From 297fadc8e6ad4729589d4ec21683f05a1e50bdf9 Mon Sep 17 00:00:00 2001
From: Micah <micah@leap.se>
Date: Tue, 12 Jul 2016 16:46:13 -0400
Subject: git subrepo clone https://leap.se/git/puppet_tor puppet/modules/tor

subrepo:
  subdir:   "puppet/modules/tor"
  merged:   "9981a70"
upstream:
  origin:   "https://leap.se/git/puppet_tor"
  branch:   "master"
  commit:   "9981a70"
git-subrepo:
  version:  "0.3.0"
  origin:   "https://github.com/ingydotnet/git-subrepo"
  commit:   "1e79595"

Change-Id: I0a876a52bd83914cfd1e06abe9af208dd62e5683
---
 puppet/modules/tor/templates/torrc.bridge.erb      |  3 ++
 puppet/modules/tor/templates/torrc.control.erb     | 16 ++++++++
 puppet/modules/tor/templates/torrc.directory.erb   | 11 ++++++
 puppet/modules/tor/templates/torrc.dns.erb         |  5 +++
 puppet/modules/tor/templates/torrc.exit_policy.erb | 11 ++++++
 puppet/modules/tor/templates/torrc.global.erb      | 24 +++++++++++
 puppet/modules/tor/templates/torrc.header.erb      |  2 +
 .../modules/tor/templates/torrc.hidden_service.erb |  6 +++
 puppet/modules/tor/templates/torrc.map_address.erb |  3 ++
 puppet/modules/tor/templates/torrc.relay.erb       | 46 ++++++++++++++++++++++
 puppet/modules/tor/templates/torrc.socks.erb       |  9 +++++
 puppet/modules/tor/templates/torrc.transparent.erb |  5 +++
 12 files changed, 141 insertions(+)
 create mode 100644 puppet/modules/tor/templates/torrc.bridge.erb
 create mode 100644 puppet/modules/tor/templates/torrc.control.erb
 create mode 100644 puppet/modules/tor/templates/torrc.directory.erb
 create mode 100644 puppet/modules/tor/templates/torrc.dns.erb
 create mode 100644 puppet/modules/tor/templates/torrc.exit_policy.erb
 create mode 100644 puppet/modules/tor/templates/torrc.global.erb
 create mode 100644 puppet/modules/tor/templates/torrc.header.erb
 create mode 100644 puppet/modules/tor/templates/torrc.hidden_service.erb
 create mode 100644 puppet/modules/tor/templates/torrc.map_address.erb
 create mode 100644 puppet/modules/tor/templates/torrc.relay.erb
 create mode 100644 puppet/modules/tor/templates/torrc.socks.erb
 create mode 100644 puppet/modules/tor/templates/torrc.transparent.erb

(limited to 'puppet/modules/tor/templates')

