[tor-bugs] #2301 [BridgeDB]: migrate bridgedb to tor server

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Mon Jan 30 13:21:04 UTC 2012 

#2301: migrate bridgedb to tor server
----------------------+-----------------------------------------------------
 Reporter:  phobos    |          Owner:  phobos           
     Type:  defect    |         Status:  needs_information
 Priority:  normal    |      Milestone:                   
Component:  BridgeDB  |        Version:                   
 Keywords:            |         Parent:  #4380            
   Points:            |   Actualpoints:                   
----------------------+-----------------------------------------------------

Comment(by arma):

 Replying to [comment:5 aagbsn]:
 > ponticum.tpo is the new VM. Is the existing (bridges.tpo)
 configuration/security documented anywhere?

 Sounds like setting up the new one is the perfect time to document how to
 do it. ;) We should work to simplify the set-up, and work to isolate the
 parts that need to stay secret (like keys) so the rest can be documented
 in public.

 Here's a starting list of items to investigate:

 - You'll want the apache conf stanza for redirecting
 http://bridges.torproject.org/ to the https version, and for proxypassing
 the https version to the bridgedb service. I emailed it to you.

 - You'll want to get an ssl cert for bridges.torproject.org. I think right
 now it uses a wildcard cert, but maybe that's a less wise idea for its new
 home. I bet Andrew will have an opinion here.

 - You'll want some smtp forwarding lines from your postfix-or-whatever-
 that-knows-how-to-do-optimistic-tls to the bridgedb smtp port. I'm not
 sure what the current lines are. Also, somewhere in the process something
 needs to check the dkim signature on incoming mail -- that used to be a
 separate dkim proxy, but maybe bridgedb has a dkim python module now.

 - You'll want the bridgedb.conf file. I just sent it to you.

 - You'll want various secrets, databases, etc if you want Karsten's
 "clean" transition plan.

 - You'll want a way of getting the bulk-exitlist file. Right now moria1
 generates it twice an hour (at the :20 and :50) and makes it available via
 http. Then bridgedb sucks it down via a cron (at the :00 and :30) and hups
 bridgedb. Eventually you'll want to switch to pulling down the
 bulkexitlist as exported by torbel, but that doesn't exist yet.

 - At :07 and :37, Tonga tars up the bridge descriptors and bridge
 networkstatus and ssh'es it to bridgedb, which has a special
 authorized_keys line that makes it run bin/store-bridge-tarball, which
 makes a backup copy of the tarball and then untars it into bridgedb's
 working directory. It looks like the script doesn't hup bridgedb, but I
 think that's a bug.

 - bridges rsyncs its bridge-directories (backup) directory to metrics.tp.o
 on an hourly basis. The bridge tarball directory gets big really fast.

 - Once a day we send email to the people who are configured to get the
 'unallocated' bridges. I think those emails might be broken currently --
 or maybe kaner just took me off the cc list. More likely byblos has some
 config or iptables rule that is preventing them from going out.

 - When things are set up, make sure all the places that expect to cron an
 ssh somewhere have done the ssh manually at least once, to store the
 expected fingerprint in the right place.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2301#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list