|
|
# Bits and pieces of Tor Project infrastructure information
|
|
|
|
|
|
A collection of information looking for a better place, perhaps after
|
|
|
being expanded a bit to deserve their own page.
|
|
|
|
|
|
## Backups
|
|
|
|
|
|
* We use [Bacula](https://en.wikipedia.org/wiki/Bacula) to make
|
|
|
backups, with one host running a director (currently bacula-director-01.tpo)
|
|
|
and another host for storage (currently brulloi.tpo).
|
|
|
* There are `BASE` files and `WAL` files, the latter for incremental
|
|
|
backups.
|
|
|
* The logs found in `/var/log/bacula-main.log` and `/var/log/bacula/`
|
|
|
seem mostly empty, just like the systemd journals.
|
|
|
|
|
|
### Servers
|
|
|
|
|
|
* There's one `director` and one `storage node`.
|
|
|
|
|
|
* The director runs `/usr/local/sbin/dsa-bacula-scheduler` which reads
|
|
|
`/etc/bacula/dsa-clients` for a list of clients to back up. This
|
|
|
file is populated by puppet (puppetdb
|
|
|
`$bacula::tag_bacula_dsa_client_list`) and will list clients until
|
|
|
they're being deactivated in puppet.
|
|
|
|
|
|
### Clients
|
|
|
* `tor-puppet/modules/bacula/manifests/client.pp` gives an idea of
|
|
|
where things are at on backup clients.
|
|
|
* Clients run the Bacula File Daemon, `bacula-fd(8)`.
|
|
|
|
|
|
## Onion sites
|
|
|
|
|
|
- Example from a vhost template
|
|
|
|
|
|
<% if scope.function_onion_global_service_hostname(['crm-2018.torproject.org']) -%>
|
|
|
<Virtualhost *:80>
|
|
|
ServerName <%= scope.function_onion_global_service_hostname(['crm-2018.torproject.org']) %>
|
|
|
Use vhost-inner-crm-2018.torproject.org
|
|
|
</VirtualHost>
|
|
|
<% end -%>
|
|
|
|
|
|
- Function defined in
|
|
|
`tor-puppet/modules/puppetmaster/lib/puppet/parser/functions/onion_global_service_hostname.rb`
|
|
|
parses
|
|
|
`/srv/puppet.torproject.org/puppet-facts/onionbalance-services.yaml`.
|
|
|
- `onionbalance-services.yaml` is populated through
|
|
|
`onion::balance` (`tor-puppet/modules/onion/manifests/balance.pp`)
|
|
|
- `onion:balance` uses the `onion_balance_service_hostname` fact from `tor-puppet/modules/torproject_org/lib/facter/onion-services.rb`
|
|
|
|
|
|
## Puppet
|
|
|
|
|
|
See [howto/puppet](howto/puppet). |