diff options
author | Micah Anderson <micah@riseup.net> | 2017-11-28 11:35:01 -0500 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2017-11-28 11:35:01 -0500 |
commit | 0d251e2ceddd3e02ed8bba8725830689dbdd1397 (patch) | |
tree | 37d7096d9e458ca1e6431dff8a2f571553011c44 /docs/en/services | |
parent | 93a181d44e2d8163ae44945aac1b6477e268170d (diff) | |
parent | bf6c56d86c7ba45e7ca766d990a9e9162025e5ac (diff) |
Merge tag 'refs/tags/0.10.0' into stable
Release 0.10.0
Diffstat (limited to 'docs/en/services')
-rw-r--r-- | docs/en/services/couchdb.html | 2 | ||||
-rw-r--r-- | docs/en/services/couchdb/index.html | 2 | ||||
-rw-r--r-- | docs/en/services/index.html | 2 | ||||
-rw-r--r-- | docs/en/services/mx.html | 4 | ||||
-rw-r--r-- | docs/en/services/mx/index.html | 4 | ||||
-rw-r--r-- | docs/en/services/openvpn.html | 2 | ||||
-rw-r--r-- | docs/en/services/openvpn/index.html | 2 | ||||
-rw-r--r-- | docs/en/services/tor.html | 48 | ||||
-rw-r--r-- | docs/en/services/tor/index.html | 48 |
9 files changed, 77 insertions, 37 deletions
diff --git a/docs/en/services/couchdb.html b/docs/en/services/couchdb.html index 6de6455c..43f7cfac 100644 --- a/docs/en/services/couchdb.html +++ b/docs/en/services/couchdb.html @@ -215,7 +215,7 @@ couchdb - LEAP Platform Documentation <ul> <li>search for the “user_id” field</li> -<li>in this example <a href="mailto:testuser@example.org">testuser@example.org</a> uses the database user-665e004870ee17aa4c94331ff3cd59eb</li> +<li>in this example <a href="mailto:testuser@example.org">testuser@example.org</a> uses the database user-665e004870ee17aa4c94331ff3cd59eb</li> </ul> diff --git a/docs/en/services/couchdb/index.html b/docs/en/services/couchdb/index.html index 10043db6..b48c4eb7 100644 --- a/docs/en/services/couchdb/index.html +++ b/docs/en/services/couchdb/index.html @@ -215,7 +215,7 @@ couchdb - LEAP Platform Documentation <ul> <li>search for the “user_id” field</li> -<li>in this example <a href="mailto:testuser@example.org">testuser@example.org</a> uses the database user-665e004870ee17aa4c94331ff3cd59eb</li> +<li>in this example <a href="mailto:testuser@example.org">testuser@example.org</a> uses the database user-665e004870ee17aa4c94331ff3cd59eb</li> </ul> diff --git a/docs/en/services/index.html b/docs/en/services/index.html index 6d5c68e1..261cd11b 100644 --- a/docs/en/services/index.html +++ b/docs/en/services/index.html @@ -235,7 +235,7 @@ Services - LEAP Platform Documentation <h2> <a href='tor.html'>tor</a> </h2> -<div class='summary'>Tor exit node or hidden service</div> +<div class='summary'>Tor services: relay, exit node and hidden service</div> </div> <div class=' page-summary'> <h2> diff --git a/docs/en/services/mx.html b/docs/en/services/mx.html index 8e08cfe0..aa41186a 100644 --- a/docs/en/services/mx.html +++ b/docs/en/services/mx.html @@ -156,8 +156,8 @@ mx - LEAP Platform Documentation <ol> <li>alias lists: by specifying an array of destination addresses, as in the case of “flock”, the single email will get copied to each address.</li> -<li>chained resolution: alias resolution will recursively continue until there are no more matching aliases. For example, “flock” is resolved to “robin”, which then gets resolved to “<a href="mailto:robin@bird.org">robin@bird.org</a>”.</li> -<li>virtual domains: by specifying the full domain, as in the case of “<a href="mailto:chickadee@avian.org">chickadee@avian.org</a>”, the alias will work for any domain you want. Of course, the MX record for that domain must point to appropriate MX servers, but otherwise you don’t need to do any additional configuration.</li> +<li>chained resolution: alias resolution will recursively continue until there are no more matching aliases. For example, “flock” is resolved to “robin”, which then gets resolved to “<a href="mailto:robin@bird.org">robin@bird.org</a>”.