[tor-relays] My current node setup

Nyasaki Server nyasaki.srv at gmail.com
Tue Jun 7 15:25:18 UTC 2022 

Hi to all new ppl that may have joined after the sysadmin101 workshop.

I decided to share my setup here in case any newbies are interested and
maybe somebody who is doing this for a while longer than me sees any flaws
in my setup.

Feedback is always welcome!

I was tired of using the debian testing for running my node and decided to
redo my node with arch because of the fast package updates and rolling
release model.

Currently my setup consists of 3 servers:

Exit-Node:
Archlinux with tor, unbound and prometheus running, prometheus is a nice
metric collection service that nicely collects the statics that tor
exposes. It's a VPS hosted at Terrahost in Norway for 20$ / month with 2
vCPU’s and 4GB Memory. Unbound only resolves requests from localhost, due
to a high percentage of DNS timeouts in the past I decided to use this just
as backup and resolve everything else via the dedicated DNS server.

Tor is set up to expose the metrics to localhost, where prometheus is
running.
The actual prometheus metrics port is just allowed for 1 IP, thats the one
my Dashboard server has.

The firewall is set up to allow every port that's listed in my torrc, my
non-default ssh port and the IP of my dashboard for the metrics port.


DNS:

Ubuntu 22.04 LTS (due to oracle clouds small selection of images) with
unbound as DNS and prometheus. Hosted at Oracle Cloud via the free tier
with 1 vCPU and 1GB Memory.
The firewall is open for DNS requests from my node ip, metrics requests
from my dashboard IP and non-default ssh port.

Dashboard:
Ubuntu 22.04 LTS with unbound as DNS and prometheus. Hosted at Oracle Cloud
via the free tier with 1 vCPU and 1GB Memory. There's a Grafana dashboard
and the Prometheus server running.
Again all ports blocked but ssh and http/https are open

Image of the Dashboard
https://imgur.com/a/fYpRD8O

My Node
https://metrics.torproject.org/rs.html#details/017342E197B8C575A5C5301CD008780DD7752863

My GPG Key
https://keyserver.ubuntu.com/pks/lookup?search=nyasaki.srv%40gmail.com&fingerprint=on&op=index
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20220607/9a26727e/attachment.htm>

More information about the tor-relays mailing list