commit 8358537eea329c42e0b6247c1c9efb615c8047a4 Author: nusenu nusenu-github@riseup.net Date: Fri Jan 19 19:08:37 2018 +0000

Bug 24881: consolidate relay setup information (new guide)

Replace old content with a pointer to the new Tor Relay Guide. --- docs/en/tor-doc-relay.wml | 113 +-------------------------- docs/en/tor-relay-debian.wml | 176 +------------------------------------------ 2 files changed, 2 insertions(+), 287 deletions(-)

diff --git a/docs/en/tor-doc-relay.wml b/docs/en/tor-doc-relay.wml index 7f897d3e..9cd702cd 100644 --- a/docs/en/tor-doc-relay.wml +++ b/docs/en/tor-doc-relay.wml @@ -10,118 +10,7 @@ <a href="<page docs/tor-doc-relay>">Configure Tor Relay</a> </div> <div id="maincol"> - - <h1>Configuring a Tor relay</h1> - - <hr> - - <p> - The Tor network relies on volunteers to donate bandwidth. The more - people who run relays, the faster the Tor network will be. If you have - at least 2 megabits/s for both upload and download, please help out - Tor by configuring your Tor to be a relay too. - </p> - - <p>You can run a Tor relay on pretty much any operating system. Tor relays - work best on current distributions of Linux, FreeBSD, NetBSD, and - Windows Server. - </p> - - <p> - The best approach for most users is to <a href="<page - docs/tor-relay-debian>">run your relay on Debian or Ubuntu</a> using - the system Tor package &mdash; the deb takes care of running Tor as a - separate user, making sure it has enough file descriptors available, - starting it at boot, and so on. Tor relays also run nicely on other - Linux flavors, and on FreeBSD and NetBSD for those who are comfortable - with those operating systems. - </p> - - <hr> - <a id="torrc"></a> - <h2><a class="anchor" href="#torrc">Configure Tor by editing the torrc file</a></h2> - <br /> - - <p> - Tor's - configuration file is named 'torrc'.</p> - <p>Locate the file on your system, open it with a text editor and add the - following lines:</p> - - <pre> - ORPort 443 - Exitpolicy reject *:* - Nickname ididntedittheconfig - ContactInfo human@... - </pre> - -# TODO: Update link to PT setup docs - <p>If you want to be a bridge, read about the BridgeRelay and - ServerTransportPlugin values <a - href="<page docs/pluggable-transports>">on - this page</a>.</p> - - <p>Tor will use all your bandwidth if you don't set limits for it. Some - options are described in <a href="<page docs/faq>#LimitTotalBandwidth">these</a> - <a href="<page docs/faq>#BandwidthShaping">FAQ entries</a>.</p> - - <p>See the <a href="https://gitweb.torproject.org/tor.git/plain/src/config/torrc.sample.in">sample - torrc file</a> and the <a - href="<page docs/tor-manual>">man - page</a> for other Tor options you may want to set.</p> - - <hr> - <a id="check"></a> - <h2><a class="anchor" href="#check">Make sure your relay is reachable</a></h2> - <br> - - <p>If you are using a firewall, open a hole in your firewall - so incoming connections can reach the ports you configured - (ORPort, plus DirPort if you enabled it). If you have a - hardware firewall (Linksys box, cable modem, etc) you might find <a - href="http://portforward.com/%22%3Eportforward.com</a> useful. Also, make sure you - allow all <em>outgoing</em> connections too, so your relay can reach the - other Tor relays. - </p> - - <p>Restart your relay. If it <a - href="<page docs/faq>#Logs">logs - any warnings</a>, address them. - </p> - - <p>As soon as your relay manages to connect to the network, it will - try to determine whether the ports you configured are reachable from - the outside. This step is usually fast, but may take up to 20 - minutes. Look for a <a href="<page docs/faq>#Logs">log entry</a> like - <pre>Self-testing indicates your ORPort is reachable from the outside. Excellent.</pre> - If you don't see this message, it means that your relay is not reachable - from the outside &mdash; you should re-check your firewalls, check that it's - testing the IP and port you think it should be testing, etc. - </p> - - <p>When your relay has decided that it's reachable, it will upload a "server - descriptor" to the directories, to let clients know - what address, ports, keys, etc your relay is using. You can search <a - href="https://atlas.torproject.org/%22%3EAtlas</a> or <a - href="https://globe.torproject.org/%22%3EGlobe</a> for - the nickname you configured, to make sure it's there. You may need to wait - up to one hour for the directories to publish the new server information.</p> - - <hr> - <a id="after"></a> - <h2><a class="anchor" href="#after">Once your relay is working</a></h2> - <br> - - <p>To learn more about the proper care and feeding for your relay, - see the advice on the <a href=<page docs/tor-relay-debian>#after>Tor - relay on Debian/Ubuntu</a> page. - </p> - - <hr> - - <p>If you have suggestions for improving this document, please <a - href="<page about/contact>">send them to us</a>. Thanks - for helping to make the Tor network grow!</p> + The Tor Relay documentation moved to the <a href="<wiki>TorRelayGuide">wiki</a>. </div> <!-- END MAINCOL --> <div id = "sidecol"> diff --git a/docs/en/tor-relay-debian.wml b/docs/en/tor-relay-debian.wml index 10bebc7c..c470c444 100644 --- a/docs/en/tor-relay-debian.wml +++ b/docs/en/tor-relay-debian.wml @@ -10,181 +10,7 @@ <a href="<page docs/tor-doc-relay>">Configure Tor Relay</a> </div> <div id="maincol"> - - <h1>Configuring a Tor relay on Debian/Ubuntu</h1> - - <hr> - - <p> - The Tor network relies on volunteers to donate bandwidth. The more - people who run relays, the faster the Tor network will be. If you have - at least 250 kilobytes/s each way, please help out Tor by configuring your - Tor to be a relay too. - </p> - - <hr> - <a id="zero"></a> - <a id="install"></a> - <h2><a class="anchor" href="#install">Step One: Download and Install Tor</a></h2> - <br> - - <p>If you're on Debian, start with "apt install tor".</p> - - <p><b>Do not use the packages in Ubuntu's universe.</b> If you're - on Ubuntu or if you want to track newer Tor packages, follow the - <a href="<page docs/debian>#ubuntu">Tor on Ubuntu or Debian</a> - instructions to use our repository. - </p> - - <p>For other Unix/Linux users, you can download Tor from one of our - <a href="<page download/download-unix>">repositories</a>.</p> - - <hr> - <a id="setup"></a> - <h2><a class="anchor" href="#setup">Step Two: Set it up as a relay</a></h2> - - <p> - 1. Make sure your clock, date, and timezone are set correctly. Install - the ntp or openntpd (or similar) package to keep it that way. - </p> - - <p> - 2. Edit the bottom part of <a href="<page - docs/faq>#torrc">/etc/tor/torrc</a>. Define an ORPort. <b>Note - that public relays default to being <a href="<page - docs/faq>#ExitPolicies">exit relays</a></b> &mdash; either change your - ExitPolicy line or read our <a -href="<wiki>/doc/TorExitGuidelines">guidelines - for exit relay operators</a>. Be sure to set your ContactInfo line - so we can contact you if you need to upgrade or something goes wrong. - </p> - - <p> - 3. If you are using a firewall, open a hole in your firewall - so incoming connections can reach the ports you configured - (ORPort, plus DirPort if you enabled it). If you have a - hardware firewall (Linksys box, cablemodem, etc) you might like <a - href="http://portforward.com/%22%3Eportforward.com</a>. Also, make sure you - allow all <em>outgoing</em> connections too, so your relay can reach the - other Tor relays. - </p> - - <p> - 4. Restart your relay: "systemctl reload tor" (as root). - </p> - - <hr> - <a id="check"></a> - <h2><a class="anchor" href="#check">Step Three: Make sure it is working</a></h2> - <br> - - <p>Once your relay connects to the network, it will - try to determine whether the ports you configured are reachable from - the outside. This step is usually fast, but it may take a few minutes. - Look for a <a href="<page docs/faq>#Logs">log entry</a> in your - /var/log/tor/log like - <tt>Self-testing indicates your ORPort is reachable from the outside. Excellent.