Browse code

Bug 24881: consolidate relay setup information (new guide)

Replace old content with a pointer to the new Tor Relay Guide.

nusenu authored on19/01/2018 20:08:37
Showing2 changed files
... ...
@@ -10,118 +10,7 @@
10 10
     <a href="<page docs/tor-doc-relay>">Configure Tor Relay</a>
11 11
   </div>
12 12
   <div id="maincol">
13
-
14
-    <h1>Configuring a Tor relay</h1>
15
-
16
-    <hr>
17
-
18
-    <p>
19
-    The Tor network relies on volunteers to donate bandwidth. The more
20
-    people who run relays, the faster the Tor network will be. If you have
21
-    at least 2 megabits/s for both upload and download, please help out
22
-    Tor by configuring your Tor to be a relay too.
23
-    </p>
24
-
25
-    <p>You can run a Tor relay on pretty much any operating system. Tor relays
26
-    work best on current distributions of Linux, FreeBSD, NetBSD, and
27
-    Windows Server.
28
-    </p>
29
-
30
-    <p>
31
-    The best approach for most users is to <a href="<page
32
-    docs/tor-relay-debian>">run your relay on Debian or Ubuntu</a> using
33
-    the system Tor package &mdash; the deb takes care of running Tor as a
34
-    separate user, making sure it has enough file descriptors available,
35
-    starting it at boot, and so on. Tor relays also run nicely on other
36
-    Linux flavors, and on FreeBSD and NetBSD for those who are comfortable
37
-    with those operating systems.
38
-    </p>
39
-
40
-    <hr>
41
-    <a id="torrc"></a>
42
-    <h2><a class="anchor" href="#torrc">Configure Tor by editing the torrc file</a></h2>
43
-    <br />
44
-
45
-    <p>
46
-    Tor's
47
-    configuration file is named 'torrc'.</p>
48
-    <p>Locate the file on your system, open it with a text editor and add the
49
-    following lines:</p>
50
-
51
-    <pre>
52
-    ORPort 443
53
-    Exitpolicy reject *:*
54
-    Nickname ididntedittheconfig
55
-    ContactInfo human@...
56
-    </pre>
57
-
58
-# TODO: Update link to PT setup docs
59
-    <p>If you want to be a bridge, read about the BridgeRelay and
60
-    ServerTransportPlugin values <a
61
-    href="<page docs/pluggable-transports>">on
62
-    this page</a>.</p>
63
-
64
-    <p>Tor will use all your bandwidth if you don't set limits for it. Some
65
-    options are described in <a href="<page docs/faq>#LimitTotalBandwidth">these</a>
66
-    <a href="<page docs/faq>#BandwidthShaping">FAQ entries</a>.</p>
67
-
68
-    <p>See the <a href="https://gitweb.torproject.org/tor.git/plain/src/config/torrc.sample.in">sample
69
-    torrc file</a> and the <a
70
-    href="<page docs/tor-manual>">man
71
-    page</a> for other Tor options you may want to set.</p>
72
-
73
-    <hr>
74
-    <a id="check"></a>
75
-    <h2><a class="anchor" href="#check">Make sure your relay is reachable</a></h2>
76
-    <br>
77
-
78
-    <p>If you are using a firewall, open a hole in your firewall
79
-    so incoming connections can reach the ports you configured
80
-    (ORPort, plus DirPort if you enabled it). If you have a
81
-    hardware firewall (Linksys box, cable modem, etc) you might find <a
82
-    href="http://portforward.com/">portforward.com</a> useful. Also, make sure you
83
-    allow all <em>outgoing</em> connections too, so your relay can reach the
84
-    other Tor relays.
85
-    </p>
86
-
87
-    <p>Restart your relay. If it <a
88
-    href="<page docs/faq>#Logs">logs
89
-    any warnings</a>, address them.
90
-    </p>
91
-
92
-    <p>As soon as your relay manages to connect to the network, it will
93
-    try to determine whether the ports you configured are reachable from
94
-    the outside. This step is usually fast, but may take up to 20
95
-    minutes. Look for a <a href="<page docs/faq>#Logs">log entry</a> like
96
-    <pre>Self-testing indicates your ORPort is reachable from the outside. Excellent.</pre>
97
-    If you don't see this message, it means that your relay is not reachable
98
-    from the outside &mdash; you should re-check your firewalls, check that it's
99
-    testing the IP and port you think it should be testing, etc.