</li> +<li>virtual domains: by specifying the full domain, as in the case of “<a href="mailto:chickadee@avian.org">chickadee@avian.org</a>”, the alias will work for any domain you want. Of course, the MX record for that domain must point to appropriate MX servers, but otherwise you don’t need to do any additional configuration.</li> <li>local delivery: for testing purposes, it is often useful to copy all incoming mail for a particular address and send those copies to another address. You can do this by adding “@deliver.local” as one of the destination addresses. When “@local.delivery” is found, alias resolution stops and the mail is delivered to that username.</li> </ol> diff --git a/docs/en/services/mx/index.html b/docs/en/services/mx/index.html index 6899e0cc..048f5198 100644 --- a/docs/en/services/mx/index.html +++ b/docs/en/services/mx/index.html @@ -156,8 +156,8 @@ mx - LEAP Platform Documentation <ol> <li>alias lists: by specifying an array of destination addresses, as in the case of “flock”, the single email will get copied to each address.</li> -<li>chained resolution: alias resolution will recursively continue until there are no more matching aliases. For example, “flock” is resolved to “robin”, which then gets resolved to “<a href="mailto:robin@bird.org">robin@bird.org</a>”.</li> -<li>virtual domains: by specifying the full domain, as in the case of “<a href="mailto:chickadee@avian.org">chickadee@avian.org</a>”, the alias will work for any domain you want. Of course, the MX record for that domain must point to appropriate MX servers, but otherwise you don’t need to do any additional configuration.</li> +<li>chained resolution: alias resolution will recursively continue until there are no more matching aliases. For example, “flock” is resolved to “robin”, which then gets resolved to “<a href="mailto:robin@bird.org">robin@bird.org</a>”.</li> +<li>virtual domains: by specifying the full domain, as in the case of “<a href="mailto:chickadee@avian.org">chickadee@avian.org</a>”, the alias will work for any domain you want. Of course, the MX record for that domain must point to appropriate MX servers, but otherwise you don’t need to do any additional configuration.</li> <li>local delivery: for testing purposes, it is often useful to copy all incoming mail for a particular address and send those copies to another address. You can do this by adding “@deliver.local” as one of the destination addresses. When “@local.delivery” is found, alias resolution stops and the mail is delivered to that username.</li> </ol> diff --git a/docs/en/services/openvpn.html b/docs/en/services/openvpn.html index e5fe1128..1a420e21 100644 --- a/docs/en/services/openvpn.html +++ b/docs/en/services/openvpn.html @@ -133,8 +133,8 @@ openvpn - LEAP Platform Documentation <p><em>Essential configuration</em></p> <ul> -<li><code>openvpn.gateway_address</code>: The address that OpenVPN daemon is bound to and that VPN clients connect to.</li> <li><code>ip_address</code>: The main IP of the server, and the egress address for outgoing traffic.</li> +<li><code>openvpn.gateway_address</code>: A secondary address on the same machine (sharing the same interface, or on a separate interface). The OpenVPN daemon is bound to this address and VPN clients connect to it.</li> </ul> diff --git a/docs/en/services/openvpn/index.html b/docs/en/services/openvpn/index.html index 4a9dc993..23866436 100644 --- a/docs/en/services/openvpn/index.html +++ b/docs/en/services/openvpn/index.html @@ -133,8 +133,8 @@ openvpn - LEAP Platform Documentation <p><em>Essential configuration</em></p> <ul> -<li><code>openvpn.gateway_address</code>: The address that OpenVPN daemon is bound to and that VPN clients connect to.</li> <li><code>ip_address</code>: The main IP of the server, and the egress address for outgoing traffic.</li> +<li><code>openvpn.gateway_address</code>: A secondary address on the same machine (sharing the same interface, or on a separate interface). The OpenVPN daemon is bound to this address and VPN clients connect to it.