diff options
author | elijah <elijah@riseup.net> | 2016-09-02 12:35:09 -0700 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2016-09-13 16:42:36 -0400 |
commit | a063280eab5e8749c74381aabbe641c30887e9f6 (patch) | |
tree | 45436172c746bc12517ae54a9b4838653ded18ed /puppet/modules/site_static | |
parent | 4ced0625250b82c725d6890e49cd24a20b856d40 (diff) |
[bugfix] static sites: only enable hidden service by default if one domain is configured
The problem is that we have a single onion address per server, so if more
than one domain is configured we need to make sure they don't both try to
use the same onion address.
Diffstat (limited to 'puppet/modules/site_static')
-rw-r--r-- | puppet/modules/site_static/manifests/domain.pp | 1 | ||||
-rw-r--r-- | puppet/modules/site_static/manifests/init.pp | 8 | ||||
-rw-r--r-- | puppet/modules/site_static/templates/apache.conf.erb | 2 |
3 files changed, 10 insertions, 1 deletions
diff --git a/puppet/modules/site_static/manifests/domain.pp b/puppet/modules/site_static/manifests/domain.pp index b26cc9e3..6cf2c653 100644 --- a/puppet/modules/site_static/manifests/domain.pp +++ b/puppet/modules/site_static/manifests/domain.pp @@ -4,6 +4,7 @@ define site_static::domain ( $key, $cert, $tls_only=true, + $use_hidden_service=false, $locations=undef, $aliases=undef, $apache_config=undef) { diff --git a/puppet/modules/site_static/manifests/init.pp b/puppet/modules/site_static/manifests/init.pp index 824619b4..dd3f912d 100644 --- a/puppet/modules/site_static/manifests/init.pp +++ b/puppet/modules/site_static/manifests/init.pp @@ -77,6 +77,14 @@ class site_static { if $hidden_service['active'] { include site_static::hidden_service } + # Currently, we only support a single hidden service address per server. + # So if there is more than one domain configured, then we need to make sure + # we don't enable the hidden service for every domain. + if size(keys($domains)) == 1 { + $always_use_hidden_service = true + } else { + $always_use_hidden_service = false + } } create_resources(site_static::domain, $domains) diff --git a/puppet/modules/site_static/templates/apache.conf.erb b/puppet/modules/site_static/templates/apache.conf.erb index af9a520d..dd04ca43 100644 --- a/puppet/modules/site_static/templates/apache.conf.erb +++ b/puppet/modules/site_static/templates/apache.conf.erb @@ -74,7 +74,7 @@ Require all granted </Directory> -<%- if @tor -%> +<%- if @tor && (@always_use_hidden_service || @use_hidden_service) -%> ## ## Tor ## |