This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
fuss:tor [2022/04/26 15:23] – [Load-Balancing Multiple Tor Instances via HAProxy] office | fuss:tor [2024/03/30 16:31] (current) – [Monitoring tor Instances using Expect] office | ||
---|---|---|---|
Line 273: | Line 273: | ||
Finally, by pointing an application at the HAProxy port '' | Finally, by pointing an application at the HAProxy port '' | ||
+ | |||
+ | ====== Monitoring Tor Instances with Monit ====== | ||
+ | |||
+ | Tor can be elaborately monitored and restarted automatically in case it is necessary to ensure that tor instances stay up and running. Aside from the usual check that the tor OR port is available at a given address, an '' | ||
+ | |||
+ | First, a tor password must be generated in order to be able to access the tor control port by using the following command: | ||
+ | <code bash> | ||
+ | tor --hash-password " | ||
+ | </ | ||
+ | which will result in a password generated on the standard output: | ||
+ | < | ||
+ | 16: | ||
+ | </ | ||
+ | |||
+ | The password will then be added to the tor configuration: | ||
+ | < | ||
+ | ControlPort 0.0.0.0: | ||
+ | HashedControlPassword 16: | ||
+ | </ | ||
+ | |||
+ | With the configuration in place, tor is restarted and the following monit configuration is created: | ||
+ | < | ||
+ | ########################################################################### | ||
+ | ## Copyright (C) Wizardry and Steamworks 2023 - License: GNU GPLv3 ## | ||
+ | ########################################################################### | ||
+ | |||
+ | check process tor-01 with pidfile / | ||
+ | start program | ||
+ | stop program | ||
+ | if failed host 127.0.0.1 port 9051 type tcp then restart | ||
+ | if failed host 127.0.0.1 port 8051 type tcp and | ||
+ | # password is: tor surrounded by quotes 0x22 | ||
+ | send " | ||
+ | | ||
+ | send " | ||
+ | | ||
+ | retry 1 | ||
+ | timeout 5 seconds | ||
+ | then restart | ||
+ | |||
+ | </ | ||
+ | that will restart tor in case a circuit is not built within two minutes (60 seconds standard monit check time and times two for one more retry). | ||
+ | |||
+ | ====== Monitoring tor Instances using Expect ====== | ||
+ | |||
+ | A more versatile variation of the [[/ | ||
+ | |||
+ | < | ||
+ | # | ||
+ | ########################################################################### | ||
+ | ## Copyright (C) Wizardry and Steamworks 2024 - License: MIT ## | ||
+ | ########################################################################### | ||
+ | # This is an " | ||
+ | # circuit and sets the return status depending on whether it has or not. # | ||
+ | # # | ||
+ | # In other words, iff. the script returns 0, then tor has an established | ||
+ | # circuit; otherwise no circuit has been established. | ||
+ | # # | ||
+ | # Requirements: | ||
+ | # * expect (TCL program) | ||
+ | # * tor must expose a control port and must have a control password | ||
+ | # # | ||
+ | # In order to generate a control password, issue: tor --hash-password PWD # | ||
+ | # where PWD is the desired control port password. After that, amend the # | ||
+ | # tor configuration file to set the control port address, port and pass: # | ||
+ | # # | ||
+ | # ControlPort 0.0.0.0: | ||
+ | # HashedControlPassword 16: | ||
+ | # # | ||
+ | # Running: ./ | ||
+ | # where: | ||
+ | # * ADDRESS is the tor listening control address, | ||
+ | # * PORT is the tor listening control port, # | ||
+ | # * PASSWORD is the plaintext control password | ||
+ | # # | ||
+ | # after which the return status can be checked on the shell with: # | ||
+ | # echo $? # | ||
+ | ########################################################################### | ||
+ | |||
+ | set address [lindex $argv 0]; | ||
+ | set port [lindex $argv 1]; | ||
+ | set password [lindex $argv 2]; | ||
+ | |||
+ | set timeout 5 | ||
+ | spawn telnet $address $port | ||
+ | |||
+ | send " | ||
+ | expect "250 OK\r\n" | ||
+ | send " | ||
+ | expect { | ||
+ | timeout { | ||
+ | exit 1 | ||
+ | } | ||
+ | -ex " | ||
+ | } | ||
+ | |||
+ | </ | ||