Shard Tor hidden services across multiple daemons #920
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
florianock
pushed a commit
to florianock/umbrel
that referenced
this pull request
Sep 6, 2021
* 'master' of github.com:florianock/umbrel: (153 commits) Improve samourai-server app stability (getumbrel#949) Make sure code-server app restarts on failure (getumbrel#933) Update lnbits app to ab446a8 (getumbrel#928) Umbrel v0.4.1 (getumbrel#923) Update to getumbrel/dashboard:v0.3.25 Shard Tor hidden services across multiple daemons (getumbrel#920) Make sure configure script never overwrites app permissions (getumbrel#919) Whitelist hostname for Nextcloud in Umbrel v0.4.0 (getumbrel#918) Update btcpay-server app to 1.2.1 (getumbrel#916) Update specter-desktop app to v1.5.1 (getumbrel#909) Update mempool app to v2.2.1 (getumbrel#905) Remove outdated warning from LND config Update samourai-server app to v1.10.1 (getumbrel#901) Switch to the PolyForm Noncommercial license (getumbrel#908) Update to getumbrel/middleware:v0.1.12 Don't overwrite existing LND config after update (getumbrel#904) Update to LND v0.13.1 (getumbrel#903) Auto init nextcloud app to ensure allowed hosts are correctly set (getumbrel#900) Add default password to pi-hole app (getumbrel#889) Umbrel v0.4.0 (getumbrel#888) ...
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When running all Tor hidden services (~30 total) from a single daemon, if we restart Tor, it can take a few hours for all the hidden services to come online.
This is especially bad for Umbrel users doing an update over Tor because the device will go down halfway through the update when Tor is restarted. It should come back online within an hour or two, but this isn't obvious, and to the user it appears as though the update has bricked their device.
Running multiple Tor daemons in parallel with a smaller number of hidden services to manage each seems to resolve the issue and allow the hidden services to come back online promptly.
For now we're running three instances of Tor,
torfor internal Umbrel services which should come online almost instantly, andapp_torandapp_2_torwhich have about 10 hidden services each for all the install apps, and should come online within a few minutes.I'm not sure if this is a bug in Tor, or if there's a better way we should be doing this, but it seems like a single daemon should be able to manage this many hidden services. We should report this to the Tor developers and see if we can resolve this more cleanly.