[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [community/master] add OpenBSD setup for middle/guard relays (@)<
commit db2e96faa6e7c70388ffaf898e5e4752d1730538
Author: Vinicius Zavam <egypcio@xxxxxxxxxxxxxx>
Date: Thu Oct 3 18:02:58 2019 +0000
add OpenBSD setup for middle/guard relays (@)<
- recommend using more recent package, from M:Tier;
- cover the use of 'openup' to update packages;
- tune system's limits to operate a fine relay (fix trac ticket 27489 [0]).
[0] https://trac.torproject.org/projects/tor/ticket/27489
---
.../technical-setup/guard/openbsd/contents.lr | 94 ++++++++++++++++++++++
1 file changed, 94 insertions(+)
diff --git a/content/relay-operations/technical-setup/guard/openbsd/contents.lr b/content/relay-operations/technical-setup/guard/openbsd/contents.lr
new file mode 100644
index 0000000..24a5dd7
--- /dev/null
+++ b/content/relay-operations/technical-setup/guard/openbsd/contents.lr
@@ -0,0 +1,94 @@
+_model: page
+---
+color: primary
+---
+title: OpenBSD
+---
+body:
+
+# 1. Install `tor` OpenBSD's Package
+
+Recent OpenBSD systems, like 6.5/amd64, already have the repository configured on `/etc/installurl` so we do not need to bother changing it.
+
+Should that's not your case, please adjust the `installurl` configuration file like this:
+
+```
+echo "https://cdn.openbsd.org/pub/OpenBSD" > /etc/installurl
+```
+
+Proceed with `pkg_add` to install the package:
+
+```
+pkg_add tor
+```
+
+### 2.1. Recommended Steps to Install `tor` on OpenBSD
+
+If you want to install a newer version of the `tor` OpenBSD's package, you can use M:Tier's binary packages:
+
+```
+ftp https://stable.mtier.org/openup
+```
+
+Right after fetching `openup` you can run it to sync M:Tier's repository and update your packages; it's an alternative to `pkg_add -u`.
+
+Here is how you proceed with these steps:
+
+```
+openup
+```
+
+# 3. Configure `/etc/tor/torrc`
+
+This is a very simple version of the `torrc` configuration file in order to run a Middle/Guard relay on the Tor network:
+
+```
+Nickname myBSDRelay # Change your relay's nickname to something you like
+ContactInfo your@email # Please write your email address and be aware that it will be published
+ORPort 443 # You might want to use/try a different port, should you want to
+ExitRelay 0
+SocksPort 0
+Log notice syslog
+User _tor
+```
+
+# 4. Change `openfiles-max` and `maxfiles` Tweaks
+
+By default, OpenBSD maintains a rather low limit on the maximum number of open files for a process. For a daemon such as Tor's, that opens a connection to each and every other relay (currently around 7000 relays), these limits should be raised.
+
+Append the following section to `/etc/login.conf`:
+
+```
+tor:\
+ :openfiles-max=13500:\
+ :tc=daemon:
+```
+
+OpenBSD also stores a kernel-level file descriptor limit in the sysctl variable `kern.maxfiles`.
+
+Increase it from the default of 7030 to 16000:
+
+```
+echo "kern.maxfiles=16000" >> /etc/sysctl.conf
+sysctl kern.maxfiles=16000
+```
+
+# 6. Start `tor`:
+
+Here we set `tor` to start during boot and call it for the first time:
+
+```
+rcctl enable tor
+rcctl start tor
+```
+
+---
+html: two-columns-page.html
+---
+key: 2
+---
+section: Middle/Guard relay
+---
+section_id: relay-operations
+---
+subtitle: How to deploy a Middle/Guard relay on OpenBSD
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits