[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [community/develop] add OpenBSD setup for middle/guard relays (@)<



commit db2e96faa6e7c70388ffaf898e5e4752d1730538
Author: Vinicius Zavam <egypcio@xxxxxxxxxxxxxx>
Date:   Thu Oct 3 18:02:58 2019 +0000

    add OpenBSD setup for middle/guard relays (@)<
      - recommend using more recent package, from M:Tier;
      - cover the use of 'openup' to update packages;
      - tune system's limits to operate a fine relay (fix trac ticket 27489 [0]).
    
    [0] https://trac.torproject.org/projects/tor/ticket/27489
---
 .../technical-setup/guard/openbsd/contents.lr      | 94 ++++++++++++++++++++++
 1 file changed, 94 insertions(+)

diff --git a/content/relay-operations/technical-setup/guard/openbsd/contents.lr b/content/relay-operations/technical-setup/guard/openbsd/contents.lr
new file mode 100644
index 0000000..24a5dd7
--- /dev/null
+++ b/content/relay-operations/technical-setup/guard/openbsd/contents.lr
@@ -0,0 +1,94 @@
+_model: page
+---
+color: primary
+---
+title: OpenBSD
+---
+body:
+
+# 1. Install `tor` OpenBSD's Package
+
+Recent OpenBSD systems, like 6.5/amd64, already have the repository configured on `/etc/installurl` so we do not need to bother changing it.
+
+Should that's not your case, please adjust the `installurl` configuration file like this:
+
+```
+echo "https://cdn.openbsd.org/pub/OpenBSD"; > /etc/installurl
+```
+
+Proceed with `pkg_add` to install the package:
+
+```
+pkg_add tor
+```
+
+### 2.1. Recommended Steps to Install `tor` on OpenBSD
+
+If you want to install a newer version of the `tor` OpenBSD's package, you can use M:Tier's binary packages:
+
+```
+ftp https://stable.mtier.org/openup
+```
+
+Right after fetching `openup` you can run it to sync M:Tier's repository and update your packages; it's an alternative to `pkg_add -u`.
+
+Here is how you proceed with these steps:
+
+```
+openup
+```
+
+# 3. Configure `/etc/tor/torrc`
+
+This is a very simple version of the `torrc` configuration file in order to run a Middle/Guard relay on the Tor network:
+
+```
+Nickname    myBSDRelay    # Change your relay's nickname to something you like
+ContactInfo your@email    # Please write your email address and be aware that it will be published
+ORPort      443           # You might want to use/try a different port, should you want to
+ExitRelay   0
+SocksPort   0
+Log notice  syslog
+User        _tor
+```
+
+# 4. Change `openfiles-max` and `maxfiles` Tweaks
+
+By default, OpenBSD maintains a rather low limit on the maximum number of open files for a process. For a daemon such as Tor's, that opens a connection to each and every other relay (currently around 7000 relays), these limits should be raised.
+
+Append the following section to `/etc/login.conf`:
+
+```
+tor:\
+    :openfiles-max=13500:\
+    :tc=daemon:
+```
+
+OpenBSD also stores a kernel-level file descriptor limit in the sysctl variable `kern.maxfiles`.
+
+Increase it from the default of 7030 to 16000:
+
+```
+echo "kern.maxfiles=16000" >> /etc/sysctl.conf
+sysctl kern.maxfiles=16000
+```
+
+# 6. Start `tor`:
+
+Here we set `tor` to start during boot and call it for the first time:
+
+```
+rcctl enable tor
+rcctl start tor
+```
+
+---
+html: two-columns-page.html
+---
+key: 2
+---
+section: Middle/Guard relay
+---
+section_id: relay-operations
+---
+subtitle: How to deploy a Middle/Guard relay on OpenBSD



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits