The Tor Project issueshttps://gitlab.torproject.org/groups/tpo/-/issues2024-03-28T13:07:39Zhttps://gitlab.torproject.org/tpo/onion-services/onionspray/-/issues/51Improved troubleshooting tips2024-03-28T13:07:39ZSilvio RhattoImproved troubleshooting tips# Tasks
* [ ] Improve the "Troubleshooting" document with tips to debug Onionspray, NGINX and tor.
* [ ] Include debugging tips such as custom log configurations like `Log [rend]info notice file /var/log/tor/notices.log`
that can ...# Tasks
* [ ] Improve the "Troubleshooting" document with tips to debug Onionspray, NGINX and tor.
* [ ] Include debugging tips such as custom log configurations like `Log [rend]info notice file /var/log/tor/notices.log`
that can reduce the noise and pinpoint things (but usually is better to log all subsystems).
# Time estimation
* Complexity: negligible (0.1 day)
* Uncertainty: low (x1.1)
* [Reference](https://jacobian.org/2021/may/25/my-estimation-technique/) (adapted)Onionspray 1.7.0Silvio RhattoSilvio Rhatto2024-06-27https://gitlab.torproject.org/tpo/web/manual/-/issues/158Update instructions about using built-in bridges in Tor Browser2024-03-26T12:58:53Zebanamebanam@torproject.orgUpdate instructions about using built-in bridges in Tor Browserhttps://tb-manual.torproject.org/circumvention/
The UX has changed a bit. Let's review and update this section about using built-in bridges with Tor Browser.
> USING PLUGGABLE TRANSPORTS
>
> To use a pluggable transport, click "Configu...https://tb-manual.torproject.org/circumvention/
The UX has changed a bit. Let's review and update this section about using built-in bridges with Tor Browser.
> USING PLUGGABLE TRANSPORTS
>
> To use a pluggable transport, click "Configure Connection" when starting Tor Browser for the first time. Under the "Bridges" section, locate the option "Choose from one of Tor Browser's built-in bridges" and click on "Select a Built-In Bridge" option. From the menu, select whichever pluggable transport you'd like to use.
>
> Once you've selected the pluggable transport, scroll up and click "Connect" to save your settings.
>
> Or, if you have Tor Browser running, click on "Settings" in the hamburger menu (≡) and then on "Connection" in the sidebar. Under the "Bridges" section, locate the option "Choose from one of Tor Browser's built-in bridges" and click on "Select a Built-In Bridge" option. Choose whichever pluggable transport you'd like to use from the menu. Your settings will automatically be saved once you close the tab.
/cc @nina @emmapeelebanamebanam@torproject.orgebanamebanam@torproject.orghttps://gitlab.torproject.org/tpo/web/support/-/issues/358Add Letterboxing to the glossary2024-03-25T15:27:33ZemmapeelAdd Letterboxing to the glossaryWe need to add Letterboxing to the glossary, as it is a new term that we use on the documentation.We need to add Letterboxing to the glossary, as it is a new term that we use on the documentation.ebanamebanam@torproject.orgebanamebanam@torproject.orghttps://gitlab.torproject.org/tpo/web/manual/-/issues/157Add entry about letterboxing (about:manual#letterboxing)2024-03-12T20:36:03Zma1Add entry about letterboxing (about:manual#letterboxing)We're implementing a `Learn more` link in the new user-facing letteboxing preferences (tpo/applications/tor-browser#41916) and we need some content to be referenced by about:manual#letterboxing :)
@donuts' [comment](https://gitlab.torp...We're implementing a `Learn more` link in the new user-facing letteboxing preferences (tpo/applications/tor-browser#41916) and we need some content to be referenced by about:manual#letterboxing :)
@donuts' [comment](https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/32324#note_2876483):
> It's on support-dot, but possibly not the manual?
> https://support.torproject.org/tbb/maximized-torbrowser-window/ebanamebanam@torproject.orgebanamebanam@torproject.orghttps://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/42440Letterboxing manual entry (about:manual#letterboxing)2024-03-18T16:26:27Zma1Letterboxing manual entry (about:manual#letterboxing)We're implementing a `Learn more` link in the new user-facing letteboxing preferences (#41916) and we need some content to be referenced by about:manual#letterboxing :)
@donuts' [comment](https://gitlab.torproject.org/tpo/applications/...We're implementing a `Learn more` link in the new user-facing letteboxing preferences (#41916) and we need some content to be referenced by about:manual#letterboxing :)
@donuts' [comment](https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/32324#note_2876483):
> It's on support-dot, but possibly not the manual?
