commit e45978fc08d83d0c0d444240932857eb510a16c9
Author: gus <[email protected]>
Date: Fri Jul 5 18:28:18 2019 -0400
Move how to use ansible relayor from technical-setup main page to good
practices page
---
.../relay-operations/technical-setup/contents.lr | 10 +----
.../contents.lr | 52 ++++++++++++----------
2 files changed, 29 insertions(+), 33 deletions(-)
diff --git a/content/relay-operations/technical-setup/contents.lr
b/content/relay-operations/technical-setup/contents.lr
index 07925c7..886bacc 100644
--- a/content/relay-operations/technical-setup/contents.lr
+++ b/content/relay-operations/technical-setup/contents.lr
@@ -38,14 +38,6 @@ If you are looking to run a relay with minimal effort we
recommend you stick to
The installation commands are shown in code blocks and must be executed with
root privileges.
-## Configuration Management
-
-If you plan to run more than a single relay, or you want to run a high
capacity relay (multiple Tor instances per server) or want to use strong
security features like [Offline Master
Keys](https://trac.torproject.org/projects/tor/wiki/doc/TorRelaySecurity/OfflineKeys)
without performing additional steps manually, you may want to use a
configuration management for better maintainability.
-
-There are multiple configuration management solutions for Unix based operating
systems (Ansible, Puppet, Salt, ...).
-
-The following Ansible Role has specifically been build for Tor relay operators
and supports multiple operating systems: [Ansible
Relayor](http://github.com/nusenu/ansible-relayor).
-
-Click below in which type of relay do you want to host.
+Click below in which type of relay do you want to host and don't forget to
read [Relay post-install and good
practices](relays-post-install-and-good-practices).
---
_slug: {{setup}}
diff --git
a/content/relay-operations/technical-setup/relays-post-install-and-good-practices/contents.lr
b/content/relay-operations/technical-setup/relays-post-install-and-good-practices/contents.lr
index 8373219..5236fbe 100644
---
a/content/relay-operations/technical-setup/relays-post-install-and-good-practices/contents.lr
+++
b/content/relay-operations/technical-setup/relays-post-install-and-good-practices/contents.lr
@@ -28,8 +28,31 @@ You can search for your relay using your nickname or IP
address.
It takes some time for relay traffic to ramp up, this is especially true for
guard relays but to a lesser extend also for exit relays. To understand this
process, read about the [lifecycle of a new
relay](https://blog.torproject.org/lifecycle-new-relay).
+# 4. Configuration Management
-#4. Optional: Limiting bandwidth usage (and traffic)
+If you plan to run more than a single relay, or you want to run a high
capacity relay (multiple Tor instances per server) or want to use strong
security features like [Offline Master
Keys](https://trac.torproject.org/projects/tor/wiki/doc/TorRelaySecurity/OfflineKeys)
without performing additional steps manually, you may want to use a
configuration management for better maintainability.
+
+There are multiple configuration management solutions for Unix based operating
systems (Ansible, Puppet, Salt, ...).
+
+The following Ansible Role has specifically been build for Tor relay operators
and supports multiple operating systems: [Ansible
Relayor](http://github.com/nusenu/ansible-relayor).
+
+# 5. Important: if you run more than one Tor instance
+
+To avoid putting Tor clients at risk when operating multiple relays you must
set a proper
[MyFamily](https://2019.www.torproject.org/docs/tor-manual.html.en#MyFamily)
value and have a valid
[ContactInfo](https://2019.www.torproject.org/docs/tor-manual.html.en#ContactInfo)
in your torrc configuration.
+The MyFamily setting is simply telling Tor clients what Tor relays are
controlled by a single entity/operator/organization, so they are not used in
multiple positions in a single circuit.
+
+If you run two relays and they have fingerprints AAAAAAAAAA and BBBBBBBB, you
would add the following configuration to set MyFamily:
+
+```
+MyFamily AAAAAAAAAA,BBBBBBBB
+```
+
+to both relays. To find your relays fingerprint you can look into the log
files when tor starts up or find the file named "fingerprint" in your tor
DataDirectory.
+
+Instead of doing so manually for big operators we recommend to automate the
MyFamily setting via a configuration management solution.
+Manually managing MyFamily for big relay groups is error prone and can put Tor
clients at risk.
+
+# 6. Optional: Limiting bandwidth usage (and traffic)
Tor will not limit its bandwidth usage by default, but supports multiple ways
to restrict the used bandwidth and the amount of traffic.
This can be handy if you want to ensure that your Tor relay does not exceed a
certain amount of bandwidth or total traffic per day/week/month.
@@ -44,9 +67,9 @@ The following torrc configuration options can be used to
restrict bandwidth and
Having a fast relay for some time of the month is preferred over a slow relay
for the entire month.
-Also see the bandwidth entry in the FAQ:
https://www.torproject.org/docs/faq.html.en#BandwidthShaping
+Also see the bandwidth entry in the
[FAQ](https://www.torproject.org/docs/faq.html.en#BandwidthShaping).
-# 5. Check IPv6 availability
+# 7. Check IPv6 availability
We encourage everyone to enable IPv6 on their relays. This is especially
valuable on exit and guard relays.
@@ -84,24 +107,7 @@ IPv6Exit 1
Note: Tor requires IPv4 connectivity, you can not run a Tor relay on IPv6-only.
-# 6. Important: if you run more than one Tor instance
-
-To avoid putting Tor clients at risk when operating multiple relays you must
set a proper
[MyFamily](https://2019.www.torproject.org/docs/tor-manual.html.en#MyFamily)
value and have a valid
[ContactInfo](https://2019.www.torproject.org/docs/tor-manual.html.en#ContactInfo)
in your torrc configuration.
-The MyFamily setting is simply telling Tor clients what Tor relays are
controlled by a single entity/operator/organization, so they are not used in
multiple positions in a single circuit.
-
-If you run two relays and they have fingerprints AAAAAAAAAA and BBBBBBBB, you
would add the following configuration to set MyFamily:
-
-```
-MyFamily AAAAAAAAAA,BBBBBBBB
-```
-
-to both relays. To find your relays fingerprint you can look into the log
files when tor starts up or find the file named "fingerprint" in your tor
DataDirectory.
-
-Instead of doing so manually for big operators we recommend to automate the
MyFamily setting via a configuration management solution.
-Manually managing MyFamily for big relaygroups is error prone and can put Tor
clients at risk.
-
-
-# 7. Maintaining a relay
+# 8. Maintaining a relay
## Backup Tor Identity Keys
@@ -116,9 +122,7 @@ Default locations of the keys folder:
## Subscribe to the tor-announce mailing list
-This is a very low traffic mailing list and you will get information about new
stable tor releases and important security update information.
-
-* https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce
+This is a very low traffic mailing list and you will get information about new
stable tor releases and important security update information:
[tor-announce](https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-announce).
## Setting up outage notifications
_______________________________________________
tor-commits mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
