summaryrefslogtreecommitdiff
path: root/puppet/modules/tor/templates
diff options
context:
space:
mode:
authorMicah <micah@leap.se>2016-05-24 10:19:35 -0400
committerMicah <micah@leap.se>2016-05-24 10:19:35 -0400
commit6af8e4487a9e3f6e4a2c4787dd9cde9a3549527c (patch)
treec2abcb233d4dfd0fe9d0e6d2dd94e720d780234c /puppet/modules/tor/templates
parent4e4f581e5ad057da6dc38a2e820600227168de57 (diff)
parent27f6b09be549aeebae459259ef37aaa665b7ee7d (diff)
Merge commit '27f6b09be549aeebae459259ef37aaa665b7ee7d' as 'puppet/modules/tor'
Diffstat (limited to 'puppet/modules/tor/templates')
-rw-r--r--puppet/modules/tor/templates/torrc.bridge.erb3
-rw-r--r--puppet/modules/tor/templates/torrc.control.erb16
-rw-r--r--puppet/modules/tor/templates/torrc.directory.erb11
-rw-r--r--puppet/modules/tor/templates/torrc.dns.erb5
-rw-r--r--puppet/modules/tor/templates/torrc.exit_policy.erb11
-rw-r--r--puppet/modules/tor/templates/torrc.global.erb24
-rw-r--r--puppet/modules/tor/templates/torrc.header.erb2
-rw-r--r--puppet/modules/tor/templates/torrc.hidden_service.erb6
-rw-r--r--puppet/modules/tor/templates/torrc.map_address.erb3
-rw-r--r--puppet/modules/tor/templates/torrc.relay.erb46
-rw-r--r--puppet/modules/tor/templates/torrc.socks.erb9
-rw-r--r--puppet/modules/tor/templates/torrc.transparent.erb5
12 files changed, 141 insertions, 0 deletions
diff --git a/puppet/modules/tor/templates/torrc.bridge.erb b/puppet/modules/tor/templates/torrc.bridge.erb
new file mode 100644
index 00000000..559ce5df
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.bridge.erb
@@ -0,0 +1,3 @@
+# Bridge <%= @name %>
+Bridge <%= @ip %>:<%= @port %><% if @fingerprint -%> <%= @fingerprint%><% end -%>
+
diff --git a/puppet/modules/tor/templates/torrc.control.erb b/puppet/modules/tor/templates/torrc.control.erb
new file mode 100644
index 00000000..0b68faff
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.control.erb
@@ -0,0 +1,16 @@
+# tor controller
+<% if @port != '0' -%>
+ControlPort <%= @port %>
+<% if @cookie_authentication != '0' -%>
+CookieAuthentication 1
+<% if @cookie_auth_file != '' -%>
+CookieAuthFile <%= @cookie_auth_file %>
+<% end -%>
+<% if @cookie_auth_file_group_readable != '' -%>
+CookieAuthFileGroupReadable <%= @cookie_auth_file_group_readable %>
+<% end -%>
+<% else -%>
+HashedControlPassword <%= @hashed_control_password %>
+<% end -%>
+<% end -%>
+
diff --git a/puppet/modules/tor/templates/torrc.directory.erb b/puppet/modules/tor/templates/torrc.directory.erb
new file mode 100644
index 00000000..1af9f40f
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.directory.erb
@@ -0,0 +1,11 @@
+# directory listing
+<% if port != '0' -%>
+DirPort <%= @port %>
+<% end -%>
+<% listen_addresses.each do |listen_address| -%>
+DirListenAddress <%= listen_address %>
+<% end -%>
+<% if @port_front_page != '' -%>
+DirPortFrontPage <%= port_front_page %>
+<%- end -%>
+
diff --git a/puppet/modules/tor/templates/torrc.dns.erb b/puppet/modules/tor/templates/torrc.dns.erb
new file mode 100644
index 00000000..57cf46d9
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.dns.erb
@@ -0,0 +1,5 @@
+# DNS
+DNSPort <%= @port %>
+<% @listen_addresses.each do |listen_address| -%>
+DNSListenAddress <%= listen_address %>
+<% end -%>
diff --git a/puppet/modules/tor/templates/torrc.exit_policy.erb b/puppet/modules/tor/templates/torrc.exit_policy.erb
new file mode 100644
index 00000000..a30d43b8
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.exit_policy.erb
@@ -0,0 +1,11 @@
+# exit policies: <%= @name %>
+<% if @reject_private != '1' -%>
+ExitPolicyRejectPrivate <%= @reject_private %>
+<% end -%>
+<% @accept.each do |policy| -%>
+ExitPolicy accept <%= policy %>
+<% end -%>
+<% @reject.each do |policy| -%>
+ExitPolicy reject <%= policy %>
+<% end -%>
+
diff --git a/puppet/modules/tor/templates/torrc.global.erb b/puppet/modules/tor/templates/torrc.global.erb
new file mode 100644
index 00000000..f577673d
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.global.erb
@@ -0,0 +1,24 @@
+# runtime
+RunAsDaemon 1
+<% if (v=scope.lookupvar('tor::daemon::data_dir')) != '/var/lib/tor' -%>
+DataDirectory <%= v %>
+<% end -%>
+
+# log
+<% if (rules=scope.lookupvar('tor::daemon::log_rules')).empty? -%>
+Log notice syslog
+<% else -%>
+<% rules.each do |log_rule| -%>
+Log <%= log_rule %>
+<% end -%>
+<% end -%>
+<%- if @safe_logging != 1 then -%>
+SafeLogging <%= @safe_logging %>
+<%- end -%>
+
+<% if (v=scope.lookupvar('tor::daemon::automap_hosts_on_resolve')) != '0' -%>
+AutomapHostsOnResolve <%= v %>
+<% end -%>
+<% if (v=scope.lookupvar('tor::daemon::use_bridges')) != '0' -%>
+UseBridges <%= v %>
+<%- end -%>
diff --git a/puppet/modules/tor/templates/torrc.header.erb b/puppet/modules/tor/templates/torrc.header.erb
new file mode 100644
index 00000000..79d6da9d
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.header.erb
@@ -0,0 +1,2 @@
+# This file is managed by puppet.
