Exit scanner

1 DONE Identify how check is installed on chiwui

#32999 - Add irl to the "check" and "tordnsel" LDAP groups

chiwui crontab:

@reboot /srv/check.torproject.org/check/scripts/run.sh 4 * * * * /srv/check.torproject.org/check/scripts/cpexits.sh

tordnsel crontab:

@reboot tor -f /srv/tordnsel.torproject.org/etc/torrc @reboot /srv/tordnsel.torproject.org/bin/tordnsel -f /srv/tordnsel.torproject.org/etc/tordnsel.conf @hourly /srv/tordnsel.torproject.org/bin/local-copy-tor

scripts are hardcoded to /srv/blah on the host, in uncommitted git changes

2 DONE Install check on test host

3 TODO Install check on test host using Ansible role

3.1 DONE Install requirements

3.2 DONE Get service running

3.3 TODO Write a service file for check service

replacing init script

3.4 TODO Write a timer(?) file for the cron jobs

replacing cron job, copy from crontab above

4 TODO What to do for /exit-addresses

exit scanner might need to write out to two locations, one to service check and the other for collector

5 TODO Ansible role for exitmap-based scanner

6 TODO Request new host for exit scanner

This could reuse the existing groups for tordnsel and check

7 TODO Write a PowerDNS backend to replace TorDNSEL

Author: Iain R. Learmonth

Created: 2020-01-23 Thu 15:02

Validate