Hello,
Note - to others that have sent me emails about a proposed project, I will respond, I’m sorry I just got caught up in a huge emergency project.
Anyway, I had a quick question, on the relay side I run ConradsOVHRelay01 (Relay) and ConradsOVHRelay02 (Exit). They’re running on CentOS, so I have to manually install the latest version of tor to keep up with the security updates.
I am considering migrating to Ubuntu or Debian to make the update process simpler. To avoid downtime, would it be better to spin up two more boxes and migrate or would bringing them down for maintenance be acceptable? I would like to avoid downtime personally, as they’re stable, fast relays.
I’m just looking for thoughts and ideas.
Thanks,
Conrad
On Sun, Jan 21, 2018 at 03:52:27AM -0600, Conrad Rockenhaus wrote:
Anyway, I had a quick question, on the relay side I run ConradsOVHRelay01 (Relay) and ConradsOVHRelay02 (Exit). They???re running on CentOS, so I have to manually install the latest version of tor to keep up with the security updates.
Thanks for running two relays!
I am considering migrating to Ubuntu or Debian to make the update process simpler. To avoid downtime, would it be better to spin up two more boxes and migrate or would bringing them down for maintenance be acceptable? I would like to avoid downtime personally, as they???re stable, fast relays.
I'd say do whichever one you would find more fun.
If you take them down for maintenance and to switch OSes, this is totally fine, and their reputation will recover after a while -- and in any case even if they e.g. lose the Guard flag for a bit, they'll be used for other roles until they get it back.
If you want to do the more complicated approach of spinning up two new computers, configuring them, and then copying the keys and nicknames and etc over, so you have less downtime, that is also totally fine.
In sum: do the one that will bring you more joy. :)
Thanks, --Roger
Conrad Rockenhaus:
They’re running on CentOS, so I have to manually install the latest version of tor to keep up with the security updates.
I am considering migrating to Ubuntu or Debian to make the update process simpler.
EPEL repos ship tor 0.2.9.14 - that version should be just fine from a security perspective, but I agree that you will get security updates faster on Debian based systems if you use the torproject's repository.
If you want to run tor 0.3.2.x on CentOS you might want to track: https://bugzilla.redhat.com/show_bug.cgi?id=1532909 https://copr.fedorainfracloud.org/coprs/maha/tor-latest/
tor-relays@lists.torproject.org
-
Conrad Rockenhaus -
nusenu -
Roger Dingledine