From 34ef388fcfc92d37faad08ca9216d787a53e186c Mon Sep 17 00:00:00 2001 From: mh Date: Fri, 4 Nov 2016 15:17:40 +0100 Subject: rename hidden service to onion service to follow the new naming conventions --- README | 2 +- manifests/daemon/hidden_service.pp | 56 ------------- manifests/daemon/onions_service.pp | 56 +++++++++++++ spec/defines/daemon_hidden_service_spec.rb | 122 ----------------------------- spec/defines/daemon_onion_service_spec.rb | 122 +++++++++++++++++++++++++++++ 5 files changed, 179 insertions(+), 179 deletions(-) delete mode 100644 manifests/daemon/hidden_service.pp create mode 100644 manifests/daemon/onions_service.pp delete mode 100644 spec/defines/daemon_hidden_service_spec.rb create mode 100644 spec/defines/daemon_onion_service_spec.rb diff --git a/README b/README index bf2968d..3b6c524 100644 --- a/README +++ b/README @@ -169,7 +169,7 @@ Configuring hidden services To configure a tor hidden service you can do something like the following: - tor::daemon::hidden_service { "hidden_ssh": ports => 22 } + tor::daemon::onion_service { "onion_ssh": ports => 22 } The HiddenServiceDir is set to the ${data_dir}/${name}. diff --git a/manifests/daemon/hidden_service.pp b/manifests/daemon/hidden_service.pp deleted file mode 100644 index 1519b56..0000000 --- a/manifests/daemon/hidden_service.pp +++ /dev/null @@ -1,56 +0,0 @@ -# hidden services definition -define tor::daemon::hidden_service( - $ensure = present, - $ports = [], - $data_dir = $tor::daemon::data_dir, - $private_key = undef, - $private_key_name = $name, - $private_key_store_path = undef, -) { - - $data_dir_path = "${data_dir}/${name}" - include ::tor::daemon::params - concat::fragment { "05.hidden_service.${name}": - ensure => $ensure, - content => template('tor/torrc.hidden_service.erb'), - order => '05', - target => $tor::daemon::config_file, - } - if $private_key or ($private_key_name and $private_key_store_path) { - if $private_key and ($private_key_name and $private_key_store_path) { - fail("Either private_key OR (private_key_name AND private_key_store_path) must be set, but not all three of them") - } - if $private_key_store_path and $private_key_name { - $tmp = generate_onion_key($private_key_store_path,$private_key_name) - $os_hostname = $tmp[0] - $real_private_key = $tmp[1] - } else { - $os_hostname = onion_address($private_key) - $real_private_key = $private_key - } - file{ - $data_dir_path: - ensure => directory, - purge => true, - force => true, - recurse => true, - owner => $tor::daemon::params::user, - group => $tor::daemon::params::group, - mode => '0600', - require => Package['tor']; - "${data_dir_path}/private_key": - content => $real_private_key, - owner => $tor::daemon::params::user, - group => $tor::daemon::params::group, - mode => '0600', - notify => Service['tor']; - "${data_dir_path}/hostname": - content => "${os_hostname}.onion\n", - owner => $tor::daemon::params::user, - group => $tor::daemon::params::group, - mode => '0600', - notify => Service['tor']; - } - } -} - diff --git a/manifests/daemon/onions_service.pp b/manifests/daemon/onions_service.pp new file mode 100644 index 0000000..2625521 --- /dev/null +++ b/manifests/daemon/onions_service.pp @@ -0,0 +1,56 @@ +# onion services definition +define tor::daemon::onion_service( + $ensure = present, + $ports = [], + $data_dir = $tor::daemon::data_dir, + $private_key = undef, + $private_key_name = $name, + $private_key_store_path = undef, +) { + + $data_dir_path = "${data_dir}/${name}" + include ::tor::daemon::params + concat::fragment { "05.onion_service.