> https://support.torproject.org/tbb/maximized-torbrowser-window/donutsdonutshttps://gitlab.torproject.org/tpo/web/community/-/issues/342Add Amnesty International to the list of Featured onionsites2024-02-29T12:25:29ZSilvio RhattoAdd Amnesty International to the list of Featured onionsites# About
[Amnesty International now available as .onion | The Tor Project](https://blog.torproject.org/amnesty-international-launches-onion-service/), and we need to add into the list of featured onionsites in [this page][].
[this page]...# About
[Amnesty International now available as .onion | The Tor Project](https://blog.torproject.org/amnesty-international-launches-onion-service/), and we need to add into the list of featured onionsites in [this page][].
[this page]: https://community.torproject.org/onion-services/
# Tasks
* [ ] Create an image banner.
* [ ] Make a pull request adding Amnesty International into the list of featured onionsistes.
# Time estimation
* Complexity: very small (0.5 day)
* Uncertainty: low (x1.1)
* [Reference](https://jacobian.org/2021/may/25/my-estimation-technique/) (adapted)
/cc @gus @isabelaSilvio RhattoSilvio Rhatto2024-03-28https://gitlab.torproject.org/tpo/onion-services/ecosystem/-/issues/7Brave and Onion Browser at the web/apps page2024-02-29T18:48:54ZSilvio RhattoBrave and Onion Browser at the web/apps page# Tasks
* [x] Mention [Brave](https://brave.com) at the apps/web page.
* [x] Mention [Onion Browser](https://onionbrowser.com) at the apps/web page.
# Time estimation
* Complexity: negligible (0.1 day)
* Uncertainty: low (x1.1)
* [Ref...# Tasks
* [x] Mention [Brave](https://brave.com) at the apps/web page.
* [x] Mention [Onion Browser](https://onionbrowser.com) at the apps/web page.
# Time estimation
* Complexity: negligible (0.1 day)
* Uncertainty: low (x1.1)
* [Reference](https://jacobian.org/2021/may/25/my-estimation-technique/) (adapted)Silvio RhattoSilvio Rhatto2024-03-28https://gitlab.torproject.org/tpo/onion-services/ecosystem/-/issues/6README update with maintenance instructions2024-02-29T12:45:41ZSilvio RhattoREADME update with maintenance instructions# Tasks
* [ ] Add into the [README](README.md):
* [ ] Onion Services doc conventions, including:
* Use the navigation format from the [mkdocs-awesome-pages-plugin][].
* Have `README.md` or `index.md` listed as the "Intro" page...# Tasks
* [ ] Add into the [README](README.md):
* [ ] Onion Services doc conventions, including:
* Use the navigation format from the [mkdocs-awesome-pages-plugin][].
* Have `README.md` or `index.md` listed as the "Intro" page.
* Have a link to the repository in the README/index page.
* [ ] How to contribute with new docs:
* Open an issue request or pull request for an evaluation/integration.
* [ ] How to integrate your existing docs:
* Need to be Onion Service related.
* Setup Onion MkDocs.
* Adopt the Onion Services doc conventions.
* Adhere to the Community Team docs guidelines.
* Open an issue request or pull request for an evaluation/integration.
[mkdocs-awesome-pages-plugin]: https://github.com/lukasgeiter/mkdocs-awesome-pages-plugin
# Time estimation
* Complexity: very small (0.5 day)
* Uncertainty: low (x1.1)
* [Reference](https://jacobian.org/2021/may/25/my-estimation-technique/) (adapted)https://gitlab.torproject.org/tpo/onion-services/ecosystem/-/issues/5Slides generation2024-02-27T18:58:24ZSilvio RhattoSlides generation# Description
Some projects have [Onion TeX Slim][]-generated slides that could be built as part of this repository CI/CD.
[Onion TeX Slim]: https://gitlab.torproject.org/tpo/community/onion-tex-slim
# Tasks
* [ ] Create a convention...# Description
Some projects have [Onion TeX Slim][]-generated slides that could be built as part of this repository CI/CD.
[Onion TeX Slim]: https://gitlab.torproject.org/tpo/community/onion-tex-slim
# Tasks
* [ ] Create a convention for [Onion TeX Slim][] slides among Onion Service documentation (folder location etc).
* [ ] Implement a CI/CD action to generate all slides, including then in the generated documentation.
