[tor-relays] relayor: automation for relay operators (ansible)

Nusenu nusenu at openmailbox.org
Fri Feb 27 21:53:53 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

computers are better at doing repeatable things over and over again so
let them take care of boring tasks.

Based on David's ansible-tor [1] I created an ansible role to make
relay operations more convenient (see the initial commit message for a
longer list of changes).

https://github.com/nusenu/relayor

Core features:

- - configure multipe tor instances on a server automatically
	generates two instances per available IP address
	(Memory auto detection is not implemented yet)
- - take care of MyFamily automatically
- - user configurable Nickname prefix
- - easy Exit/Non-Exit setting (boolean)
- - alpha vs. stable releases (boolean)

Supported platforms:
	- Debian
	- CentOS
	- OpenBSD

Everything is still fresh, so I would NOT recommend to use this on
production relays. Testing and review is appreciated.

There is still a crucial piece missing (init scripts), but I hope tor
packagers are willing to incorporate multi-init support patches (see
issues).

I also have parts that adds monitoring (munin+vnstat+webserver) but
that will go into a separate role.


If you have never heard of ansible, it speaks to your servers using
SSH and does not require an agent or a central management server -
just run it from you client machine.
http://www.ansible.com/resources (not entirely torbrowser friendly)
http://docs.ansible.com

If you are planing to run this role over tor when connecting to your
servers, make sure you have the following set in your ~/.ansible.cfg:
ssh_args = -o ControlMaster=auto -o ControlPersist=60s


This ansible role is not about bridges or hidden services, but I'd
like to add "management HSes" (SSH and monitoring) in the future.

Nusenu

[1] https://github.com/david415/ansible-tor
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJU8OdxAAoJEFv7XvVCELh0Aw0P/AiiprSbE5apWUtrCoyrO5GN
MKRfwpvy/BGrKjOjBZAtIs+8+AMaRQXV54CUIG0QlewnVgWRUyXA635OIAY43hFR
BY/In1IiSXcqKyjaTsM4No/Nh+tvdj2rt+MoYvrMTVQVl8i+CYQKt4ypHjRN1cGS
OIdP/AWi9tt/eAl+IgUNf4/pud94UbruDfGHtDQ4xGeReNdo64Q92c2QicFOdwNc
fIqrhb/aWydfgQehmjSAXM9i9WfBi5vMSh7D5lUxheqhEmjSiV1bw8mvQML+kXse
nwv7AZj0MkoBYqTd0t3h1JJwPXt0Vjfi3ZZNPlOTx6gZmPfbgrezya+TrWHQy65M
rw6B3E3L5UDjkJ1k3cyJWvtpUSyYCqzcUDIq6+gQxZhGH0pWQhutxqdt5C5S+qn7
9hWJcDUyjeSFwxRfhLphiSrPQEue6Eox+EWzcSh4YQh8hol/P8Ev5C4P/yavWF0m
w0jGbQoVIwz0jMhZwW9w6KxmaZO68/3aEfWUXjLFg/DCp/nLXqR1kHxuiLgO/sd6
QumoOjxqu9KwV9crQX86dl9oMFFvUb7l1WqidMVZIR81WQkDIVWoypvxCnG2QhDo
Z4Nily3qg3I3nW+QLTIY8XjUkVMLV/1kky9ETDb2Vvz0uR2H5tyZR6I9hQ4FaGHt
Xjm7kZ9JgRZjixqyAhTz
=/jyQ
-----END PGP SIGNATURE-----


More information about the tor-relays mailing list