How to setup tor relays with ansible-relayor
This guide documented how to use ansible to setup tor relays on a VPS.
- A local PC, installed with Ubuntu 20.04 LTS
- can connect to VPS with SSH key
- A VPS, installed with Ubuntu 20.04 LTS
- port 443 should be opened in firewall
- user account should have
Install python3 and tor on local PC
$ sudo apt update $ sudo apt install python3 tor
Install ansible on local PC
$ pip3 install ansible
$ ansible-galaxy install nusenu.relayor
Install nusenu.relayor dependency on local PC
$ pip3 install netaddr
Create new workspace
$ mkdir ~/my-tor-relays $ cd ~/my-tor-relays
Create hosts file
$ touch ./hosts
hostscontains connection to the VPS. It should looks like
[tag]is for grouping relays with the same configuration.
For example, we may have three VPS, two with 1TB monthly traffic and one with 2TB month traffic. Then we can have two tags
[2000GB], and set the monthly traffic allowance on the relays in these two groups to 1TB and 2TB respectively. Our
hostsmay looks like
[1000GB] firstname.lastname@example.org [2000GB] email@example.com firstname.lastname@example.org
Create playbook file
$ touch ./playbook.yml
playbook.ymlcontains configuration for the relay. The file should at least contains our contact information with
tor_ContactInfo. It should look like:
- hosts: tag vars: tor_ContactInfo: email@example.com roles: - nusenu.relayor
If we want to have two groups of relays with different monthly traffic allowed, we can set the monthly limit with
tor_AccountingMax, such that our
playbook.ymlmay looks like
- hosts: 1000GB vars: tor_ContactInfo: firstname.lastname@example.org tor_AccountingMax: 1000 GBytes roles: - nusenu.relayor - hosts: 2000GB vars: tor_ContactInfo: email@example.com tor_AccountingMax: 2000 GBytes roles: - nusenu.relayor
Execute the playbook to enable tor relay service on VPS
$ ansible-playbook playbook.yml -l all -i ./hosts
After successfully executing the playbook, we should follow Relay Post-install and good practices to ensure our service is up and running.
In this post, we walked throught how to setup tor relay service on VPS using nusenu.relayor.
tor_AccountingMax are introduced. There are many more available options, please refer to ansible-relayor doc to see more.
It is encouraged to use ContactInfo Information Sharing Specification to publish useful contact information with
It is recommanded to read this blog post to understand the lifecycle of a new relay that we just setup.