diff options
| author | Micah <micah@leap.se> | 2016-07-12 16:46:13 -0400 |
|---|---|---|
| committer | Micah <micah@leap.se> | 2016-07-12 16:46:13 -0400 |
| commit | 297fadc8e6ad4729589d4ec21683f05a1e50bdf9 (patch) | |
| tree | 249685a9e39165a28c246d9abfc7641e93cbdd0a /puppet/modules/tor/manifests/daemon/base.pp | |
| parent | 26aac7ccf240b06d65616bdd00ae472d980aaea9 (diff) | |
git subrepo clone https://leap.se/git/puppet_tor puppet/modules/tor
subrepo:
subdir: "puppet/modules/tor"
merged: "9981a70"
upstream:
origin: "https://leap.se/git/puppet_tor"
branch: "master"
commit: "9981a70"
git-subrepo:
version: "0.3.0"
origin: "https://github.com/ingydotnet/git-subrepo"
commit: "1e79595"
Change-Id: I0a876a52bd83914cfd1e06abe9af208dd62e5683
Diffstat (limited to 'puppet/modules/tor/manifests/daemon/base.pp')
| -rw-r--r-- | puppet/modules/tor/manifests/daemon/base.pp | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/puppet/modules/tor/manifests/daemon/base.pp b/puppet/modules/tor/manifests/daemon/base.pp new file mode 100644 index 00000000..63d7bc4d --- /dev/null +++ b/puppet/modules/tor/manifests/daemon/base.pp @@ -0,0 +1,77 @@ +# extend basic tor things with a snippet based daemon configuration +class tor::daemon::base inherits tor::base { + # packages, user, group + Service['tor'] { + subscribe => File[$tor::daemon::config_file], + } + + Package[ 'tor' ] { + require => File[$tor::daemon::data_dir], + } + + group { 'debian-tor': + ensure => present, + allowdupe => false, + } + + user { 'debian-tor': + ensure => present, + allowdupe => false, + comment => 'tor user,,,', + home => $tor::daemon::data_dir, + shell => '/bin/false', + gid => 'debian-tor', + require => Group['debian-tor'], + } + + # directories + file { $tor::daemon::data_dir: + ensure => directory, + mode => '0700', + owner => 'debian-tor', + group => 'debian-tor', + require => User['debian-tor'], + } + + file { '/etc/tor': + ensure => directory, + mode => '0755', + owner => 'debian-tor', + group => 'debian-tor', + require => User['debian-tor'], + } + + file { '/var/lib/puppet/modules/tor': + ensure => absent, + recurse => true, + force => true, + } + + # tor configuration file + concat { $tor::daemon::config_file: + mode => '0600', + owner => 'debian-tor', + group => 'debian-tor', + } + + # config file headers + concat::fragment { '00.header': + ensure => present, + content => template('tor/torrc.header.erb'), + owner => 'debian-tor', + group => 'debian-tor', + mode => '0644', + order => 00, + target => $tor::daemon::config_file, + } + + # global configurations + concat::fragment { '01.global': + content => template('tor/torrc.global.erb'), + owner => 'debian-tor', + group => 'debian-tor', + mode => '0644', + order => 01, + target => $tor::daemon::config_file, + } +} |