summaryrefslogtreecommitdiff
path: root/puppet
diff options
context:
space:
mode:
Diffstat (limited to 'puppet')
-rw-r--r--puppet/modules/site_static/manifests/domain.pp1
-rw-r--r--puppet/modules/site_static/manifests/init.pp8
-rw-r--r--puppet/modules/site_static/templates/apache.conf.erb2
3 files changed, 10 insertions, 1 deletions
diff --git a/puppet/modules/site_static/manifests/domain.pp b/puppet/modules/site_static/manifests/domain.pp
index b26cc9e3..6cf2c653 100644
--- a/puppet/modules/site_static/manifests/domain.pp
+++ b/puppet/modules/site_static/manifests/domain.pp
@@ -4,6 +4,7 @@ define site_static::domain (
$key,
$cert,
$tls_only=true,
+ $use_hidden_service=false,
$locations=undef,
$aliases=undef,
$apache_config=undef) {
diff --git a/puppet/modules/site_static/manifests/init.pp b/puppet/modules/site_static/manifests/init.pp
index 824619b4..dd3f912d 100644
--- a/puppet/modules/site_static/manifests/init.pp
+++ b/puppet/modules/site_static/manifests/init.pp
@@ -77,6 +77,14 @@ class site_static {
if $hidden_service['active'] {
include site_static::hidden_service
}
+ # Currently, we only support a single hidden service address per server.
+ # So if there is more than one domain configured, then we need to make sure
+ # we don't enable the hidden service for every domain.
+ if size(keys($domains)) == 1 {
+ $always_use_hidden_service = true
+ } else {
+ $always_use_hidden_service = false
+ }
}
create_resources(site_static::domain, $domains)
diff --git a/puppet/modules/site_static/templates/apache.conf.erb b/puppet/modules/site_static/templates/apache.conf.erb
index af9a520d..dd04ca43 100644
--- a/puppet/modules/site_static/templates/apache.conf.erb
+++ b/puppet/modules/site_static/templates/apache.conf.erb
@@ -74,7 +74,7 @@
Require all granted
</Directory>
-<%- if @tor -%>
+<%- if @tor && (@always_use_hidden_service || @use_hidden_service) -%>
##
## Tor
##