diff options
author | kwadronaut <kwadronaut@leap.se> | 2018-11-07 15:43:41 +0100 |
---|---|---|
committer | kwadronaut <kwadronaut@leap.se> | 2018-11-07 15:43:41 +0100 |
commit | e598088c2f9263e7682e399b65376d7a2c529ded (patch) | |
tree | aa628edf0ad55dc2adea8bc6f96bf516aaba0a30 /manifests/daemon/base.pp | |
parent | d30831f7214da266ad943cf4013f0632e8b15d48 (diff) | |
parent | 77070c6bf97ecd6fc860cae6120dca86fa910e5a (diff) |
Diffstat (limited to 'manifests/daemon/base.pp')
-rw-r--r-- | manifests/daemon/base.pp | 66 |
1 files changed, 29 insertions, 37 deletions
diff --git a/manifests/daemon/base.pp b/manifests/daemon/base.pp index f3bbc37..86156af 100644 --- a/manifests/daemon/base.pp +++ b/manifests/daemon/base.pp @@ -1,70 +1,62 @@ # extend basic tor things with a snippet based daemon configuration class tor::daemon::base inherits tor::base { - # packages, user, group - Service['tor'] { - subscribe => Concat[$tor::daemon::config_file], - } - Package[ 'tor' ] { - require => File[$tor::daemon::data_dir], - } + include ::tor::daemon::params - group { 'debian-tor': - ensure => present, - allowdupe => false, - } + if $tor::daemon::params::manage_user { + group { $tor::daemon::params::group: + ensure => present, + allowdupe => false, + } - user { 'debian-tor': - ensure => present, - allowdupe => false, - comment => 'tor user,,,', - home => $tor::daemon::data_dir, - shell => '/bin/false', - gid => 'debian-tor', - require => Group['debian-tor'], + user { $tor::daemon::params::user: + ensure => present, + allowdupe => false, + comment => 'tor user,,,', + home => $tor::daemon::data_dir, + shell => '/bin/false', + gid => $tor::daemon::params::group, + require => Group[$tor::daemon::params::group], + } } # directories file { $tor::daemon::data_dir: ensure => directory, - mode => '0700', - owner => 'debian-tor', - group => 'debian-tor', - require => User['debian-tor'], + mode => $tor::daemon::params::data_dir_mode, + owner => $tor::daemon::params::user, + group => 'root', + require => Package['tor'], } file { '/etc/tor': ensure => directory, mode => '0755', - owner => 'debian-tor', - group => 'debian-tor', - require => User['debian-tor'], - } - - file { '/var/lib/puppet/modules/tor': - ensure => absent, - recurse => true, - force => true, + owner => 'root', + group => 'root', + require => Package['tor'], } # tor configuration file concat { $tor::daemon::config_file: - mode => '0600', - owner => 'debian-tor', - group => 'debian-tor', + mode => '0640', + owner => 'root', + group => $tor::daemon::params::group, + require => Package['tor'], + notify => Service['tor'], } # config file headers concat::fragment { '00.header': content => template('tor/torrc.header.erb'), - order => 00, + order => '00', target => $tor::daemon::config_file, } # global configurations concat::fragment { '01.global': content => template('tor/torrc.global.erb'), - order => 01, + order => '01', target => $tor::daemon::config_file, } } |