update config docs, add NEWS snippet

2016-04-26 22:26:31 -07:00 · 2016-04-26 22:26:31 -07:00 · 25b64041cc
parent 96c625920c
commit 25b64041cc
2 changed files with 75 additions and 56 deletions
--- a/docs/configuration.rst
+++ b/docs/configuration.rst
@ -137,86 +137,96 @@ set the ``tub.location`` option described below.
    ``http://127.0.0.1:3456/static/foo.html`` will serve the contents of
    ``BASEDIR/public_html/foo.html`` .

-``tub.port = (endpoints specification string, optional)``
+``tub.port = (endpoint specification string, optional)``

-    This controls the node's "listening port", through which it accepts
-    Foolscap connections from other nodes. If not provided, the node will ask
-    the kernel to allocate an available port, then saves it to a file (named
-    ``client.port`` or ``introducer.port``), so that subsequent runs will
-    re-use the same port. The value should be ``tcp:`` followed by a port
-    number, e.g. ``tcp:3457``.
+    This controls which port the node uses to accept Foolscap connections
+    from other nodes. It is parsed as a Twisted "server endpoint descriptor",
+    which accepts values like ``tcp:12345`` and
+    ``tcp:23456:interface=127.0.0.1``.

-    Note that the node can advertise an entirely different host+port (with
-    ``tub.location``, below) than the port that it listens on (controlled by
-    ``tub.port``). This is most useful when the node is a storage server and
-    lives behind a firewall that has been configured to forward a TCP port.
-    ``tub.location`` would be set to ``tcp:ADDR1:PORT1`` (where ADDR1 is the
-    external hostname or IP address of the firewall box, and PORT1 is the
-    externally-visible port), while ``tub.port`` would be ``tcp:PORT2``
-    (where the firewall is forwarding external PORT1 to internal PORT2).
+    For backwards compatibility, if this contains a simple integer, it will
+    be used as a TCP port number, like ``tcp:%d`` (which will accept
+    connections on all interfaces). However ``tub.port`` cannot be ``0`` or
+    ``tcp:0`` (older versions accepted this, but the node is no longer
+    willing to ask Twisted to allocate port numbers in this way). To
+    automatically allocate a TCP port, leave ``tub.port`` blank.

-    ``tub.port`` cannot be ``tcp:0`` or ``0``: older versions accepted this,
-    but the node is no longer willing to ask Twisted to allocate port numbers
-    in this way. For backwards compatibility, a ``tub.port`` that is an
-    integer (other than 0) will be given a ``tcp:`` prefix.
+    If the ``tub.port`` config key is not provided, the node will look in
+    ``BASEDIR/client.port`` (or ``BASEDIR/introducer.port``, for introducers)
+    for the descriptor that was used last time.
+
+    If neither is available, the node will ask the kernel for any available
+    port (the moral equivalent of ``tcp:0``). The allocated port number will
+    be written into a descriptor string in ``BASEDIR/client.port`` (or
+    ``introducer.port``), so that subsequent runs will re-use the same port.

 ``tub.location = (string, optional)``

-    In addition to running as a client, each Tahoe-LAFS node also runs as a
-    server, listening for connections from other Tahoe-LAFS clients. The node
-    announces its location by publishing a "FURL" (a string with some
+    In addition to running as a client, each Tahoe-LAFS node can also run as
+    a server, listening for connections from other Tahoe-LAFS clients. The
+    node announces its location by publishing a "FURL" (a string with some
    connection hints) to the Introducer. The string it publishes can be found
    in ``BASEDIR/private/storage.furl`` . The ``tub.location`` configuration
    controls what location is published in this announcement.

+    If your node is meant to run as a server, you should fill this in, using
+    a hostname or IP address that is reachable from your intended clients.
+
    If you don't provide ``tub.location``, the node will try to figure out a
    useful one by itself, by using tools like "``ifconfig``" to determine the
    set of IP addresses on which it can be reached from nodes both near and
    far. It will also include the TCP port number on which it is listening
    (either the one specified by ``tub.port``, or whichever port was assigned
-    by the kernel when ``tub.port`` is left unspecified).
+    by the kernel when ``tub.port`` is left unspecified). However this
+    automatic address-detection is discouraged, and will probably be removed
+    from a future release. It will include the ``127.0.0.1`` "localhost"
+    address (which is only useful to clients running on the same computer),
+    and RFC1918 private-network addresses like ``10.*.*.*`` and
+    ``192.168.*.*`` (which are only useful to clients on the local LAN). In
+    general, the automatically-detected IP addresses will only be useful if
+    the node has a public IP address, such as a VPS or colo-hosted server.