# Time estimation
* Complexity: small (1 day)
* Uncertainty: low (x1.1)
* [Reference](https://jacobian.org/2021/may/25/my-estimation-technique/) (adapted)https://gitlab.torproject.org/tpo/onion-services/ecosystem/-/issues/3Add Onion Launchpad documentation2024-02-26T17:45:09ZSilvio RhattoAdd Onion Launchpad documentation# Tasks
* [x] Add the Onion Launchpad documentation once it's [converted to Onion MkDocs][].
[converted to Onion MkDocs]: tpo/onion-services/onion-launchpad#72
# Time estimation
* Complexity: negligible (0.1 day)
* Uncertainty: low (...# Tasks
* [x] Add the Onion Launchpad documentation once it's [converted to Onion MkDocs][].
[converted to Onion MkDocs]: tpo/onion-services/onion-launchpad#72
# Time estimation
* Complexity: negligible (0.1 day)
* Uncertainty: low (x1.1)
* [Reference](https://jacobian.org/2021/may/25/my-estimation-technique/) (adapted)Silvio RhattoSilvio Rhatto2024-03-28https://gitlab.torproject.org/tpo/onion-services/ecosystem/-/issues/2Add Onionbalance documentation2024-03-27T21:34:58ZSilvio RhattoAdd Onionbalance documentation# Tasks
* [ ] Add the Onionbalance documentation once it's [converted to Onion MkDocs][].
[converted to Onion MkDocs]: tpo/onion-services/onionbalance#28
# Time estimation
* Complexity: negligible (0.1 day)
* Uncertainty: low (x1.1)
...# Tasks
* [ ] Add the Onionbalance documentation once it's [converted to Onion MkDocs][].
[converted to Onion MkDocs]: tpo/onion-services/onionbalance#28
# Time estimation
* Complexity: negligible (0.1 day)
* Uncertainty: low (x1.1)
* [Reference](https://jacobian.org/2021/may/25/my-estimation-technique/) (adapted)Silvio RhattoSilvio Rhatto2024-07-01https://gitlab.torproject.org/tpo/onion-services/ecosystem/-/issues/1Hosting location for the Onion Services Ecosystem Documentation2024-03-27T22:03:23ZSilvio RhattoHosting location for the Onion Services Ecosystem Documentation# Motivation
As mentioned in the [previous issue][] about getting domains for some Onion Services projects, we're looking for
* Shorter URLs for some Onion Services related projects, pointing to their GitLab Pages.
* Aggregate Onion Se...# Motivation
As mentioned in the [previous issue][] about getting domains for some Onion Services projects, we're looking for
* Shorter URLs for some Onion Services related projects, pointing to their GitLab Pages.
* Aggregate Onion Services documentation in a single, searchable place.
That made us create the [Onion Services Ecosystem Documentation][], but it still has a not very friendly URL.
[previous issue]: tpo/onion-services/onion-support#202
[Onion Services Ecosystem Documentation]: https://tpo.pages.torproject.net/onion-services/ecosystem
# Tasks
* [x] Organization:
* [x] Ping some people to get feedback (ahf, gaba, micah?).
* [x] Determine a better canonical URL location for the [Onion Services Ecosystem Documentation][]:
* [x] Project/repository name: `tpo/onion-services/ecosystem`.
* [x] Canonical URL: `https://community.torproject.org/onion-services/ecosystem`.
* [x] Rename the project from `portal` to `ecosystem`.
* [ ] Implementation:
* [x] Proceed with the CI/deployment changes to make the [Onion Services Ecosystem Documentation][] accessible through the new URL:
* [~] Update CI config to use the [static shim][] deploying to the [static component]. No need, since we'll use the existing deployment from `tpo/web/community`.
* [x] Update CI config to use a setup [similiar to the Community Policies][] (tpo/onion-services/ecosystem!6).
* [x] Update [web/community CI config](https://gitlab.torproject.org/tpo/web/community/-/blob/main/.gitlab-ci.yml) to include the Ecosystem Docs (tpo/web/community!349).
* [~] [Ask TPA](https://gitlab.torproject.org/tpo/tpa/team/-/issues/new) to help with setting up this deployment. No need, since we'll use the existing deployment from `tpo/web/community`.
* [x] Update references in Onion Services projects, pointing to the new official/canonical documentation location (like on `README.md` files etc).
* [ ] Once the portal is deployed, updated the "Onionize any website" link in
the Community Portal, pointing to the official Onionspray documentation
URL within the Onion Services Ecosystem Portal (tpo/web/community#337).
