Nick's Site

Blog recommendations

link collection

Privacy Policy

Imprint

RSS

 

Mastodon

Github

Twitter

Email

Install Tor Snowflake on the Raspberry Pi with DietPi.

3/12/2022

Notice

This guide has been overhauled. See here.

Requirements

I use a Raspberry Pi 3b with DietPi 8.2.2, which means we need to use 64Bit Packages. I assume that you do everything in your default home folder of the root user. (That is just essential for the last step, but you will notice what you need to change if you use another folder.)

Install GO

Automatic

Open the diet pi software installer by typing: dietpi-software.

After that, go to search and search for: go.

Now select Go: Runtime environment and package installer.

Reconnect to the pi and run go version. This should be higher than 1.13.

Manual

It is important that you install Go Version 13 or above.

Start by creating some directories and downloading go:

mkdir ~/src && cd ~/src

wget https://go.dev/dl/go1.17.8.linux-arm64.tar.gz

Now extract the package.

tar -C /usr/local -xzf go1.17.8.linux-arm64.tar.gz

After that, you can delete the downloaded archive.

rm go1.17.8.linux-arm64.tar.gz

The last step is to add go to your Path.

nano ~/.profile

Add the following in that file:

PATH=$PATH:/usr/local/go/bin
GOPATH=$HOME/go

You can now reload the file with:

source ~/.profile

Test the installation by running:

go version

The output should look like this:

go version go1.17.8 linux/arm64

Build Tor Snowflake

First, we need to install some essentials:

apt install git

After that you can clone the repo:

git clone https://git.torproject.org/pluggable-transports/snowflake.git

Now go in the directory and start the build.

cd snowflake/proxy
go build

To start the snowflake make the build file executable and start it.

chmod +x ./proxy
./proxy

Run Snowflake as a service

(This is the part where the installation location and User matter!)

Create a new Service file.

nano /etc/systemd/system/snowflake.service

Add the following to the file.

[Unit]
Description=Tor Snowflake Proxy
After=network.target
StartLimitIntervalSec=0

[Service]
LogLevelMax=6
Type=simple
User=root
SyslogIdentifier=snowflake
StandardOutput=syslog
StandardError=syslog
ExecStart=/root/snowflake/proxy/proxy -summary-interval 10m
Restart=on-failure
RestartSec=120
TimeoutSec=300
PrivateTmp=true
NoNewPrivileges=true
ProtectSystem=strict
ProtectHome=false
ReadOnlyDirectories=/
ReadWriteDirectories=/root/snowflake/

[Install]
WantedBy=multi-user.target

Now let's create some logs.

nano /etc/rsyslog.d/50-default.conf

Add the following:

:programname,isequal,"snowflake"         /var/log/snowflake/snowflake.log

After you added the line, save the file and restart rsyslog.

systemctl restart rsyslog

As the last step, we set up logrotate.

nano /etc/logrotate.d/snowflake

With the following content:

/var/log/snowflake/snowflake.log { 
    su root syslog
    daily
    rotate 5
    compress
    delaycompress
    missingok
    postrotate
        systemctl restart rsyslog > /dev/null
    endscript    
}

Run on startup

To run the Snowflake on system startup run:

systemctl enable snowflake
service snowflake start

You can now type

tail -f /var/log/snowflake/snowflake.log

to see your snowflake in action.

Update

Steps to update the snowflake.

Stop the proxy service:

service snowflake stop

Go in the snowflake directory:

cd /root/snowflake

Now update the code by running:

git pull

After that, rebuild the proxy:

cd proxy
go build

You can now start the snowflake service.

service snowflake start

Source

For installing GO

https://www.jeremymorgan.com/tutorials/raspberry-pi/install-go-raspberry-pi/

Building Tor Snowflake

https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/wikis/home