-    You might want to override this value if your node lives behind a
-    firewall that is doing inbound port forwarding, or if you are using other
-    proxies such that the local IP address or port number is not the same one
-    that remote clients should use to connect. You might also want to control
-    this when using a Tor proxy to avoid revealing your actual IP address
-    through the Introducer announcement.
+    You will certainly need to set ``tub.location`` if your node lives behind
+    a firewall that is doing inbound port forwarding, or if you are using
+    other proxies such that the local IP address or port number is not the
+    same one that remote clients should use to connect. You might also want
+    to control this when using a Tor proxy to avoid revealing your actual IP
+    address through the Introducer announcement.

    If ``tub.location`` is specified, by default it entirely replaces the
    automatically determined set of IP addresses. To include the automatically
    determined addresses as well as the specified ones, include the uppercase
    string "``AUTO``" in the list.

-    The value is a comma-separated string of host:port location hints, like
-    this::
+    The value is a comma-separated string of method:host:port location hints,
+    like this::

-      123.45.67.89:8098,tahoe.example.com:8098,127.0.0.1:8098
+      tcp:123.45.67.89:8098,tcp:tahoe.example.com:8098,tcp:127.0.0.1:8098

    A few examples:

-    * Emulate default behavior, assuming your host has IP address
-      123.45.67.89 and the kernel-allocated port number was 8098::
-
-        tub.port = 8098
-        tub.location = 123.45.67.89:8098,127.0.0.1:8098
-
    * Use a DNS name so you can change the IP address more easily::

-        tub.port = 8098
-        tub.location = tahoe.example.com:8098
+        tub.port = tcp:8098
+        tub.location = tcp:tahoe.example.com:8098
+
+    * Run a node behind a firewall (which has an external IP address) that
+      has been configured to forward external port 7912 to our internal
+      node's port 8098::
+
+        tub.port = tcp:8098
+        tub.location = tcp:external-firewall.example.com:7912
+
+    * Emulate default behavior, assuming your host has public IP address of
+      123.45.67.89, and the kernel-allocated port number was 8098::
+
+        tub.port = tcp:8098
+        tub.location = tcp:123.45.67.89:8098,tcp:127.0.0.1:8098

    * Use a DNS name but also include the default set of addresses::

-        tub.port = 8098
-        tub.location = tahoe.example.com:8098,AUTO
-
-    * Run a node behind a firewall (which has an external IP address) that
-      has been configured to forward port 7912 to our internal node's port
-      8098::
-
-        tub.port = 8098
-        tub.location = external-firewall.example.com:7912
+        tub.port = tcp:8098
+        tub.location = tcp:tahoe.example.com:8098,AUTO

    * Run a node behind a Tor proxy (perhaps via ``torsocks``), in
      client-only mode (i.e. we can make outbound connections, but other
@ -225,8 +235,8 @@ set the ``tub.location`` option described below.
      reminder to human observers that this node cannot be reached. "Don't
      call us.. we'll call you"::

-        tub.port = 8098
-        tub.location = unreachable.example.org:0
+        tub.port = tcp:8098
+        tub.location = tcp:unreachable.example.org:0

    * Run a node behind a Tor proxy, and make the server available as a Tor
      "hidden service". (This assumes that other clients are running their
@ -242,10 +252,8 @@ set the ``tub.location`` option described below.
      ``/var/lib/tor/hidden_services/tahoe/hostname``. Then set up your
      ``tahoe.cfg`` like::

-        tub.port = 8098
-        tub.location = ualhejtq2p7ohfbb.onion:29212
-
-    Most users will not need to set ``tub.location``.
+        tub.port = tcp:8098
+        tub.location = tor:ualhejtq2p7ohfbb.onion:29212

 ``log_gatherer.furl = (FURL, optional)``

--- a/topfiles/2491.config
+++ b/topfiles/2491.config
@ -12,3 +12,14 @@
  user allows NODEDIR/client.port to be written, then later modifies
  tahoe.cfg to set "tub.port" to a different value, this difference will
  persist (and the node will honor tahoe.cfg "tub.port" exclusively).
+* We now encourage static allocation of tub.port, and pre-configuration of
+  the node's externally-reachable IP address or hostname (by setting
+  tub.location). Automatic IP-address detection is deprecated. Automatic port
+  allocation is merely discouraged. Eventually both will be managed by "tahoe
+  create-node", but for now we recommend users edit their tahoe.cfg after
+  node creation and before first launch.
+* "tahoe start" now creates the Tub, and all primary software components,
+  before the child process daemonizes. Many configuration errors which would
+  previously have been reported in a logfile (after node startup), will now
+  be signalled immediately, via stderr. In these cases, the "tahoe start"
+  process will exit with a non-zero return code.