Ansible for Snowflake proxies of the Tor network

Support Relay Operator
,
1

Hi,

Ansible role for the installation, configuration and operation of Snowflake proxies.

Background

Snowflake proxies are one of the systems that the Tor network has in place to address censorship. This type of bridge, currently under development, adds to the alternatives and anti-censorship efforts of Pluggable Transports (PTs) such as obfs4 and meek-azure. Bridges designed as access options for people where the Tor network is blocked. More info: https://snowflake.torproject.org/

Ansible role for Snowflake proxies

With this ansible role you can install, configure and operate snowflake proxies.

Features

  • Ubuntu Focal, Debian Buster, Debian Bullseye, ArchLinux, Fedora and FreeBSD support

  • Sytemd to manage the Snowflake service and  rc script for FreeBSD

  • Support for Ansible 2.9 or higher

Role usage

Installing Ansible via pip

python -m pip install --user ansible

For other ansible installation methods: Installation Guide

Downloading the role from the Galaxy repository

ansible-galaxy install nvjacobo.snowflake

Creation of site.yml playbook

- hosts: snowflake
  roles:
      - nvjacobo.snowflake

Creation of the file inventory

[snowflake]
ip-address

Run playbook site.yml

ansible-playbook -i inventory site.yml -u root

Or with sudo

ansible-playbook -i inventory site.yml -u name-of-user -b

Manage snowflake proxy with systemd on Ubuntu, Debian, Fedora, ArchLinux

ansible all -i inventory -a 'systemctl status snowflake-proxy' # status of service
ansible all -i inventory -a 'systemctl restart snowflake-proxy' # restart service
ansible all -i inventory -a 'systemctl stop snowflake-proxy' # stop service

Manage snowflake proxy with rc script on FreeBSD

ansible all -i inventory -a 'service snowflake status' # status of service
ansible all -i inventory -a 'service snowflake start' # restart service
ansible all -i inventory -a 'service snowflake stop' # stop service

Upgrade

To upgrade to the latest available snowflake version it is necessary to run our playbook.

ansible-playbook -i inventory site.yml -u root

our with sudo

ansible-playbook -i inventory site.yml -u name-of-user -b

Recommendations

  • Enabling automatic security updates for the operating system
  • Configure exclusive SSH access with keys

Documentation

Ansible for Snowflake proxies of the Tor network

Ansible para proxies Snowflake de la red Tor

6 Likes
2

thanks @jacobo :purple_heart:

2 Likes