</li> </ul> diff --git a/docs/en/services/tor.html b/docs/en/services/tor.html index f649c086..1f6ce112 100644 --- a/docs/en/services/tor.html +++ b/docs/en/services/tor.html @@ -110,7 +110,7 @@ tor - LEAP Platform Documentation <div id='title-box'> <h1>tor</h1> -<div id='summary'>Tor exit node or hidden service</div> +<div id='summary'>Tor services: relay, exit node and hidden service</div> </div> <div id='content-box'> <div id="TOC"><ol> @@ -124,33 +124,53 @@ tor - LEAP Platform Documentation <h2><a name="topology"></a>Topology</h2> -<p>Nodes with <code>tor</code> service will run a Tor exit or hidden service, depending on what other service it is paired with:</p> +<p>Nodes with <code>tor</code> service will run a Tor relay with some pre-defined settings, which can be changed with some configuration (see <em>Configuration</em> below). You can enable an exit or a hidden service with additional configuration.</p> + +<h2><a name="configuration"></a>Configuration</h2> + +<p>By default, if a node has service ‘tor’ configured, it will run a tor relay (not an exit). The relay will be configured with bandwidth limitations, contacts, a nickname and a family. The defaults for these (shown below), can be overridden as desired.</p> <ul> -<li><code>tor</code> + <code>openvpn</code>: when combined with <code>openvpn</code> nodes, <code>tor</code> will create a Tor exit node to provide extra cover traffic for the VPN. This can be especially useful if there are VPN gateways without much traffic.</li> -<li><code>tor</code> + <code>webapp</code>: when combined with a <code>webapp</code> node, the <code>tor</code> service will make the webapp and the API available via .onion hidden service.</li> -<li><code>tor</code> stand alone: a regular Tor exit node.</li> +<li><code>tor.bandwidth_rate</code>: the max bandwidth allocated to Tor, in KB per second, when used as an exit node (default: 6550 KB/sec).</li> +<li><code>tor.type</code>: what type of tor node to make, at this moment only ‘exit’ is supported. If not specified, acts as a relay.</li> +<li><code>tor.contacts</code>: the contact information for the relay (default: the list of provider contacts)</li> +<li><code>tor.nickname</code>: the nickname of the relay (default: a combination of the node name and a hash of the family)</li> +<li><code>tor.family</code>: a list of the other nicknames that are part of the same provider</li> +<li><code>tor.hidden_service</code>: to enable a hidden service, set ‘active’ to be true (see below for an example), do <em>not</em> configure “services”: [“tor”] for the node!</li> </ul> -<p>If activated, you can list the hidden service .onion addresses this way:</p> +<p>Examples:</p> -<p> leap ls –print tor.hidden_service.address tor</p> +<p>To add a relay to a node:</p> -<p>Then just add ‘.onion’ to the end of the printed addresses.</p> +<pre><code>{ + "services": ["tor"] +} +</code></pre> -<h2><a name="configuration"></a>Configuration</h2> +<p>To enable a hidden service, without a relay, do <em>not</em> specify the tor service (it is not considered secure to have a node configured as a relay and a hidden service at the same time, see: <a href="https://trac.torproject.org/8742">https://trac.torproject.org/8742</a>), instead configure the node to have the following:</p> -<ul> -<li><code>tor.bandwidth_rate</code>: the max bandwidth allocated to Tor, in KB per second, when used as an exit node.</li> -</ul> +<pre><code>{ + "tor": { + "hidden_service": { + "active": true + } +} +</code></pre> +<p>If activated, you can list the hidden service .onion addresses this way:</p> + +<p> leap ls –print tor.hidden_service.address tor</p> + +<p>Then just add ‘.onion’ to the end of the printed addresses.