[tor-commits] [flashproxy/master] Merge branch 'fac-build'
infinity0 at torproject.org
infinity0 at torproject.org
Thu Nov 21 13:18:47 UTC 2013
commit 4ff2130c877f931ccd1e892fd96652a481003ae7
Merge: 6de8015 4c554d7
Author: Ximin Luo <infinity0 at gmx.com>
Date: Wed Nov 20 16:05:12 2013 +0000
Merge branch 'fac-build'
Conflicts:
facilitator/doc/facilitator-howto.txt
Makefile | 12 +-
facilitator/.gitignore | 28 ++
facilitator/INSTALL | 31 ++
facilitator/Makefile | 21 --
facilitator/Makefile.am | 149 ++++++++
facilitator/README | 37 +-
facilitator/appengine/README | 11 -
facilitator/appengine/app.yaml | 3 +-
facilitator/appengine/config.go | 16 +
facilitator/appengine/fp-reg.go | 7 +-
facilitator/autogen.sh | 2 +
facilitator/configure.ac | 49 +++
facilitator/default/facilitator | 11 +
facilitator/default/facilitator-email-poller | 7 +
facilitator/default/facilitator-reg-daemon | 11 +
facilitator/doc/appengine-howto.txt | 56 ---
facilitator/doc/appspot-howto.txt | 72 ++++
facilitator/doc/email-howto.txt | 75 ++++
facilitator/doc/facilitator-design.txt | 44 +++
facilitator/doc/facilitator-howto.txt | 199 -----------
facilitator/doc/gmail-howto.txt | 61 ----
facilitator/doc/http-howto.txt | 49 +++
facilitator/doc/server-howto.txt | 55 +++
facilitator/examples/facilitator-relays | 7 +
facilitator/examples/fp-facilitator.conf.in | 30 ++
facilitator/examples/reg-email.pass | 10 +
facilitator/fac.py | 35 +-
facilitator/facilitator | 16 +-
facilitator/facilitator-email-poller | 47 ++-
facilitator/facilitator-test | 437 -----------------------
facilitator/facilitator-test.py | 439 ++++++++++++++++++++++++
facilitator/init.d/facilitator | 120 -------
facilitator/init.d/facilitator-email-poller | 119 -------
facilitator/init.d/facilitator-email-poller.in | 131 +++++++
facilitator/init.d/facilitator-reg-daemon | 119 -------
facilitator/init.d/facilitator-reg-daemon.in | 132 +++++++
facilitator/init.d/facilitator.in | 133 +++++++
facilitator/relays | 4 -
38 files changed, 1591 insertions(+), 1194 deletions(-)
diff --cc facilitator/doc/server-howto.txt
index 0000000,6f71772..bf1bb0b
mode 000000,100644..100644
--- a/facilitator/doc/server-howto.txt
+++ b/facilitator/doc/server-howto.txt
@@@ -1,0 -1,55 +1,55 @@@
+ This document describes how to configure a server running the facilitator on
+ Debian 7. It is not necessary to make things work, but gives you some added
+ security, and is a good reference if you want to create a dedicated VM for a
+ facilitator from scratch.
+
+ We will use the domain name fp-facilitator.example.com.
+
+ == Basic and security setup
+
+ Install some essential packages and configure a firewall.
+
+ # cat >/etc/apt/apt.conf.d/90suggests<<EOF
+ APT::Install-Recommends "0";
+ APT::Install-Suggests "0";
+ EOF
- # apt-get remove portmap
++ # apt-get remove rpcbind
+ # apt-get update
+ # apt-get upgrade
+ # apt-get install shorewall shorewall6
+
+ Away from the facilitator, generate an SSH key for authentication:
+
+ $ ssh-keygen -f ~/.ssh/fp-facilitator
+ $ ssh-copy-id -i ~/.ssh/fp-facilitator.pub root at fp-facilitator.example.com
+
+ Then log in and edit /etc/ssh/sshd_config to disable password
+ authentication:
+
+ PasswordAuthentication no
+
+ Configure the firewall to allow only SSH and HTTPS.
+
+ # cd /etc/shorewall
+ # cp /usr/share/doc/shorewall/examples/Universal/{interfaces,policy,rules,zones} .
+ Edit /etc/shorewall/rules:
+ SECTION NEW
+ SSH(ACCEPT) net $FW
+ HTTPS(ACCEPT) net $FW
+
+ # cd /etc/shorewall6
+ # cp /usr/share/doc/shorewall6/examples/Universal/{interfaces,policy,rules,zones} .
+ Edit /etc/shorewall6/rules:
+ SECTION NEW
+ SSH(ACCEPT) all $FW
+ HTTPS(ACCEPT) all $FW
+
+ Edit /etc/default/shorewall and /etc/default/shorewall6 and set
+
+ startup=1
+
+ Restart servers.
+
+ # /etc/init.d/ssh restart
+ # /etc/init.d/shorewall start
+ # /etc/init.d/shorewall6 start
More information about the tor-commits
mailing list