[Koha-bugs] [Bug 15540] Debian package option to set up an .onion address ( Tor hidden service) for the OPAC
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Sat Nov 19 22:13:07 CET 2016
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15540
Mirko Tietgen <mirko at abunchofthings.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #46644|0 |1
is obsolete| |
--- Comment #4 from Mirko Tietgen <mirko at abunchofthings.net> ---
Created attachment 57661
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=57661&action=edit
Bug 15540 - Debian package option to set up an .onion address (Tor hidden
service) for the OPAC
Add --tor to koha-create: automatically set up a .onion URL for the OPAC.
Install Tor from official repository if required.
Test plan:
0) Requirements
- Apply patch
- Build Debian package
- Test server needs to be reachable from the internet
- Download Tor Browser to your local machine (not the server)
https://www.torproject.org/download/download-easy.html.en
(Running Tor Browser and Koha with Tor on the same machine does not seem to
work)
1) First Koha instance using Tor, refuse Tor installation
- Test without the package 'tor' installed!
- koha-create --create-db --tor <instance1>
You should be asked if you want to install Tor
- Refuse
Expected result:
- You are told to either accept to install Tor or not use the --tor option
- Installation process stops cleanly (no remaining user account etc.)
2) First Koha instance using Tor, accept Tor installation
- Test without the package 'tor' installed!
- koha-create --create-db --tor <instance1>
You should be asked if you want to install Tor
- Accept
- Wait for the installation to finish
- Open your regular OPAC URL
You should see the OPAC maintenance website
- Open (in Tor Browser) the .onion address displayed at the end of the
installation
You should see the OPAC maintenance website. It can take a minute until this
works
Expected results:
- Tor repository is added to /etc/apt/sources.list.d/tor.list
- Package 'tor' (and keyring + dependencies) is installed
- Koha instance is created as usual
- Tor config is added to /etc/tor/torrc. It includes a block that looks like
# begin instance koha-<instance1>
HiddenServiceDir /var/lib/tor/koha/<instance1>/hidden_service
HiddenServicePort 80 127.0.0.1:80
# end instance koha-<instance1>
- .onion address from /var/lib/tor/koha/<instance1>/hidden_service/hostname
is added as ServerAlias to /etc/apache2/sites-availabled/<instance1>.conf
- You can reach the OPAC from the regular address and via .onion (in Tor
Browser)
3) Additional instances using Tor / Tor already installed
- koha-create --create-db --tor <instance2>
You should not be asked if you want to install Tor again.
- Wait for the installation to finish
- Open your regular OPAC URL of <instance2>
You should see the OPAC maintenance website
- Open Tor Browser at the .onion address displayed at the end of the second
installation
You should see the OPAC maintenance website
It can take a minute until this works
- Copy the .onion address, you will need it in step 5 and 7!
Expected results:
- Second Tor config is added to /etc/tor/torrc
- You can reach the second OPAC from the regular address and via .onion (Tor
Browser)
4) Remove an instance
- Remove your first instance with koha-remove <instance1>
Removal process should work as expected
- Check /etc/tor/torrc
The block for your first instance should be gone
- Check /var/lib/tor/koha/instance1/
The hidden_service folder and key should still be there. This way you can
re-use
an .onion address after reinstallation.
5) Re-create an instance (old config)
- koha-create --create-db --tor <instance1> #use the same name as for step 2!
You should be asked if you want to re-use the existing .onion address or
delete it
- Choose to re-use the old config
- Wait for installation to finish
- Open the OPAC with the regular URL and the (old) .onion address (in Tor
Browser)
Both should work. It can take a minute for the .onion to show up
- Verify that the .onion is the same as the one from step 3
6) Remove the instance again
- Follow step 4
7) Re-create an instance (new config)
- koha-create --create-db --tor <instance1> #use the same name as for step 1!
You should be asked if you want to re-use the existing key and .onion address
or delete it
- Choose to delete the folder and get a new .onion
- Wait for installation to finish
- Open the OPAC with the regular URL and the (new) .onion address (in Tor
Browser)
Both should work. It can take a minute for the .onion to show up
- Verify that the .onion is not the same as in step 3 and 5
Possible bonus tests:
- Using an operating system that does not have a Tor package available in the
official
repository should be detected. Testing this would require such an OS for
testing.
Recent Debian and Ubuntu seems to be covered.
- A manual Tor installation before Koha is installed should be detected and
work,
a prompt will allow to either overwrite the old config or stop the
installation
- If the Tor repository is already present in /etc/apt/sources.list*, it is not
added again
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list