How to modify Apache config on polyanthum?
As part of #30472 (moved), we are setting up a service on polyanthum that allows bridge operators to test the TCP reachability of their obfs4 port. We would like to expose the service over a URL such as bridges.torproject.org/scan/. This seems to require a new ProxyPass directive in the file /etc/apache2/sites-enabled/bridges.torproject.org.conf.
What's the process for modifying this file? Is it under version control? If so, how do we commit a change to this version control system?
Activity
Trac:
Parent Ticket: #30472 (moved)
I think this is what I want. I didn't actually test it because I filed this ticket instead :) Basically, I want requests going to bridges.torproject.org/scan/ to be redirected to another web server that listens on 127.0.0.1:4000.
--- bridges.torproject.org.conf.orig 2019-05-30 18:24:26.506273388 +0000 +++ bridges.torproject.org.conf.diff 2019-05-30 18:26:19.231435195 +0000 @@ -26,6 +26,7 @@ ProxyPass /meek/ http://127.0.0.1:2000/ ProxyPass /moat/ http://127.0.0.1:3881/moat/ + ProxyPass /scan/ http://127.0.0.1:4000/ ProxyPass / http://127.0.0.1:3880/ retry=10 ProxyPassReverse / http://127.0.0.1:3880/
so. er. there are actually two version control systems in there:
- all of
/etcis managed through git, by a tool called etckeeper which does daily autocommits and has hooks that run after package installs and so on - the
/etc/apache2/sites-availabledirectory, on top of that is also managed through RCS
The last commit on that file in RCS is:
---------------------------- revision 1.15 locked by: root; date: 2017/11/15 23:27:10; author: root; state: Exp; lines: +1 -0 update run by root(isis) at Wed, 15 Nov 2017 23:27:10 +0000 on polyanthum.torproject.orgThe diff is:
root@polyanthum:/etc/apache2/sites-available# rcsdiff -u -r1.14 -r1.15 ./bridges.torproject.org.conf =================================================================== RCS file: ./RCS/bridges.torproject.org.conf,v retrieving revision 1.14 retrieving revision 1.15 diff -u -r1.14 -r1.15 --- ./bridges.torproject.org.conf 2017/04/27 00:57:53 1.14 +++ ./bridges.torproject.org.conf 2017/11/15 23:27:10 1.15 @@ -25,6 +25,7 @@ </Proxy> ProxyPass /meek/ http://127.0.0.1:2000/ + ProxyPass /moat/ http://127.0.0.1:3881/moat/ ProxyPass / http://127.0.0.1:3880/ retry=10 ProxyPassReverse / http://127.0.0.1:3880/Those changes were also committed into git, through the daily autocommit. Hilarious. :)
In any case, those files are only writable by root, so I guess you need to ask me or other tpa to make changes.
So I just implemented your change. I grepped through the access log and it seems the
/scanprefix wasn't in use anywhere, so it's a safe bet. The thing gives us a 404 right now, but I guess that's to be expected because it doesn't seem like anything is running on port 4000. Here's the error log in apache:[Fri May 31 00:43:11.833004 2019] [proxy:error] [pid 17339:tid 140323233597184] (111)Connection refused: AH00957: HTTP: attempt to connect to 127.0.0.1:4000 (127.0.0.1) failedI've committed the change into RCS and git, for good measure.
Then I'll try to forget what I have seen here, for mental health reasons. :p
I hope that helps!
Trac:
Status: assigned to closed
Resolution: N/A to fixed- all of
-
and, and for the record, those are the commands to commit the file:
co -l bridges.torproject.org.conf # unlock the file (ie. make it writable. yes, this is a thing in RCS.) ci -m'... commit message ...' -u bridges.torproject.org.conf # this commits the file, and unlocks it git commit -m'...commit message...' . # also commit everything into git, including the RCS directory of coursewatch out for the
cicommand. by default, it removes the committed file if you don't use any flags, which might be... surprising, to say the least, for people used to more... modern VCS. mentioned in issue #34089 (moved)
mentioned in issue #30472 (moved)