diff options
author | Louis-Philippe VĂ©ronneau <pollito@riseup.net> | 2018-03-06 17:29:54 +0000 |
---|---|---|
committer | Louis-Philippe VĂ©ronneau <pollito@riseup.net> | 2018-03-06 17:29:54 +0000 |
commit | 7c40929d8a2a9438ccd883e9d856d526b852da8c (patch) | |
tree | d8529a383482db6cd716c16074e6b798c1069e7b /manifests/daemon/onion_service.pp | |
parent | 228ae4a53999dbc49fa7c4d2883468dde10f19fb (diff) | |
parent | 6ebebe3ab04e8ba3d4b651e49012646046642160 (diff) |
Merge branch 'immerda-merge' into 'master'
Immerda merge
Closes #2
See merge request shared-puppet-modules-group/tor!19
Diffstat (limited to 'manifests/daemon/onion_service.pp')
-rw-r--r-- | manifests/daemon/onion_service.pp | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/manifests/daemon/onion_service.pp b/manifests/daemon/onion_service.pp new file mode 100644 index 0000000..cb55d06 --- /dev/null +++ b/manifests/daemon/onion_service.pp @@ -0,0 +1,65 @@ +# onion services definition +define tor::daemon::onion_service( + $ensure = 'present', + $ports = [], + $data_dir = $tor::daemon::data_dir, + $v3 = false, + $single_hop = false, + $private_key = undef, + $private_key_name = $name, + $private_key_store_path = undef, +) { + + $data_dir_path = "${data_dir}/${name}" + if $ensure == 'present' { + include ::tor::daemon::params + concat::fragment { "05.onion_service.${name}": + content => template('tor/torrc.onion_service.erb'), + order => '05', + target => $tor::daemon::config_file, + } + if $single_hop { + file { "${$data_dir_path}/onion_service_non_anonymous": + ensure => 'present', + notify => Service['tor']; + } + } + } + if $private_key or ($private_key_name and $private_key_store_path) { + if $private_key and ($private_key_name and $private_key_store_path) { + fail('Either private_key OR (private_key_name AND private_key_store_path) must be set, but not all three of them') + } + if $private_key_store_path and $private_key_name { + $tmp = generate_onion_key($private_key_store_path,$private_key_name) + $os_hostname = $tmp[0] + $real_private_key = $tmp[1] + } else { + $os_hostname = onion_address($private_key) + $real_private_key = $private_key + } + file{ + $data_dir_path: + ensure => directory, + purge => true, + force => true, + recurse => true, + owner => $tor::daemon::params::user, + group => $tor::daemon::params::group, + mode => '0600', + require => Package['tor']; + "${data_dir_path}/private_key": + content => $real_private_key, + owner => $tor::daemon::params::user, + group => $tor::daemon::params::group, + mode => '0600', + notify => Service['tor']; + "${data_dir_path}/hostname": + content => "${os_hostname}.onion\n", + owner => $tor::daemon::params::user, + group => $tor::daemon::params::group, + mode => '0600', + notify => Service['tor']; + } + } +} + |