diff --git a/puppet/modules/tor/templates/torrc.bridge.erb b/puppet/modules/tor/templates/torrc.bridge.erb
new file mode 100644
index 00000000..559ce5df
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.bridge.erb
@@ -0,0 +1,3 @@
+# Bridge <%= @name %>
+Bridge <%= @ip %>:<%= @port %><% if @fingerprint -%> <%= @fingerprint%><% end -%>
+
diff --git a/puppet/modules/tor/templates/torrc.control.erb b/puppet/modules/tor/templates/torrc.control.erb
new file mode 100644
index 00000000..0b68faff
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.control.erb
@@ -0,0 +1,16 @@
+# tor controller
+<%  if @port != '0' -%>
+ControlPort <%= @port %>
+<%    if @cookie_authentication != '0' -%>
+CookieAuthentication 1
+<%      if @cookie_auth_file != '' -%>
+CookieAuthFile <%= @cookie_auth_file %>
+<%      end -%>
+<%      if @cookie_auth_file_group_readable != '' -%>
+CookieAuthFileGroupReadable <%= @cookie_auth_file_group_readable %>
+<%      end -%>
+<%    else -%>
+HashedControlPassword <%= @hashed_control_password %>
+<%    end -%>
+<%  end -%>
+
diff --git a/puppet/modules/tor/templates/torrc.directory.erb b/puppet/modules/tor/templates/torrc.directory.erb
new file mode 100644
index 00000000..1af9f40f
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.directory.erb
@@ -0,0 +1,11 @@
+# directory listing
+<%  if port != '0' -%>
+DirPort <%= @port %>
+<%  end -%>
+<%  listen_addresses.each do |listen_address| -%>
+DirListenAddress <%= listen_address %>
+<%  end -%>
+<%  if @port_front_page != '' -%>
+DirPortFrontPage <%= port_front_page %>
+<%- end -%>
+
diff --git a/puppet/modules/tor/templates/torrc.dns.erb b/puppet/modules/tor/templates/torrc.dns.erb
new file mode 100644
index 00000000..57cf46d9
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.dns.erb
@@ -0,0 +1,5 @@
+# DNS
+DNSPort <%= @port %>
+<% @listen_addresses.each do |listen_address|  -%>
+DNSListenAddress <%= listen_address %>
+<% end -%>
diff --git a/puppet/modules/tor/templates/torrc.exit_policy.erb b/puppet/modules/tor/templates/torrc.exit_policy.erb
new file mode 100644
index 00000000..a30d43b8
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.exit_policy.erb
@@ -0,0 +1,11 @@
+# exit policies: <%= @name %>
+<% if @reject_private != '1' -%>
+ExitPolicyRejectPrivate <%= @reject_private %>
+<% end -%>
+<% @accept.each do |policy| -%>
+ExitPolicy accept <%= policy %>
+<% end -%>
+<% @reject.each do |policy| -%>
+ExitPolicy reject <%= policy %>
+<% end -%>
+
diff --git a/puppet/modules/tor/templates/torrc.global.erb b/puppet/modules/tor/templates/torrc.global.erb
new file mode 100644
index 00000000..f577673d
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.global.erb
@@ -0,0 +1,24 @@
+# runtime
+RunAsDaemon 1
+<%  if (v=scope.lookupvar('tor::daemon::data_dir')) != '/var/lib/tor' -%>
+DataDirectory <%= v %>
+<% end -%>
+
+# log
+<% if (rules=scope.lookupvar('tor::daemon::log_rules')).empty? -%>
+Log notice syslog
+<%  else -%>
+<%   rules.each do |log_rule| -%>
+Log <%= log_rule %>
+<%    end -%>
+<%  end -%>
+<%- if @safe_logging != 1 then -%>
+SafeLogging <%= @safe_logging %>
+<%-   end -%>
+
+<%  if (v=scope.lookupvar('tor::daemon::automap_hosts_on_resolve')) != '0' -%>
+AutomapHostsOnResolve <%= v %>
+<%  end -%>
+<%  if (v=scope.lookupvar('tor::daemon::use_bridges')) != '0' -%>
+UseBridges <%= v %>
+<%- end -%>
diff --git a/puppet/modules/tor/templates/torrc.header.erb b/puppet/modules/tor/templates/torrc.header.erb
new file mode 100644
index 00000000..79d6da9d
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.header.erb
@@ -0,0 +1,2 @@
+# This file is managed by puppet.
+
diff --git a/puppet/modules/tor/templates/torrc.hidden_service.erb b/puppet/modules/tor/templates/torrc.hidden_service.erb
new file mode 100644
index 00000000..4dec0b25
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.hidden_service.erb
@@ -0,0 +1,6 @@
+# hidden service <%= @name %>
+HiddenServiceDir <%= @data_dir %>/<%= @name %>
+<% @ports.each do |port| -%>
+HiddenServicePort <%= port %>
+<% end -%>
+
diff --git a/puppet/modules/tor/templates/torrc.map_address.erb b/puppet/modules/tor/templates/torrc.map_address.erb
new file mode 100644
index 00000000..ef4f2683
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.map_address.erb
@@ -0,0 +1,3 @@
+# map address <%= @name %>
+MapAddress <%= @address %> <%= @newaddress %>
+
diff --git a/puppet/modules/tor/templates/torrc.relay.erb b/puppet/modules/tor/templates/torrc.relay.erb
new file mode 100644
index 00000000..a286459f
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.relay.erb
@@ -0,0 +1,46 @@
+# relay
+<% if @port != 0 -%>
+ORPort <%= @port %>
+<%   @listen_addresses.each do |listen_address| -%>
+ORListenAddress <%= @listen_address %>
+<%   end -%>
+<%   @real_outbound_bindaddresses.each do |outbound_bindaddress| -%>
+OutboundBindAddress <%= @outbound_bindaddress %>
+<%   end -%>
+<%   if @nickname != '' -%>
+Nickname <%= @nickname %>
+<%   end -%>
+<%   if @address != '' -%>
+Address <%= @address %>
+<%   end -%>
+<%   if @portforwarding != '0' -%>
+PortForwarding <%= @portforwarding %>
+<%   end -%>
+<%   if @bandwidth_rate != '' -%>
+BandwidthRate <%= @bandwidth_rate %> KB
+<%   end -%>
+<%   if @bandwidth_burst != '' -%>
+BandwidthBurst <%= @bandwidth_burst %> KB
+<%   end -%>
+<%   if @relay_bandwidth_rate != '0' -%>
+RelayBandwidthRate <%= @relay_bandwidth_rate %> KB
+<%   end -%>
+<%   if @relay_bandwidth_burst != '0' -%>
+RelayBandwidthBurst <%= @relay_bandwidth_burst %> KB
+<%   end -%>
+<%   if @accounting_max != '0' -%>
+AccountingMax <%= @accounting_max %> GB
+<%     if @accounting_start -%>
+AccountingStart <%= @accounting_start %>
+<%     end -%>
+<%   end -%>
+<%   if @contact_info != '' -%>
+ContactInfo <%= @contact_info %>
+<%   end -%>
+<% end -%>
+<% if @my_family != '' -%>
+MyFamily <%= @my_family %>
+<% end -%>
+<% if @bridge_relay != '0' -%>
+BridgeRelay <%= @bridge_relay %>
+<% end -%>
diff --git a/puppet/modules/tor/templates/torrc.socks.erb b/puppet/modules/tor/templates/torrc.socks.erb
new file mode 100644
index 00000000..4bc3ddc1
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.socks.erb
@@ -0,0 +1,9 @@
+# socks
+SocksPort <%= @port %>
+<% @listen_addresses.each do |listen_address| -%>
+SocksListenAddress <%= listen_address %>
+<% end -%>
+<% @policies.each do |policy| -%>
+SocksPolicy <%= policy %>
+<% end -%>
+
diff --git a/puppet/modules/tor/templates/torrc.transparent.erb b/puppet/modules/tor/templates/torrc.transparent.erb
new file mode 100644
index 00000000..c683150f
--- /dev/null
+++ b/puppet/modules/tor/templates/torrc.transparent.erb
@@ -0,0 +1,5 @@
+# Transparent proxy
+TransPort <%= @port %>
+<% @listen_addresses.each do |listen_address| -%>
+TransListenAddress <%= listen_address %>
+<% end -%>
-- 
cgit v1.2.3