Updated restore playbook to validate tor config after v2 removal #5894
Conversation
zenmonkeykstop
requested review from
conorsch,
emkll and
kushaldas
as code owners
|
This pull request fixes 5 alerts when merging 2c37173 into 8d5430d - view on LGTM.com fixed alerts:
|
There was a problem hiding this comment.
The awk torrc cleanup is a nice reduction, but I think it needs a tweak or some post-processing, as it's leaving an empty HiddenServiceDir line at the end of the file. The tor --verify-config check passes, as Tor ignores that line, but it's debris.
Testing
v2+v3 (v2nv3.tar.gz) and v3 (v3.tar.gz) backup files are required.
v2+v3
From this branch, against a prod system (VM or hardware):
- perform a restore with the command
./securedrop-admin --force restore install_files/ansible-base/v2nv3.tar.gz- Verify that the restore completes successfully
- Verify that the tasks in
cleanup_v2.ymlrun successfully after theReload Apache servicetask - Verify that the app server
/etc/tor/torrcfile contains no v2 services (view withssh app cat /etc/tor/torrc)
torrc contains an extra line at the end containing just HiddenServiceDir.
v2+v3 with HTTPS
(Note: if you don't have a HTTPS backup, fake it! simply untar the v2+v3 backup, add an extra line in etc/tor/torrc in the v2 source block with the contents HiddenServicePort 443 127.0.0.1:443, and recreate the tarball! For extra points, add it in the v3 source definition as well.)
From this branch, against a prod system (VM or hardware):
- perform a restore with the command
./securedrop-admin --force restore install_files/ansible-base/v2nv3https.tar.gz- Verify that the restore completes successfully
- Verify that the tasks in
cleanup_v2.ymlrun successfully after theReload Apache servicetask - Verify that the app server
/etc/tor/torrcfile contains no v2 services (view withssh app cat /etc/tor/torrc) - If HTTPS was enabled in the backup for v3, verify that it is still enabled in the server
/etc/tor/torrc
torrc contains an extra line at the end containing just HiddenServiceDir.
v3-only
From this branch, against a prod system (VM or hardware):
- perform a backup with the command
./securedrop-admin --force restore install_files/ansible-base/v3-only.tar.gz- Verify that the backup completes successfully
- Verify that the tasks in
cleanup_v2.ymldo not run after theReload Apache servicetask
|
This pull request fixes 5 alerts when merging c8b432f into 8d5430d - view on LGTM.com fixed alerts:
|
|
@rmol a fix has been added. Take another look? |
There was a problem hiding this comment.
The sed addition worked.
v2+v3
From this branch, against a prod system (VM or hardware):
- perform a restore with the command
./securedrop-admin --force restore install_files/ansible-base/v2nv3.tar.gz- Verify that the restore completes successfully
- Verify that the tasks in
cleanup_v2.ymlrun successfully after theReload Apache servicetask - Verify that the app server
/etc/tor/torrcfile contains no v2 services (view withssh app cat /etc/tor/torrc)
v2+v3 with HTTPS
(Note: if you don't have a HTTPS backup, fake it! simply untar the v2+v3 backup, add an extra line in etc/tor/torrc in the v2 source block with the contents HiddenServicePort 443 127.0.0.1:443, and recreate the tarball! For extra points, add it in the v3 source definition as well.)
From this branch, against a prod system (VM or hardware):
- perform a backup with the command
./securedrop-admin --force restore install_files/ansible-base/v2nv3https.tar.gz- Verify that the backup completes successfully
- Verify that the tasks in
cleanup_v2.ymlrun successfully after theReload Apache servicetask - Verify that the app server
/etc/tor/torrcfile contains no v2 services (view withssh app cat /etc/tor/torrc) - If HTTPS was enabled in the backup for v3, verify that it is still enabled in the server
/etc/tor/torrc
v3-only
From this branch, against a prod system (VM or hardware):
- perform a backup with the command
./securedrop-admin --force restore install_files/ansible-base/v3-only.tar.gz- Verify that the backup completes successfully
- Verify that the tasks in
cleanup_v2.ymldo not run after theReload Apache servicetask
Status
Ready for review / Work in progress
Description of Changes
Fixes #5892.
disable_v2.pywith an awk one-liner that catches the case when HTTPS is enabled on a source v2 interfaceTesting
v2+v3 (
v2nv3.tar.gz) and v3 (v3.tar.gz) backup files are required.v2+v3
From this branch, against a prod system (VM or hardware):
./securedrop-admin --force restore install_files/ansible-base/v2nv3.tar.gzcleanup_v2.ymlrun successfully after theReload Apache servicetask/etc/tor/torrcfile contains no v2 services (view withssh app cat /etc/tor/torrc)v2+v3 with HTTPS
(Note: if you don't have a HTTPS backup, fake it! simply untar the v2+v3 backup, add an extra line in
etc/tor/torrcin the v2 source block with the contentsHiddenServicePort 443 127.0.0.1:443, and recreate the tarball! For extra points, add it in the v3 source definition as well.)From this branch, against a prod system (VM or hardware):
./securedrop-admin --force restore install_files/ansible-base/v2nv3https.tar.gzcleanup_v2.ymlrun successfully after theReload Apache servicetask/etc/tor/torrcfile contains no v2 services (view withssh app cat /etc/tor/torrc)/etc/tor/torrcv3-only
From this branch, against a prod system (VM or hardware):
./securedrop-admin --force restore install_files/ansible-base/v3-only.tar.gzcleanup_v2.ymldo not run after theReload Apache servicetaskDeployment
Deployed with GUI or manual update on workstation.
Checklist
If you made non-trivial code changes:
Choose one of the following: