Age | Commit message (Collapse) | Author |
|
In order to refactor the tor services, we need to split them out into three
different services. This adds the hidden service class that is necessary to
support the previous commits. Fixes #8864.
|
|
The 'tor' service is now three separate services, 'tor_exit', 'tor_relay', or 'hidden_service'.
|
|
hidden service should be activated iff tor is among the active services and
tor.hidden_service.active == true
|
|
|
|
This makes a more clear site_tor::relay class that the leap service
includes, and a more generic site_tor class that other classes can
depend on for setting up the initial install.
|
|
This cuts the number of hops for a tor onion service from 6 to 3,
speeding it up considerably. This removes the anonymity aspect of the
service, so it must be enabled intentionally, knowing that the server's
location no longer is hidden.
|
|
|
|
is configured
The problem is that we have a single onion address per server, so if more
than one domain is configured we need to make sure they don't both try to
use the same onion address.
|
|
|
|
|
|
When tor is not configured, then its possible to get this error on
deploy:
Error: tor is not a hash or array when accessing it with hidden_service
at /srv/leap/puppet/modules/site_static/manifests/init.pp:16 on node
rewdevstatic1.rewire.org
This commit only accesses the array when its enabled.
Change-Id: Ia75ac7a51179da980966adba0cc614b9cd642b0c
|
|
When tor hidden services were enabled for static sites, only a very
basic configuration was setup and it didn't take into account the
different location configurations that can be configured for a
static site.
This commit resolves that by making a site_static::hidden_service class
similar to the site_webapp::hidden_service class, and fixes up the
apache vhost template to properly create the location blocks for the
hidden service vhost.
Change-Id: Ice3586f4173bd2d1bd3defca29d21c7403d5a03a
|
|
|
|
|
|
Change-Id: I20a28ae77c98071aefc1933e0ea73e5f3b895acb
|
|
|
|
I used `puppet-lint -f FILE` to fix most issues, while
finishing with manual intervention.
|
|
defined.
|
|
service (Bug #6851)
Also, moved global Exec{} defaults to site.pp
Change-Id: I9ae91b77afde944d2f1312613b9d9030e32239dd
|
|
Change-Id: I77fa50990b5ae60074c54738e8c19929b486d1d0
|
|
Change-Id: Iea1242b3c27d92cef7b217006211e57631fd7e62
|
|
|
|
Make the server-status information unavailable by putting the vhost on a
port that isn't configured as available to the tor hidden-service.
Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb
|
|
Conflicts:
puppet/modules/site_static/manifests/init.pp
Change-Id: I090b1cb3cbe3c4d01a2c640ae3a370b17e722e12
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
minor lint.
https://leap.se/code/issues/6577
Change-Id: Iefefbf3e8fc5c13cdd7e302627504a76b856e725
|
|
|
|
|
|
|
|
|
|
|
|
|