[tor-bugs] #13089 [Onionoo]: use an embedded web server/servlet engine for Onionoo
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Sep 16 17:08:34 UTC 2014
#13089: use an embedded web server/servlet engine for Onionoo
-----------------------------+-----------------
Reporter: iwakeh | Owner:
Type: enhancement | Status: new
Priority: major | Milestone:
Component: Onionoo | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------+-----------------
Changes (by karsten):
* priority: minor => major
Comment:
Let's ignore performance measurements for now and assume that embedded
Tomcat will be fast enough.
The reason I'm pushing this is that I just broke the Onionoo service for
over an hour. I *think* the problem was that the Tomcat on the production
system still uses Java 6 and didn't like my Java 7 .war. And it didn't
like it to the extent that it didn't even let me deploy an older .war
compiled for Java 6. I had to ask sysadmins to delete the extracted .war
and restart Tomcat. I'm now feeling uncomfortable deploying new Onionoo
versions on the server. Let's try to get rid of Tomcat really soon if we
can, so that we have more control over the service, even without being
root. (The alternative is to uninstall Java 7 and switch back to Java 6
on the production system, but that seems backward.)
Speaking of, I just discussed the embedded Tomcat idea with our sysadmin,
and they'd like us to run the two `java` processes as two different users
for added security; the hourly cronjob would have permissions to write
files to `/srv/onionoo.torproject.org/onionoo/`, and the serving process
would only have read permissions to those files.
I'm going to start the switch to embedded Tomcat tomorrow, unless you
already have a patch or partial patch.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13089#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list