Mwongozo huu utasaidia kusanidi kiungo cha WebTunnel kilichokusanywa kutoka kwa chanzo ili kusaidia watumiaji waliodhibitiwa kuunganishwa kwenye mtandao wa Tor.

0. Sanidi kikoa chako na seva ya tovuti yako

Kabla ya kuendelea na maagizo yaliyo hapa chini, ni muhimu kusanidi kikoa chako na seva ya wavuti kwanza. Rejelea sehemu ya kwanza ya mwongozo wa WebTunnel ili kuona jinsi ya kusanidi seva yako ya wavuti.

1. Sakinisha Golang

Ili kujenga jozi ya seva ya WebTunnel unahitaji kusakinisha Golang. Unaweza kusakinisha Go kwenye Debian kwa kuendesha:

$ sudo apt install golang

2. Clone na kusanya/tunga

Clone hazina ya git ya WebTunnel:

$ git clone https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/webtunnel

Na kusanya binary seva ya WebTunnel:

$ cd webtunnel/main/server
$ go build

Mwishowe, nakili jozi kwenye eneo lingine:

$ sudo cp server /usr/local/bin/webtunnel

3. Sakinisha Tor

Kwenye mfumo unaofanana na Debian, sasisha Tor kutoka kwa hazina ya Tor Debian.

$ sudo apt install apt-transport-https lsb-release

Na uendeshe amri hizi ili kuwezesha hazina ya Tor Debian:

$ CODENAME=$(lsb_release -cs)

$ cat <<EOF > /etc/apt/sources.list.d/tor.list
   deb     [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org $CODENAME main
   deb-src [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org $CODENAME main
EOF

Ingiza keyring ya mradi wa Tor:

$ wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --dearmor | sudo tee /usr/share/keyrings/tor-archive-keyring.gpg >/dev/null

Mwishowe, sasisha orodha ya kifurushi yako na usakinishe Tor:

$ sudo apt update && sudo apt install tor deb.torproject.org-keyring -y

4. Sasisha torrc yako

Hariri faili yako ya usanidi wa Tor ambayo kawaida iko katika /etc/tor/torrc na ubadilishe yaliyomo na:

  • url=https://yourdomain/path na url yako ya WebTunnel ikijumuisha kikoa chako na njia ya siri;
  • <address@email.com> with your contact email address;
  • Nickname WebTunnetTest na kwa jina la utani la kiungo chako.
BridgeRelay 1
ORPort 127.0.0.1:auto
AssumeReachable 1
ServerTransportPlugin webtunnel exec /usr/local/bin/webtunnel
ServerTransportListenAddr webtunnel 127.0.0.1:15000
ServerTransportOptions webtunnel url=https://yourdomain/path
ExtORPort auto
ContactInfo <address@email.com>
Nickname WebTunnelTest
SocksPort 0

5. Anzisha tena Tor

Wezesha na Anzisha tor:

$ sudo systemctl enable --now tor.service

Au uianzishe tena ikiwa itaendeshwa tayari ili usanidi ionyeshe matokeo:

$ sudo systemctl restart tor.service

6. Sasisha na upakie upya ruhusa ya AppArmor tor

Ili kuruhusu tor kuendesha mfumo wako wa jozi wa WebTunnel, hariri wasifu wa AppArmor system_tor katika /etc/apparmor.d/system_tor na uongeze ingizo linaloruhusu tor kutekeleza WebTunnel:

  # During startup, tor (as root) tries to open various things such as
  # directories via check_private_dir().  Let it.
  /usr/local/bin/webtunnel ix,

Pakia upya wasifu wa AppArmor:

$ sudo apparmor_parser -r /etc/apparmor.d/system_tor

Baada ya kurekebisha wasifu na kuipakia upya, jaribu kuona kama mchakato wa tor sasa unaweza kutekeleza /usr/local/bin/webtunnel bila kukanusha yoyote ya AppArmor. Angali kumbukumbu za mfumo (e.g., dmesg or /var/log/syslog)ili kuhakikisha hitilafu haijitokezi tena.

7. Fuatilia kumbukumbu zako

Kuhakikisha kiungo chako kinaendeshwa bila shida unapaswa kuona kitu kama hii (usually in /var/log/syslog or run sudo journalctl -e -u tor@default):

[notice] Your Tor server's identity key fingerprint is '<NICKNAME> <FINGERPRINT>'
[notice] Your Tor bridge's hashed identity key fingerprint is '<NICKNAME> <HASHED FINGERPRINT>'
[notice] Tor has successfully opened a circuit. Looks like client functionality is working.
[notice] Bootstrapped 100%: Done

Unaweza kufuatilia matumizi ya kiungo chako cha WebTunnel kwenye Utafutaji wa Rilei. Ingiza tu <HASHED FINGERPRINT> ya kiungo chako katika fomu na ubofye "Search". Baada ya kusanidi kiungo inachukua takriban saa tatu kwa kiungo hicho kuonekana katika Utafutaji wa Rilei.

8. Maelezo ya mwisho

Your WebTunnel bridge will by default be automatically distributed via the Bridges website, also known as the HTTPS distributor. This default applies unless an operator explicitly configures the BridgeDistribution setting in the torrc file to a different option. If set to any option other than HTTPS, the bridge will not be distributed to users. Ikiwa unatatizika kusanidi kiungo chako angalia sehemu yetu ya usaidizi.

If your bridge is now running, you can test it by copying and pasting your bridge line into Tor Browser. Ili kujenga laini ya kiungo cha Webtunnel unahitaji kunakili kiungo chako cha FINGERPRINT lakini usichanganye na alama ya vidole vyako vya haraka, ambayo ni alama ya vidole ambayo utapata kwenye tovuti ya Utafutaji wa Tor rilei. Ukinakili alama ya kidole cha haraka badala ya alama ya kidole cha kiungo chako, hutaweza kuunganisha. Unaweza pata alama za vidole ya kiungo chako katika faili ya /var/lib/tor/fingerprint. Kumbuka kunakili tu alama ya kidole na usijumuishe jina la utani la kiungo.

Mwishowe, unaweza kubadilisha yaliyomo kwenye URL na kikoa chako na njia ya siri. Unaweza kuipata chini ya laini yako ya torrc ServerTransportOptions.

Now, just replace the content below to create your WebTunnel bridge line. 10.0.0.2:443 is just a random IP address that's never used. It's just there because the pluggable transport specification requires an IP address there.

webtunnel 10.0.0.2:443 FINGERPRINT url=https://yourdomain/path