Please provision a VM for the new exit scanner
- At least 2 CPU cores
- 1.5GB RAM
- 50GB disk
This host will generate a lot of network activity, and will do a lot of crypto operations. I'm afraid I don't have the data to quantify "a lot" yet.
Please give this host a DNS name, and do not change any of the existing DNS names for the old service at this time.
Please install the following packages from Debian:
python-dnspython python-stem python3-stem git
Please allow users in the check and tordnsel groups to log in, they should also have home directories.
Please install Apache, configure a virtualhost with the name check.torproject.org, and an alias of the server's hostname for initial setup.
Reverse proxy all requests to port 8080 on that virtualhost, except for /exit-addresses which should be a symlink to /srv/?.torproject.org/lists/latest and /lists which should be an autoindex with a document root of that same lists directory that latest lives in.
Let me know if anything needs clarification. I could also review the puppet if you point me at where to find it.