100
-    </p>
101
-
102
-    <p>When your relay has decided that it's reachable, it will upload a "server
103
-    descriptor" to the directories, to let clients know
104
-    what address, ports, keys, etc your relay is using. You can search <a
105
-    href="https://atlas.torproject.org/">Atlas</a> or <a
106
-    href="https://globe.torproject.org/">Globe</a> for
107
-    the nickname you configured, to make sure it's there. You may need to wait
108
-    up to one hour for the directories to publish the new server information.</p>
109
-
110
-    <hr>
111
-    <a id="after"></a>
112
-    <h2><a class="anchor" href="#after">Once your relay is working</a></h2>
113
-    <br>
114
-
115
-    <p>To learn more about the proper care and feeding for your relay,
116
-    see the advice on the <a href=<page docs/tor-relay-debian>#after>Tor
117
-    relay on Debian/Ubuntu</a> page.
118
-    </p>
119
-
120
-    <hr>
121
-
122
-    <p>If you have suggestions for improving this document, please <a
123
-    href="<page about/contact>">send them to us</a>. Thanks
124
-    for helping to make the Tor network grow!</p>
13
+  The Tor Relay documentation moved to the <a href="<wiki>TorRelayGuide">wiki</a>.
125 14
   </div>
126 15
   <!-- END MAINCOL -->
127 16
   <div id = "sidecol">
... ...
@@ -10,181 +10,7 @@
10 10
     <a href="<page docs/tor-doc-relay>">Configure Tor Relay</a>
11 11
   </div>
12 12
   <div id="maincol">
13
-
14
-    <h1>Configuring a Tor relay on Debian/Ubuntu</h1>
15
-
16
-    <hr>
17
-
18
-    <p>
19
-    The Tor network relies on volunteers to donate bandwidth. The more
20
-    people who run relays, the faster the Tor network will be. If you have
21
-    at least 250 kilobytes/s each way, please help out Tor by configuring your
22
-    Tor to be a relay too.
23
-    </p>
24
-
25
-    <hr>
26
-    <a id="zero"></a>
27
-    <a id="install"></a>
28
-    <h2><a class="anchor" href="#install">Step One: Download and Install Tor</a></h2>
29
-    <br>
30
-
31
-    <p>If you're on Debian, start with "apt install tor".</p>
32
-
33
-    <p><b>Do not use the packages in Ubuntu's universe.</b> If you're
34
-    on Ubuntu or if you want to track newer Tor packages, follow the
35
-    <a href="<page docs/debian>#ubuntu">Tor on Ubuntu or Debian</a>
36
-    instructions to use our repository.
37
-    </p>
38
-
39
-    <p>For other Unix/Linux users, you can download Tor from one of our
40
-    <a href="<page download/download-unix>">repositories</a>.</p>
41
-
42
-    <hr>
43
-    <a id="setup"></a>
44
-    <h2><a class="anchor" href="#setup">Step Two: Set it up as a relay</a></h2>
45
-
46
-    <p>
47
-    1. Make sure your clock, date, and timezone are set correctly. Install
48
-    the ntp or openntpd (or similar) package to keep it that way.
49
-    </p>
50
-
51
-    <p>
52
-    2. Edit the bottom part of <a href="<page
53
-    docs/faq>#torrc">/etc/tor/torrc</a>. Define an ORPort. <b>Note
54
-    that public relays default to being <a href="<page
55
-    docs/faq>#ExitPolicies">exit relays</a></b> &mdash; either change your
56
-    ExitPolicy line or read our <a
57
-href="<wiki>/doc/TorExitGuidelines">guidelines
58
-    for exit relay operators</a>. Be sure to set your ContactInfo line
59
-    so we can contact you if you need to upgrade or something goes wrong.
60
-    </p>
61
-
62
-    <p>
63
-    3. If you are using a firewall, open a hole in your firewall
64
-    so incoming connections can reach the ports you configured
65
-    (ORPort, plus DirPort if you enabled it). If you have a
66
-    hardware firewall (Linksys box, cablemodem, etc) you might like <a
67
-    href="http://portforward.com/">portforward.com</a>. Also, make sure you
68
-    allow all <em>outgoing</em> connections too, so your relay can reach the
69
-    other Tor relays.
70
-    </p>
71
-
72
-    <p>
73
-    4. Restart your relay: "systemctl reload tor" (as root).
74
-    </p>
75
-
76
-    <hr>
77
-    <a id="check"></a>
78
-    <h2><a class="anchor" href="#check">Step Three: Make sure it is working</a></h2>
79
-    <br>
80
-
81
-    <p>Once your relay connects to the network, it will
82
-    try to determine whether the ports you configured are reachable from
83
-    the outside. This step is usually fast, but it may take a few minutes.
84
-    Look for a <a href="<page docs/faq>#Logs">log entry</a> in your
85
-    /var/log/tor/log like
86
-    <tt>Self-testing indicates your ORPort is reachable from the outside. Excellent.</tt>
87
-    If you don't see this message, it means that your relay is not reachable
88
-    from the outside &mdash; you should re-check your firewalls, check that it's
89
-    testing the IP and port you think it should be testing, etc.
