3 files changed, 12 insertions, 13 deletions

diff --git a/puppet/modules/site_tor/manifests/disable_exit.pp b/puppet/modules/site_tor/manifests/disable_exit.pp
new file mode 100644
index 00000000..73016646
--- /dev/null
+++ b/puppet/modules/site_tor/manifests/disable_exit.pp
@@ -0,0 +1,7 @@
+class site_tor::disable_exit {
+  tor::daemon::exit_policy {
+    'no_exit_at_all':
+      reject => '*:*';
+  }
+}
+
diff --git a/puppet/modules/site_tor/manifests/exit_policy.pp b/puppet/modules/site_tor/manifests/exit_policy.pp
deleted file mode 100644
index f2d2d38f..00000000
--- a/puppet/modules/site_tor/manifests/exit_policy.pp
+++ /dev/null
@@ -1,8 +0,0 @@
-class site_tor::exit_policy {
-  # exaple policy to allow ssh
-  tor::daemon::exit_policy { 'ssh_exit_policy':
-    accept => '*:22',
-    reject => '*:*';
-  }
-}
-
diff --git a/puppet/modules/site_tor/manifests/init.pp b/puppet/modules/site_tor/manifests/init.pp
index 7c25b0e9..654337c7 100644
--- a/puppet/modules/site_tor/manifests/init.pp
+++ b/puppet/modules/site_tor/manifests/init.pp
@@ -6,22 +6,22 @@ class site_tor {
   $tor_type = $tor['type']
 
   $contact_email = hiera('contact_email')
+  $address       = hiera('ip_address')
 
   class { 'tor::daemon': }
   tor::daemon::relay { $::hostname:
     port             => 9001,
-    #listen_addresses => '',
+    address          => $address,
     contact_info     => $contact_email,
     bandwidth_rate   => $bandwidth_rate,
   }
 
-  # we configure the directory later
-  #tor::daemon::directory { $::hostname: port => 80 }
+  tor::daemon::directory { $::hostname: port => 80 }
 
   include site_shorewall::tor
 
-  if ( $tor_type == 'exit' ) {
-    include site_tor::exit_policy
+  if ( $tor_type != 'exit' ) {
+    include site_tor::disable_exit
   }
 
 }