[tor-relays] new ansible-tor features: automatic instance configuration + automatic MyFamily generation (PATCH)
David Stainton
dstainton415 at gmail.com
Tue Feb 17 19:15:37 UTC 2015
Howdy,
I didn't mean to imply that Moritz or any torservers.net people are
using my Ansible role... I have no idea how they maintain their tor
relays... I just meant to say that when I was initially starting to
write this ansible role I asked about what sort of features are
needed.
I think your features additions here are really excellent... and
obviously much less hassle to use... which is why we should add them!
Nusenu, I will be in Valencia, Spain for the tor-dev meeting... if you
are going to be there too then I hope we can meet up and collaborate
in person.
Cheers,
David
On Tue, Feb 17, 2015 at 5:29 PM, Nusenu <nusenu at openmailbox.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> Hi,
>
> For reference, this thread started here [2].
>
> Arzhel and Moritz, could you comment on whether you prefer to manually
> create/specify tor instances (via 'proc_instances') as you do here
> [1], or whether you would make use of an instance auto configuration
> (two instances per IP - see example here [2])?
>
> If you prefer manual configuration: Do your manual steps follow any
> specific design that could be automated as well or are these steps
> unpredictable? :)
>
> [1]
> https://github.com/XioNoX/moz-tor-relays/blob/master/host_vars/tor-relay1
> [2]
> https://lists.torproject.org/pipermail/tor-relays/2015-February/006414.html
>
>
> David Stainton wrote:
>>> - - the directory layout change is more cosmetic but your current
>>> way (everything in /etc) is rather unusual and as an example
>>> would require custom logrotate configuration that wouldn't be
>>> required otherwise
>>
>> OK... I don't have a strong opinion... and I think the parent
>> directory for all this should be configuration via a role variable
>> so that the user can specify.
>
> The user is free to specify the vars in a flexible way. Defaults in
> the patch are:
> tor_ConfDir: /etc/tor
> tor_PidDir: /var/run/tor
> tor_LogDir: /var/log/tor
> tor_DataDir: /var/lib/tor
>
>> However I initially created this Ansible role to help Moritz of
>> torservers.net and those people that may be working for him;
>> therefore pull requests and feedback helps; for instance Moritz
>> specified several features it should have... and an engineer
>> working for Mozilla chatted with me about the features they
>> needed; then he sent me a pull request on github.
>
> I'm surprised that Moritz didn't ask for automatic MyFamily generation ;)
>
>
>>>> I'd be much more likely to merge your patches if they were one
>>>> feature per patch... instead of this monolithic patch with many
>>>> features.
>>>
>>> Yes, that is what I expected, but then I thought that the two
>>> main changes code wise (autoconfig + directory structure) are
>>> dependent on each other anyway. Merging autoconfig without the
>>> directory restructuring (or vice versa) wouldn't be much fun
>>> since these modifications always touch overlapping areas. If you
>>> want to add it as additional option, including it as a separate
>>> yml in tasks/main.yml + separate torrc is also a possibility -
>>> but probably not the nicest way (duplicate code, multiple
>>> torrc's).
>>>
>>
>> OK... I agree with you... but let's make this a seperate yml task
>> file; your use is quite different than most of the entities
>> currently using this ansible role. So let's add these as a new task
>> file instead of modifying the existing task file.
>
> That is fine with me.
>
> regards,
> Nusenu
> -----BEGIN PGP SIGNATURE-----
>
> iQIcBAEBCgAGBQJU43p9AAoJEFv7XvVCELh0slEP/ijRiS3LTdKMyhZU7RVj9Gh9
> ixkjt6Kc32naohTXGpRxDB2V9fAMex9z01PnX/1zZVc+9bOcJaCHcVHFm8gEgm5j
> YDCMcggwbAwBKJHvuD1MtQeVP50LGJE40Fl7IrtpLvsu5d7z6jEl+uNYxbqLVHVQ
> 5dM0XOfZx7miIFcJDdTe4EoBVxHSCewBLBOmJ9N831q+HTaGdRni4FpGdeiQT/G9
> m6Ny3P6qNusBuEBxV4tNLapxTKmq1ntzoWG693SWCXhsVePT4+5kuOCyiBT1Zlmn
> ghdK+5BCWy5rSsEg0SzIxShcPP62BWiGPqexKzpYOG+JpHEEWScBETJ/r1jGy4M9
> tcEA7p/UFBRJ8EVDp5cy+ZuTxfNLdZ4Cq6CdfBUSpLjFbJNJKPnyc2nKEAzLmyW+
> XMOIvXNZgjcbBkKl4O5rNzpKvp+APzXtAtbVl6TcvnSm7FErEeKV5FsGN96ae4YM
> T8bv5WKsYtEo1ofc9kf1V9VYoXcMmsNqH5TZau2vXnke9a0e20YXcW0TXUXlGkiq
> uLukfbVvl+3FfnaNgEiRsv7N3cVPp9BFsJSAOo061vKSCBqBbNlTtUS1ozHRSeS8
> CetkzTZvOzo2qVMEGk21kNyneH8JlfIEOZpEAHPDmQShP4wvONmpbWBH+BeYHVEX
> S89m257Cp1S2PG8X6Py4
> =1MDB
> -----END PGP SIGNATURE-----
More information about the tor-relays
mailing list