[quote=âPatrick, post:63, topic:650â]Would you mind if I reverted the setup.py packaging method back to the old generic packaging method some day?
Now that I saw how setup.py creates Debian packages, it wouldnât be hard to install the files in the same locations and running the preinst/postinst/prerm/postrm the same way setup.py would have set up.
File paths would change, but otherwise no changes from your side would be required.[/quote]
I would not mind as long the files are installed in a proper python path. That would actually be better, as we would have a consistent build process through all the packages.
I have pushed a couple of cosmetic commits in whonix-reopository-wizard and whonix-setup-wizard. Please merge as I will have to get your branch again after a complete and difficult upgrade of my whole system. Amongst other problems, VirtualBox installation was quite temperamental in jessie, and I cannot even post anything in the support forum, as I really do not understand how I got it working.
n past, when Tor was automatically connecting, it was difficult for bridge users to avoid contact to the public Tor network. So it now comes disabled by default. But to keep it easy for others to let it connect, whonixsetup was created that explains a bit the various situations and options.
Why disable it⌠Good question. Well, if there is an option to enable Tor, it would be illogical if there was no option to disable Tor. Also itâs the option that users would choose, that want to set up bridges/VPN/etc. first. Otherwise they could just press the cancel button. The disabling feature given them a better feeling since it also does some sanity checking. After configuring Whonix, it might indeed not make that much sense to fire up whonixsetup again and disable Tor. However, a few might befit from this. For example if they travel and use Tor in various different places. Sometimes with/without bridges, sometimes with different bridges etc.
OK. I could use that and another quotes from the wiki/forums to put together a better help in the tooltips.
I have not looked into the auto-start mechanism yet, but that should be relatively easy. Iâd like to discuss the next development step first.
As I see it, we have three options for the bridges:
1- we mimic whonixsetup connection wizard, with a pure text approach, no actions.
2- we install TBB with tb-updater and use tor-launcher with the modified Tails bash script. I could not get it working properly, have to give it another try. To use it safely in our case (Whonix-Gateway), that would suppose some code rewriting and I do not not speak javascript. It is probably in my reach to get a minimal understanding in order to modify the scripts but that would take time. Let say that we fork and modify tor-launcher, how do we deal with the updates from the Tor project?
3- we give our own options and modify /etc/tor/torrc accordingly. I made some manual tests (not wit the wizard, but that would be feasible). /etc/tor/torrc could look like that, with some of the currently available pluggable transports:
# This file is part of Whonix
# Copyright (C) 2012 - 2013 adrelanos <adrelanos at riseup dot net>
# See the file COPYING for copying conditions.
# Use this file for your user customizations.
# Please see /etc/tor/torrc.examples for help, options, comments etc.
# Anything here will override Whonix's own Tor config customizations in
# /usr/share/tor/tor-service-defaults-torrc
# Enable Tor through whonixsetup or manually uncomment "DisableNetwork 0" by
# removing the # in front of it.
DisableNetwork 0
#UseBridges 1
#Bridge obfs3 169.229.59.74:31493 AF9F66B7B04F8FF6F32D455F05135250A16543C9
#Bridge obfs3 83.212.101.3:80 A09D536DD1752D542E1FBB3C9CE4449D51298239
#Bridge obfs3 169.229.59.75:46328 AF9F66B7B04F8FF6F32D455F05135250A16543C9
#Bridge obfs3 109.105.109.163:47779 4C331FA9B3D1D6D8FB0D8FBBF0C259C360D97E6A
#Bridge obfs3 109.105.109.163:38980 1E05F577A0EC0213F971D81BF4D86A9E4E8229ED
#ClientTransportPlugin obfs3 exec /usr/bin/obfsproxy managed
#Bridge scramblesuit 188.226.213.208:54278 AA5A86C1490296EF4FACA946CC5A182FCD1C5B1E password=MD2VRP7WXAMSG7MKIGMHI4CB4BMSNO7T
#Bridge scramblesuit 83.212.101.3:443 A09D536DD1752D542E1FBB3C9CE4449D51298239 password=XTCXLG2JAMJKZW2POLBAOWOQETQSMASH
#ClientTransportPlugin scramblesuit exec /usr/bin/obfsproxy managed
#Bridge meek 0.0.2.0:1 url=https://meek-reflect.appspot.com/ front=www.google.com
#Bridge meek 0.0.2.0:2 url=https://d2zfqthxsdq309.cloudfront.net/ front=a0.awsstatic.com
#Bridge meek 0.0.2.0:3 url=https://az668014.vo.msecnd.net/ front=ajax.aspnetcdn.comments
#ClientTransportPlugin meek exec /usr/bin/meek-client --log meek-client.log
After the user choice, it would be a matter of uncommenting the lines required by the transport.
Note: scramblesuit and obfs3 are working. I could [edit] NOT get a connection with meek (either service) after installing meek-client from https://git.torproject.org/pluggable-transports/meek.git (requires golang-go for building, see meek ¡ Wiki ¡ Legacy / Trac ¡ GitLab).
As you mentioned earlier, that solution would probably demand some maintenance. I do know if it would be more than option 2, but it would be Python only, until we have a fluent js coder. Anyhow, we could try implementing both⌠and see which one is the easiest, and most usable.