From 804e022221bfb0b5200282e556d75e601271dac5 Mon Sep 17 00:00:00 2001
From: elijah <elijah@riseup.net>
Date: Tue, 15 Aug 2017 17:35:55 -0700
Subject: Bug: fix hidden service for static

hidden service should be activated iff tor is among the active services and
tor.hidden_service.active == true
---
 puppet/modules/site_static/manifests/init.pp         | 13 ++++++++++---
 puppet/modules/site_static/templates/apache.conf.erb |  2 +-
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/puppet/modules/site_static/manifests/init.pp b/puppet/modules/site_static/manifests/init.pp
index 8be791e5..96d92f74 100644
--- a/puppet/modules/site_static/manifests/init.pp
+++ b/puppet/modules/site_static/manifests/init.pp
@@ -12,6 +12,11 @@ class site_static {
   $formats        = $static['formats']
   $bootstrap      = $static['bootstrap_files']
   $tor            = hiera('tor', false)
+  if $tor and member($services, 'tor') and $tor['hidden_service']['active'] == true {
+    $tor_active = true
+  } else {
+    $tor_active = false
+  }
 
   file {
     '/srv/static/':
@@ -67,15 +72,17 @@ class site_static {
     }
 
     package { 'zlib1g-dev':
-        ensure => installed
+      ensure => installed
     }
   }
 
-  if $tor {
+  if $tor_active {
     $hidden_service = $tor['hidden_service']
     $tor_domain     = "${hidden_service['address']}.onion"
-      class { 'site_static::hidden_service': single_hop => $hidden_service['single_hop']
+    class { 'site_static::hidden_service':
+      single_hop => $hidden_service['single_hop']
     }
+
     # Currently, we only support a single hidden service address per server.
     # So if there is more than one domain configured, then we need to make sure
     # we don't enable the hidden service for every domain.
diff --git a/puppet/modules/site_static/templates/apache.conf.erb b/puppet/modules/site_static/templates/apache.conf.erb
index eb21e4c9..75d834e7 100644
--- a/puppet/modules/site_static/templates/apache.conf.erb
+++ b/puppet/modules/site_static/templates/apache.conf.erb
@@ -74,7 +74,7 @@
   Require all granted
 </Directory>
 
-<%- if @tor && (@always_use_hidden_service || @use_hidden_service) -%>
+<%- if @tor_active && (@always_use_hidden_service || @use_hidden_service) -%>
 ##
 ## Tor
 ##
-- 
cgit v1.2.3