Please provision a VM for the new exit scanner

• At least 2 CPU cores
• 1.5GB RAM
• 50GB disk

This host will generate a lot of network activity, and will do a lot of crypto operations. I'm afraid I don't have the data to quantify "a lot" yet.

Please give this host a DNS name, and do not change any of the existing DNS names for the old service at this time.

Please install the following packages from Debian:

python-dnspython python-stem python3-stem git

Please allow users in the check and tordnsel groups to log in, they should also have home directories.

Please install Apache, configure a virtualhost with the name check.torproject.org, and an alias of the server's hostname for initial setup.

Reverse proxy all requests to port 8080 on that virtualhost, except for /exit-addresses which should be a symlink to /srv/?.torproject.org/lists/latest and /lists which should be an autoindex with a document root of that same lists directory that latest lives in.

Let me know if anything needs clarification. I could also review the puppet if you point me at where to find it.