+
diff --git a/puppet/modules/tor/templates/torrc.hidden_service.erb b/puppet/modules/tor/templates/torrc.hidden_service.erb
new file mode 100644
index 00000000..4dec0b25
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.hidden_service.erb
@@ -0,0 +1,6 @@
+# hidden service <%= @name %>
+HiddenServiceDir <%= @data_dir %>/<%= @name %>
+<% @ports.each do |port| -%>
+HiddenServicePort <%= port %>
+<% end -%>
+
diff --git a/puppet/modules/tor/templates/torrc.map_address.erb b/puppet/modules/tor/templates/torrc.map_address.erb
new file mode 100644
index 00000000..ef4f2683
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.map_address.erb
@@ -0,0 +1,3 @@
+# map address <%= @name %>
+MapAddress <%= @address %> <%= @newaddress %>
+
diff --git a/puppet/modules/tor/templates/torrc.relay.erb b/puppet/modules/tor/templates/torrc.relay.erb
new file mode 100644
index 00000000..a286459f
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.relay.erb
@@ -0,0 +1,46 @@
+# relay
+<% if @port != 0 -%>
+ORPort <%= @port %>
+<% @listen_addresses.each do |listen_address| -%>
+ORListenAddress <%= @listen_address %>
+<% end -%>
+<% @real_outbound_bindaddresses.each do |outbound_bindaddress| -%>
+OutboundBindAddress <%= @outbound_bindaddress %>
+<% end -%>
+<% if @nickname != '' -%>
+Nickname <%= @nickname %>
+<% end -%>
+<% if @address != '' -%>
+Address <%= @address %>
+<% end -%>
+<% if @portforwarding != '0' -%>
+PortForwarding <%= @portforwarding %>
+<% end -%>
+<% if @bandwidth_rate != '' -%>
+BandwidthRate <%= @bandwidth_rate %> KB
+<% end -%>
+<% if @bandwidth_burst != '' -%>
+BandwidthBurst <%= @bandwidth_burst %> KB
+<% end -%>
+<% if @relay_bandwidth_rate != '0' -%>
+RelayBandwidthRate <%= @relay_bandwidth_rate %> KB
+<% end -%>
+<% if @relay_bandwidth_burst != '0' -%>
+RelayBandwidthBurst <%= @relay_bandwidth_burst %> KB
+<% end -%>
+<% if @accounting_max != '0' -%>
+AccountingMax <%= @accounting_max %> GB
+<% if @accounting_start -%>
+AccountingStart <%= @accounting_start %>
+<% end -%>
+<% end -%>
+<% if @contact_info != '' -%>
+ContactInfo <%= @contact_info %>
+<% end -%>
+<% end -%>
+<% if @my_family != '' -%>
+MyFamily <%= @my_family %>
+<% end -%>
+<% if @bridge_relay != '0' -%>
+BridgeRelay <%= @bridge_relay %>
+<% end -%>
diff --git a/puppet/modules/tor/templates/torrc.socks.erb b/puppet/modules/tor/templates/torrc.socks.erb
new file mode 100644
index 00000000..4bc3ddc1
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.socks.erb
@@ -0,0 +1,9 @@
+# socks
+SocksPort <%= @port %>
+<% @listen_addresses.each do |listen_address| -%>
+SocksListenAddress <%= listen_address %>
+<% end -%>
+<% @policies.each do |policy| -%>
+SocksPolicy <%= policy %>
+<% end -%>
+
diff --git a/puppet/modules/tor/templates/torrc.transparent.erb b/puppet/modules/tor/templates/torrc.transparent.erb
new file mode 100644
index 00000000..c683150f
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.transparent.erb
@@ -0,0 +1,5 @@
+# Transparent proxy
+TransPort <%= @port %>
+<% @listen_addresses.each do |listen_address| -%>
+TransListenAddress <%= listen_address %>
+<% end -%>