</tt> - If you don't see this message, it means that your relay is not reachable - from the outside &mdash; you should re-check your firewalls, check that it's - testing the IP and port you think it should be testing, etc. - </p> - - <p>When it decides that it's reachable, it will upload a "server - descriptor" to the directory authorities, to let clients know - what address, ports, keys, etc your relay is using. After a few - hours (to give it enough time to propagate), you can query - <a href="https://atlas.torproject.org/">Atlas</a> to see whether your - relay has successfully registered in the network.</p> - - <hr> - <a id="after"></a> - <h2><a class="anchor" href="#after">Step Four: Once it is working</a></h2> - <br> - - <p> - 5. Read - <a href="<wiki>doc/OperationalSecurity">about operational security</a> - to get ideas how you can increase the security of your computer. - </p> - - <p> - 6. Decide about rate limiting. Cable modem, DSL, and other users - who have asymmetric bandwidth (e.g. more down than up) should - rate limit to their slower bandwidth, to avoid congestion. See the <a - href="<page docs/faq>#BandwidthShaping">rate - limiting FAQ entry</a> for details. - </p> - - <p> - 7. If your computer isn't running a webserver, and you haven't set - AccountingMax, please consider - changing your ORPort to 443 and/or your DirPort to 80. Many Tor users - are stuck behind firewalls that only let them browse the web, and - this change will let them reach your Tor relay. If you are already - using ports 80 and 443, other useful ports are 22, 110, and 143. - </p> - - <p> - 8. Consider backing up your Tor relay's private keys - ("/var/lib/tor/keys/secret_id_key" and - "/var/lib/tor/keys/ed25519_master_id_secret_key"). - You'll need these identity keys to - <a href="<page docs/faq>#UpgradeOrMove">move or restore your Tor relay</a>. - </p> - - <p> - 9. If you run an exit relay (great!), don't miss out on our <a - href="<wiki>doc/TorExitGuidelines">Exit Guidelines</a>, including - setting your reverse DNS hostname to make it obvious that you're - a Tor exit relay, and serving the <a - href="<gitblob>contrib/operator-tools/tor-exit-notice.html">Tor - exit notice</a> page on your DirPort. - </p> - - <p> - 10. Subscribe to the <a - href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce%22%3Etor-...</a> - mailing list. It is very low volume, and it will keep you informed - of new stable releases. - As a relay operator, you should consider subscribing to the - <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays"> - tor-relays mailing list</a> too. - We have more <a href="<page docs/documentation>#MailingLists">mailing - lists</a> as well. - </p> - - <p> - 11. Read the <a - href="https://blog.torproject.org/blog/lifecycle-of-a-new-relay%22%3E%22Lifecycle - of a New Relay"</a> document to learn what sort of activity and usage - patterns you can expect during your relay's first weeks of operation. - </p> - - <p> - 12. If you want to run more than one relay that's great, but please set <a - href="<page docs/faq>#MultipleRelays">the - MyFamily option</a> in all your relays' configuration files. - </p> - - <p> - 13. You might like to use the <a - href="https://nyx.torproject.org/%22%3ENyx</a> relay monitor to watch - your relay's activities from the command line. First, "sudo pip install - nyx". Second, as the user that will be running nyx, run - "sudo adduser $USER debian-tor" to add your user to the debian-tor - group so it can reach Tor's controlsocket. Then log out and log back - in (so your user is actually in the group), and run "nyx". - </p> - - <p> - 14. When you change your Tor configuration, remember to verify that - your relay still works correctly after the change. - </p> - - <hr> - - <p>If you have suggestions for improving this document, please <a - href="<page about/contact>">send them to us</a>. Thanks!</p> + The Tor Relay documentation moved to the <a href="<wiki>TorRelayGuide">wiki</a>. </div> <!-- END MAINCOL --> <div id = "sidecol">