${name}": + ensure => $ensure, + content => template('tor/torrc.onion_service.erb'), + order => '05', + target => $tor::daemon::config_file, + } + if $private_key or ($private_key_name and $private_key_store_path) { + if $private_key and ($private_key_name and $private_key_store_path) { + fail("Either private_key OR (private_key_name AND private_key_store_path) must be set, but not all three of them") + } + if $private_key_store_path and $private_key_name { + $tmp = generate_onion_key($private_key_store_path,$private_key_name) + $os_hostname = $tmp[0] + $real_private_key = $tmp[1] + } else { + $os_hostname = onion_address($private_key) + $real_private_key = $private_key + } + file{ + $data_dir_path: + ensure => directory, + purge => true, + force => true, + recurse => true, + owner => $tor::daemon::params::user, + group => $tor::daemon::params::group, + mode => '0600', + require => Package['tor']; + "${data_dir_path}/private_key": + content => $real_private_key, + owner => $tor::daemon::params::user, + group => $tor::daemon::params::group, + mode => '0600', + notify => Service['tor']; + "${data_dir_path}/hostname": + content => "${os_hostname}.onion\n", + owner => $tor::daemon::params::user, + group => $tor::daemon::params::group, + mode => '0600', + notify => Service['tor']; + } + } +} + diff --git a/spec/defines/daemon_hidden_service_spec.rb b/spec/defines/daemon_hidden_service_spec.rb deleted file mode 100644 index 7a3aae6..0000000 --- a/spec/defines/daemon_hidden_service_spec.rb +++ /dev/null @@ -1,122 +0,0 @@ -require File.expand_path(File.join(File.dirname(__FILE__),'../spec_helper')) -require 'openssl' - -describe 'tor::daemon::hidden_service', :type => 'define' do - let(:default_facts) { - { - :osfamily => 'RedHat', - :operatingsystem => 'CentOS', - } - } - let(:title){ 'test_os' } - let(:facts){ default_facts } - let(:pre_condition){'Exec{path => "/bin"} - include tor::daemon' } - describe 'with standard' do - it { is_expected.to compile.with_all_deps } - - it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with( - :ensure => 'present', - :content => /HiddenServiceDir \/var\/lib\/tor\/test_os/, - :order => '05', - :target => '/etc/tor/torrc', - )} - it { is_expected.to_not contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort/) } - it { is_expected.to_not contain_file('/var/lib/tor/test_os') } - context 'on Debian' do - let(:facts) { - { - :osfamily => 'Debian', - :operatingsystem => 'Debian', - } - } - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with( - :ensure => 'present', - :content => /HiddenServiceDir \/var\/lib\/tor\/test_os/, - :order => '05', - :target => '/etc/tor/torrc', - )} - it { is_expected.to_not contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort/) } - it { is_expected.to_not contain_file('/var/lib/tor/test_os') } - end - context 'with differt port params' do - let(:params){ - { - :ports => ['25','443 192.168.0.1:8443'] - } - } - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort 25 127.0.0.1:25/) } - it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort 443 192.168.0.1:8443/) } - it { is_expected.to_not contain_file('/var/lib/tor/test_os') } - end - context 'with private_key' do - let(:params){ - { - :ports => ['80'], - :private_key => OpenSSL::PKey::RSA.generate(1024).to_s, - } - } - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort 80 127.0.0.1:80/) } - it { is_expected.to contain_file('/var/lib/tor/test_os').with( - :ensure => 'directory', - :purge => true, - :force => true, - :recurse => true, - :owner => 'toranon', - :group => 'toranon', - :mode => '0750', - :require => 'Package[tor]', - )} - it { is_expected.to contain_file('/var/lib/tor/test_os/hostname').with( - :content => /^[a-z2-7]{16}\.onion\n/, - :owner => 'toranon', - :group => 'toranon', - :mode => '0600', - :notify => 'Service[tor]', - )} - it { is_expected.to contain_file('/var/lib/tor/test_os/private_key').with( - :owner => 'toranon', - :group => 'toranon', - :mode => '0600', - :notify => 