2. Bootstrap `pkg`
This article assumes we have already a base installation of FreeBSD running, and only the base system (here, we are running 12.2-RELEASE). That means we do not have any packages installed, or even the `pkg` packages manager itself (there's no `sudo` available - we are running commands as root). @@ -22,7 +22,7 @@ To bootstrap and install `pkg` we should run the following command: # pkg update -f ```
-### 2.1. Recommended Steps to Setup `pkg` +#### 2.1. Recommended Steps to Setup `pkg`
To follow upstream updates in a "faster way" we recommend changing the 'quarterly' branch used by `pkg` to its 'latest' branch.
@@ -59,8 +59,9 @@ After applying all these changes, we update the packages list again and try to c # pkg upgrade -y -f ```
-# 3. Install `tor` FreeBSD's Package +### 3. Package installation
+Install `tor` FreeBSD's package. Here we can choose to install the latest stable version, like:
``` @@ -74,9 +75,9 @@ Here we can choose to install the latest stable version, like: # pkg install tor-devel ```
-# 4. Configure `/usr/local/etc/tor/torrc` +### 4. Configuration file
-This is a very simple version of the `torrc` configuration file in order to run a Middle/Guard relay on the Tor network: +Put the configuration file `/usr/local/etc/tor/torrc` in place:
``` Nickname myNiceRelay # Change "myNiceRelay" to something you like @@ -87,14 +88,14 @@ SocksPort 0 Log notice syslog ```
-# 5. Enable `net.inet.ip.random_id` +### 5. Enable `net.inet.ip.random_id`
``` # echo "net.inet.ip.random_id=1" >> /etc/sysctl.conf # sysctl net.inet.ip.random_id=1 ```
-# 6. Start `tor` +### 6. Start the service
Here we set `tor` to start at boot time and use the setuid feature, in order to bind to lower ports like 443 (the daemon itself will still run as a regular non-privileged user).
@@ -104,7 +105,7 @@ Here we set `tor` to start at boot time and use the setuid feature, in order to # service tor start ```
-# 7. Final Notes +### 7. Final Notes
If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes. diff --git a/content/relay/setup/guard/netbsd/contents.lr b/content/relay/setup/guard/netbsd/contents.lr index 9b8972d..199f6b2 100644 --- a/content/relay/setup/guard/netbsd/contents.lr +++ b/content/relay/setup/guard/netbsd/contents.lr @@ -6,11 +6,11 @@ title: NetBSD --- body:
-# 1. Enable Automatic Software Updates +### 1. Enable Automatic Software Updates
One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable automatic software updates for your operating system.
-# 2. Setup `pkg_add` +### 2. Setup `pkg_add`
Modern versions of the NetBSD operating system can be set to use `pkgin`, which is a piece of software aimed to be like `apt` or `yum` for managing pkgsrc binary packages. We are not convering its setup here, and opt to use plain `pkg_add` instead.
@@ -18,15 +18,17 @@ Modern versions of the NetBSD operating system can be set to use `pkgin`, which # echo "PKG_PATH=http://cdn.netbsd.org/pub/pkgsrc/packages/NetBSD/$(uname -m)/$(uname -r)/All" > /etc/pkg_install.conf ```
-# 3. Install `tor` NetBSD's Package +### 3. Package installation + +Install `tor` NetBSD's package:
``` # pkg_add tor ```
-# 4. Configure `/usr/pkg/etc/tor/torrc` +### 4. Configuration file
-This is a very simple version of the `torrc` configuration file in order to run a Middle/Guard relay on the Tor network: +Put the configuration file `/usr/pkg/etc/tor/torrc` in place:
``` Nickname myNiceRelay # Change "myNiceRelay" to something you like @@ -37,7 +39,7 @@ SocksPort 0 Log notice syslog ```
-# 5. Start `tor` +### 5. Start the service
Here we set `tor` to start during boot and call it for the first time:
@@ -47,7 +49,7 @@ Here we set `tor` to start during boot and call it for the first time: # /etc/rc.d/tor start ```
-# 6. Final Notes +### 6. Final Notes
If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes. diff --git a/content/relay/setup/guard/openbsd/contents.lr b/content/relay/setup/guard/openbsd/contents.lr index 37dacf3..22bd9c5 100644 --- a/content/relay/setup/guard/openbsd/contents.lr +++ b/content/relay/setup/guard/openbsd/contents.lr @@ -6,11 +6,11 @@ title: OpenBSD --- body:
-# 1. Enable Automatic Software Updates +### 1. Enable Automatic Software Updates
One of the most important things to keeps your relay secure is to install security updates timely and ideally automatically so you can not forget about it. Follow the instructions to enable automatic software updates for your operating system.
-# 2. Install `tor` OpenBSD's Package +### 2. Package installation
Recent OpenBSD systems, since 6.5, already have the repository configured on `/etc/installurl` so we do not need to bother changing it.
@@ -26,7 +26,7 @@ Proceed with `pkg_add` to install the package: # pkg_add tor ```
-### 2.1. Recommended Steps to Install `tor` on OpenBSD +#### 2.1. Recommended Steps to Install `tor` on OpenBSD
If you want to install a newer version of the `tor` OpenBSD's package, you can use M:Tier's binary packages:
@@ -42,9 +42,9 @@ Here is how you proceed with these steps: # ./openup ```
-# 3. Configure `/etc/tor/torrc` +### 3. Configuration file
-This is a very simple version of the `torrc` configuration file in order to run a Middle/Guard relay on the Tor network: +Put the configuration file `/etc/tor/torrc` in place:
``` Nickname myNiceRelay # Change "myNiceRelay" to something you like @@ -58,9 +58,10 @@ User _tor RunAsDaemon 1 ```
-# 4. Change `openfiles-max` and `maxfiles` +### 4. Change `openfiles-max` and `maxfiles`
-By default, OpenBSD maintains a rather low limit on the maximum number of open files for a process. For a daemon such as Tor's, that opens a connection to each and every other relay (currently around 7000 relays), these limits should be raised. +By default, OpenBSD maintains a rather low limit on the maximum number of open files for a process. +For a daemon such as Tor's, that opens a connection to each and every other relay (currently around 7000 relays), these limits should be raised.
Append the following section to `/etc/login.conf`:
@@ -79,7 +80,7 @@ Increase it from the default of 7030 to 16000: # sysctl kern.maxfiles=16000 ```
-# 5. Start `tor` +### 5. Start the service
Here we set `tor` to start during boot and call it for the first time:
@@ -88,7 +89,7 @@ Here we set `tor` to start during boot and call it for the first time: # rcctl start tor ```
-# 6. Final Notes +### 6. Final Notes
If you are having trouble setting up your relay, have a look at our [help section](/relay/getting-help/). If your relay is now running, check out the [post-install](/relay/setup/post-install/) notes.
tor-commits@lists.torproject.org