</p> -<p>For example:</p> +<p>To enable a Tor exit node:</p> <pre><code>{ "tor": { - "bandwidth_rate": 6550 + "bandwidth_rate": 6550, + "type": "exit" } } </code></pre> diff --git a/docs/en/services/tor/index.html b/docs/en/services/tor/index.html index 8fecf152..a6380d90 100644 --- a/docs/en/services/tor/index.html +++ b/docs/en/services/tor/index.html @@ -110,7 +110,7 @@ tor - LEAP Platform Documentation <div id='title-box'> <h1>tor</h1> -<div id='summary'>Tor exit node or hidden service</div> +<div id='summary'>Tor services: relay, exit node and hidden service</div> </div> <div id='content-box'> <div id="TOC"><ol> @@ -124,33 +124,53 @@ tor - LEAP Platform Documentation <h2><a name="topology"></a>Topology</h2> -<p>Nodes with <code>tor</code> service will run a Tor exit or hidden service, depending on what other service it is paired with:</p> +<p>Nodes with <code>tor</code> service will run a Tor relay with some pre-defined settings, which can be changed with some configuration (see <em>Configuration</em> below). You can enable an exit or a hidden service with additional configuration.</p> + +<h2><a name="configuration"></a>Configuration</h2> + +<p>By default, if a node has service ‘tor’ configured, it will run a tor relay (not an exit). The relay will be configured with bandwidth limitations, contacts, a nickname and a family. The defaults for these (shown below), can be overridden as desired.</p> <ul> -<li><code>tor</code> + <code>openvpn</code>: when combined with <code>openvpn</code> nodes, <code>tor</code> will create a Tor exit node to provide extra cover traffic for the VPN. This can be especially useful if there are VPN gateways without much traffic.</li> -<li><code>tor</code> + <code>webapp</code>: when combined with a <code>webapp</code> node, the <code>tor</code> service will make the webapp and the API available via .onion hidden service.</li> -<li><code>tor</code> stand alone: a regular Tor exit node.</li> +<li><code>tor.bandwidth_rate</code>: the max bandwidth allocated to Tor, in KB per second, when used as an exit node (default: 6550 KB/sec).</li> +<li><code>tor.type</code>: what type of tor node to make, at this moment only ‘exit’ is supported. If not specified, acts as a relay.</li> +<li><code>tor.contacts</code>: the contact information for the relay (default: the list of provider contacts)</li> +<li><code>tor.nickname</code>: the nickname of the relay (default: a combination of the node name and a hash of the family)</li> +<li><code>tor.family</code>: a list of the other nicknames that are part of the same provider</li> +<li><code>tor.hidden_service</code>: to enable a hidden service, set ‘active’ to be true (see below for an example), do <em>not</em> configure “services”: [“tor”] for the node!</li> </ul> -<p>If activated, you can list the hidden service .onion addresses this way:</p> +<p>Examples:</p> -<p> leap ls –print tor.hidden_service.address tor</p> +<p>To add a relay to a node:</p> -<p>Then just add ‘.onion’ to the end of the printed addresses.</p> +<pre><code>{ + "services": ["tor"] +} +</code></pre> -<h2><a name="configuration"></a>Configuration</h2> +<p>To enable a hidden service, without a relay, do <em>not</em> specify the tor service (it is not considered secure to have a node configured as a relay and a hidden service at the same time, see: <a href="https://trac.torproject.org/8742">https://trac.torproject.org/8742</a>), instead configure the node to have the following:</p> -<ul> -<li><code>tor.bandwidth_rate</code>: the max bandwidth allocated to Tor, in KB per second, when used as an exit node.</li> -</ul> +<pre><code>{ + "tor": { + "hidden_service": { + "active": true + } +} +</code></pre> +<p>If activated, you can list the hidden service .onion addresses this way:</p> + +<p> leap ls –print tor.hidden_service.address tor</p> + +<p>Then just add ‘.onion’ to the end of the printed addresses.</p> -<p>For example:</p> +<p>To enable a Tor exit node:</p> <pre><code>{ "tor": { - "bandwidth_rate": 6550 + "bandwidth_rate": 6550, + "type": "exit" } } </code></pre> |