* [ ] Link the [Onion Services Ecosystem Documentation] in the [Onion Services section of the Community Portal](https://community.torproject.org/onion-services/).
* [ ] Add banner in the community portal, at the [Onion Services page](https://community.torproject.org/onion-services/).
* [ ] Figure out [an update workflow](https://gitlab.torproject.org/tpo/onion-services/ecosystem/-/issues/1#note_3010677).
* [~] Bonus:
* [~] Consider to release the portal as part of the [Onion Services 20th Years Anniversary (2024 edition)](https://gitlab.torproject.org/tpo/onion-services/onionplan/-/issues/14#note_2933136).
* [~] Onion Services endpoint and Onion-Location set (if not already available). This will be available already when the docs are available through `community.torproject.org`.
[static shim]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/service/static-shim
[static component]: https://gitlab.torproject.org/tpo/tpa/team/-/wikis/howto/static-component
[similiar to the Community Policies]: https://gitlab.torproject.org/tpo/community/policies/-/blob/main/.gitlab-ci.yml
# Time estimation
* Complexity: small (1 day)
* Uncertainty: low (x1.1)
* [Reference](https://jacobian.org/2021/may/25/my-estimation-technique/) (adapted)
/cc @gusSilvio RhattoSilvio Rhatto2024-06-17https://gitlab.torproject.org/tpo/onion-services/onionbalance/-/issues/30Create a development/release workflow2024-02-20T18:00:43ZSilvio RhattoCreate a development/release workflowCreate a development and release workflow, including sending a message to the `tor-announce` mailing list.
Existing workflows that can be used as a base:
* [Development - Onionprobe](https://tpo.pages.torproject.net/onion-services/onio...Create a development and release workflow, including sending a message to the `tor-announce` mailing list.
Existing workflows that can be used as a base:
* [Development - Onionprobe](https://tpo.pages.torproject.net/onion-services/onionprobe/development/)
* [Development workflow - Onionspray](https://tpo.pages.torproject.net/onion-services/onionspray/guides/development/)Onionbalance 0.2.3https://gitlab.torproject.org/tpo/onion-services/onionbalance/-/issues/29Document about multiple MasterOnionAddress entries2024-02-20T17:58:20ZSilvio RhattoDocument about multiple MasterOnionAddress entriesDocument that multiple `MasterOnionAddress` lines are supported in the
`ob_config` file, so each backend service can work for multiple frontend
addresses.Document that multiple `MasterOnionAddress` lines are supported in the
`ob_config` file, so each backend service can work for multiple frontend
addresses.Onionbalance 0.2.3https://gitlab.torproject.org/tpo/onion-services/onionbalance/-/issues/28Migrate Onionbalance documentation to Onion MkDocs2024-02-22T22:19:20ZSilvio RhattoMigrate Onionbalance documentation to Onion MkDocsMigrate Onionbalance documentation from [Sphinx](https://www.sphinx-doc.org) to [Onion MkDocs][].
[Onion Mkdocs]: https://gitlab.torproject.org/tpo/web/onion-mkdocs/Migrate Onionbalance documentation from [Sphinx](https://www.sphinx-doc.org) to [Onion MkDocs][].
[Onion Mkdocs]: https://gitlab.torproject.org/tpo/web/onion-mkdocs/Onionbalance 0.2.3https://gitlab.torproject.org/tpo/onion-services/onionmine/-/issues/26Setup Onion MkDocs for Onionmine2024-02-22T22:06:52ZSilvio RhattoSetup Onion MkDocs for OnionmineConvert Onionmine documentation to [Onion MkDocs][].
[Onion Mkdocs]: https://gitlab.torproject.org/tpo/web/onion-mkdocs/Convert Onionmine documentation to [Onion MkDocs][].
[Onion Mkdocs]: https://gitlab.torproject.org/tpo/web/onion-mkdocs/Silvio RhattoSilvio Rhattohttps://gitlab.torproject.org/tpo/tpa/team/-/issues/41523document donate-review deployment process and project in general2024-02-14T21:09:13Zanarcatdocument donate-review deployment process and project in generalin tpo/tpa/team#41519, we have identified that donate-review lacks documentation. #41518 is a task for @lavamind to review that project, but this is for @kez to document it as much as they can.in tpo/tpa/team#41519, we have identified that donate-review lacks documentation. #41518 is a task for @lavamind to review that project, but this is for @kez to document it as much as they can.Jérôme Charaouilavamind@torproject.orgJérôme Charaouilavamind@torproject.orghttps://gitlab.torproject.org/tpo/tpa/team/-/issues/41522TPA-RFC-62: migrate tor-passwords to password-store2024-02-21T19:49:00ZanarcatTPA-RFC-62: migrate tor-passwords to password-storeIn #29677, we have reviewed a bunch of password managers. Bitwarden seems to be emerging as a possible candidate for an organisation-wide password management service, but in the short term however, we do not want to make any major change...In #29677, we have reviewed a bunch of password managers. Bitwarden seems to be emerging as a possible candidate for an organisation-wide password management service, but in the short term however, we do not want to make any major changes to our workflow. There's also an argument to be made that TPA should *not* be using a global password manager and is best protecting those secrets with a a different mechanism.
