diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2013-01-20 23:09:20 -0200 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2013-01-20 23:09:20 -0200 |
commit | f252115be193d58d345b7d18228800c68a1e47aa (patch) | |
tree | 31c95ada21d54314ecb1650f2b19e8540386dd62 /manifests/daemon/base.pp | |
parent | 89d3242cc7d4607f5eb8f1df39985c3597ee428d (diff) | |
parent | a780e84001177f10a86a7bf824589c0553f513a0 (diff) |
Merge branch 'master' of ssh://labs.riseup.net/shared-tor
Conflicts:
manifests/daemon.pp
Diffstat (limited to 'manifests/daemon/base.pp')
-rw-r--r-- | manifests/daemon/base.pp | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/manifests/daemon/base.pp b/manifests/daemon/base.pp new file mode 100644 index 0000000..63d7bc4 --- /dev/null +++ b/manifests/daemon/base.pp @@ -0,0 +1,77 @@ +# extend basic tor things with a snippet based daemon configuration +class tor::daemon::base inherits tor::base { + # packages, user, group + Service['tor'] { + subscribe => File[$tor::daemon::config_file], + } + + Package[ 'tor' ] { + require => File[$tor::daemon::data_dir], + } + + group { 'debian-tor': + ensure => present, + allowdupe => false, + } + + user { 'debian-tor': + ensure => present, + allowdupe => false, + comment => 'tor user,,,', + home => $tor::daemon::data_dir, + shell => '/bin/false', + gid => 'debian-tor', + require => Group['debian-tor'], + } + + # directories + file { $tor::daemon::data_dir: + ensure => directory, + mode => '0700', + owner => 'debian-tor', + group => 'debian-tor', + require => User['debian-tor'], + } + + file { '/etc/tor': + ensure => directory, + mode => '0755', + owner => 'debian-tor', + group => 'debian-tor', + require => User['debian-tor'], + } + + file { '/var/lib/puppet/modules/tor': + ensure => absent, + recurse => true, + force => true, + } + + # tor configuration file + concat { $tor::daemon::config_file: + mode => '0600', + owner => 'debian-tor', + group => 'debian-tor', + } + + # config file headers + concat::fragment { '00.header': + ensure => present, + content => template('tor/torrc.header.erb'), + owner => 'debian-tor', + group => 'debian-tor', + mode => '0644', + order => 00, + target => $tor::daemon::config_file, + } + + # global configurations + concat::fragment { '01.global': + content => template('tor/torrc.global.erb'), + owner => 'debian-tor', + group => 'debian-tor', + mode => '0644', + order => 01, + target => $tor::daemon::config_file, + } +} |