90
-    </p>
91
-
92
-    <p>When it decides that it's reachable, it will upload a "server
93
-    descriptor" to the directory authorities, to let clients know
94
-    what address, ports, keys, etc your relay is using. After a few
95
-    hours (to give it enough time to propagate), you can query
96
-    <a href="https://atlas.torproject.org/">Atlas</a> to see whether your
97
-    relay has successfully registered in the network.</p>
98
-
99
-    <hr>
100
-    <a id="after"></a>
101
-    <h2><a class="anchor" href="#after">Step Four: Once it is working</a></h2>
102
-    <br>
103
-
104
-    <p>
105
-    5. Read
106
-    <a href="<wiki>doc/OperationalSecurity">about operational security</a>
107
-    to get ideas how you can increase the security of your computer.
108
-    </p>
109
-
110
-    <p>
111
-    6. Decide about rate limiting. Cable modem, DSL, and other users
112
-    who have asymmetric bandwidth (e.g. more down than up) should
113
-    rate limit to their slower bandwidth, to avoid congestion. See the <a
114
-    href="<page docs/faq>#BandwidthShaping">rate
115
-    limiting FAQ entry</a> for details.
116
-    </p>
117
-
118
-    <p>
119
-    7. If your computer isn't running a webserver, and you haven't set
120
-    AccountingMax, please consider
121
-    changing your ORPort to 443 and/or your DirPort to 80. Many Tor users
122
-    are stuck behind firewalls that only let them browse the web, and
123
-    this change will let them reach your Tor relay. If you are already
124
-    using ports 80 and 443, other useful ports are 22, 110, and 143.
125
-    </p>
126
-
127
-    <p>
128
-    8. Consider backing up your Tor relay's private keys
129
-    ("/var/lib/tor/keys/secret_id_key" and
130
-    "/var/lib/tor/keys/ed25519_master_id_secret_key").
131
-    You'll need these identity keys to
132
-    <a href="<page docs/faq>#UpgradeOrMove">move or restore your Tor relay</a>.
133
-    </p>
134
-
135
-    <p>
136
-    9. If you run an exit relay (great!), don't miss out on our <a
137
-    href="<wiki>doc/TorExitGuidelines">Exit Guidelines</a>, including
138
-    setting your reverse DNS hostname to make it obvious that you're
139
-    a Tor exit relay, and serving the <a
140
-    href="<gitblob>contrib/operator-tools/tor-exit-notice.html">Tor
141
-    exit notice</a> page on your DirPort.
142
-    </p>
143
-
144
-    <p>
145
-    10. Subscribe to the <a
146
-    href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce">tor-announce</a>
147
-    mailing list. It is very low volume, and it will keep you informed
148
-    of new stable releases.
149
-    As a relay operator, you should consider subscribing to the
150
-    <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays">
151
-    tor-relays mailing list</a> too.
152
-    We have more <a href="<page docs/documentation>#MailingLists">mailing
153
-    lists</a> as well.
154
-    </p>
155
-
156
-    <p>
157
-    11. Read the <a 
158
-    href="https://blog.torproject.org/blog/lifecycle-of-a-new-relay">"Lifecycle 
159
-    of a New Relay"</a> document to learn what sort of activity and usage 
160
-    patterns you can expect during your relay's first weeks of operation.
161
-    </p>
162
-
163
-    <p>
164
-    12. If you want to run more than one relay that's great, but please set <a
165
-    href="<page docs/faq>#MultipleRelays">the
166
-    MyFamily option</a> in all your relays' configuration files.
167
-    </p>
168
-
169
-    <p>
170
-    13. You might like to use the <a
171
-    href="https://nyx.torproject.org/">Nyx</a> relay monitor to watch
172
-    your relay's activities from the command line. First, "sudo pip install
173
-    nyx". Second, as the user that will be running nyx, run
174
-    "sudo adduser $USER debian-tor" to add your user to the debian-tor
175
-    group so it can reach Tor's controlsocket. Then log out and log back
176
-    in (so your user is actually in the group), and run "nyx".
177
-    </p>
178
-
179
-    <p>
180
-    14. When you change your Tor configuration, remember to verify that
181
-    your relay still works correctly after the change.
182
-    </p>
183
-
184
-    <hr>
185
-
186
-    <p>If you have suggestions for improving this document, please <a
187
-    href="<page about/contact>">send them to us</a>. Thanks!</p>
13
+  The Tor Relay documentation moved to the <a href="<wiki>TorRelayGuide">wiki</a>.
188 14
   </div>
189 15
   <!-- END MAINCOL -->
190 16
   <div id = "sidecol">