In any case, during a recent offboarding process (tpo/tpa/team#41519), it became very clear that our *current* password manager (pwstore) has major flaws:
1. key management: in this case, @hiro's key was expired and had to be manually removed from the user's list. this would be similar in pass, except that the keyid file is easier to manage, as its signature is managed automatically by `pass init`, provided that the `PASSWORD_STORE_SIGNING_KEY` variable is set
2. password rotation: because multiple passwords are stored in the same file, it's hard or impossible to actually see the last rotation on a single password
3. conflicts: because multiple passwords are stored in the same file, we frequently get conflicts when making changes, which is particularly painful if we need to distribute the "rotation" work
4. abandonware: a [pull request to fix Debian bookworm / Ruby 3.1 support](https://github.com/weaselp/pwstore/pull/8) has been ignored for more than a year at this point
5. counter-intuitive interface: there's no command to extract a password, you're presumably supposed to use `gpg -d` to read the password files, yet you can't use other tools to directly manipulate the password files because the target encryption keys are specified in a meta file (that latter issue is shared with pass, to be fair)
6. not packaged: pwstore is not in Debian, flatpak, or anything else
The main downside to pass is the .gpg-id system is less secure than pwstore: its signature is not enforced unless the environment variable is set, which is a bit brittle. It's also relying on the global GPG key store although in theory it should be possible to rely on another keyring by passing different options to GnuPG.
Finally, by splitting secrets into different files, we disclose **which** accounts we have access to, but I consider this a reasonable tradeoff for the benefits it brings.
Update: the above was put in an actual proposal, see https://gitlab.torproject.org/tpo/tpa/team/-/wikis/policy/tpa-rfc-62-tpa-password-manageranarcatanarcathttps://gitlab.torproject.org/tpo/onion-services/onionspray/-/issues/44Example configuration with Onionspray defaults2024-03-13T12:01:53ZSilvio RhattoExample configuration with Onionspray defaults# Description
It would be helpful for users if a canonical example configuration file had all/only Onionspray defaults.
# Tasks
* [ ] Create a `default.tconf` with just the default configuration, and
explanatory comments. Explai...# Description
It would be helpful for users if a canonical example configuration file had all/only Onionspray defaults.
# Tasks
* [ ] Create a `default.tconf` with just the default configuration, and
explanatory comments. Explain in the `example.tconf` that it's an example
that does not necessariliy has the default paramters. Or just rename
the `example.tconf` to `default.tconf`. Or something like that.
* [ ] Update the documentation accordingly.
# Time estimation
* Complexity: negligible (0.1 day)
* Uncertainty: low (x1.1)
* [Reference](https://jacobian.org/2021/may/25/my-estimation-technique/) (adapted)Onionspray 1.7.0https://gitlab.torproject.org/tpo/community/policies/-/issues/18Collect information around our new relay operator community related policies2024-03-14T11:38:24ZGeorg KoppenCollect information around our new relay operator community related policiesThis ticket is for O2.4 of our Sponsor 112 which [says](https://gitlab.torproject.org/groups/tpo/-/milestones/44#tab-issues):
```
O2.4: Document relay community governance processes. In this activity we will publish public-facing documen...This ticket is for O2.4 of our Sponsor 112 which [says](https://gitlab.torproject.org/groups/tpo/-/milestones/44#tab-issues):
```
O2.4: Document relay community governance processes. In this activity we will publish public-facing documentation on what enforcement mechanisms were considered, why the ones that were selected were chosen, and why the ones that were not implemented, but were considered as possible candidates, were eventually rejected. The audience for these documents will be future technology projects that utilize similar volunteer-run infrastructure and may be able to benefit from the insights Tor obtained during this process.
```
So, we should collect what we considered doing, what we discarded, what we finally picked and the motivations and rationale for all of that.
/cc @gusGeorg KoppenGeorg Koppen2024-03-04