'Service[tor]', - )} - end - context 'with private key to generate' do - let(:params){ - { - :ports => ['80'], - :private_key_name => 'test_os', - :private_key_store_path => File.expand_path(File.join(File.dirname(__FILE__),'..','tmp')), - } - } - it { is_expected.to compile.with_all_deps } - it { is_expected.to contain_concat__fragment('05.hidden_service.test_os').with_content(/^HiddenServicePort 80 127.0.0.1:80/) } - it { is_expected.to contain_file('/var/lib/tor/test_os').with( - :ensure => 'directory', - :purge => true, - :force => true, - :recurse => true, - :owner => 'toranon', - :group => 'toranon', - :mode => '0750', - :require => 'Package[tor]', - )} - it { is_expected.to contain_file('/var/lib/tor/test_os/hostname').with( - :content => /^[a-z2-7]{16}\.onion\n/, - :owner => 'toranon', - :group => 'toranon', - :mode => '0600', - :notify => 'Service[tor]', - )} - it { is_expected.to contain_file('/var/lib/tor/test_os/private_key').with( - :owner => 'toranon', - :group => 'toranon', - :mode => '0600', - :notify => 'Service[tor]', - )} - end - end -end diff --git a/spec/defines/daemon_onion_service_spec.rb b/spec/defines/daemon_onion_service_spec.rb new file mode 100644 index 0000000..bf9641d --- /dev/null +++ b/spec/defines/daemon_onion_service_spec.rb @@ -0,0 +1,122 @@ +require File.expand_path(File.join(File.dirname(__FILE__),'../spec_helper')) +require 'openssl' + +describe 'tor::daemon::onion_service', :type => 'define' do + let(:default_facts) { + { + :osfamily => 'RedHat', + :operatingsystem => 'CentOS', + } + } + let(:title){ 'test_os' } + let(:facts){ default_facts } + let(:pre_condition){'Exec{path => "/bin"} + include tor::daemon' } + describe 'with standard' do + it { is_expected.to compile.with_all_deps } + + it { is_expected.to contain_concat__fragment('05.onion_service.test_os').with( + :ensure => 'present', + :content => /HiddenServiceDir \/var\/lib\/tor\/test_os/, + :order => '05', + :target => '/etc/tor/torrc', + )} + it { is_expected.to_not contain_concat__fragment('05.onion_service.test_os').with_content(/^HiddenServicePort/) } + it { is_expected.to_not contain_file('/var/lib/tor/test_os') } + context 'on Debian' do + let(:facts) { + { + :osfamily => 'Debian', + :operatingsystem => 'Debian', + } + } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_concat__fragment('05.onion_service.test_os').with( + :ensure => 'present', + :content => /HiddenServiceDir \/var\/lib\/tor\/test_os/, + :order => '05', + :target => '/etc/tor/torrc', + )} + it { is_expected.to_not contain_concat__fragment('05.onion_service.test_os').with_content(/^HiddenServicePort/) } + it { is_expected.to_not contain_file('/var/lib/tor/test_os') } + end + context 'with differt port params' do + let(:params){ + { + :ports => ['25','443 192.168.0.1:8443'] + } + } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_concat__fragment('05.onion_service.test_os').with_content(/^HiddenServicePort 25 127.0.0.1:25/) } + it { is_expected.to contain_concat__fragment('05.onion_service.test_os').with_content(/^HiddenServicePort 443 192.168.0.1:8443/) } + it { is_expected.to_not contain_file('/var/lib/tor/test_os') } + end + context 'with private_key' do + let(:params){ + { + :ports => ['80'], + :private_key => OpenSSL::PKey::RSA.generate(1024).to_s, + } + } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_concat__fragment('05.onion_service.test_os').with_content(/^HiddenServicePort 80 127.0.0.1:80/) } + it { is_expected.to contain_file('/var/lib/tor/test_os').with( + :ensure => 'directory', + :purge => true, + :force => true, + :recurse => true, + :owner => 'toranon', + :group => 'toranon', + :mode => '0750', + :require => 'Package[tor]', + )} + it { is_expected.to contain_file('/var/lib/tor/test_os/hostname').with( + :content => /^[a-z2-7]{16}\.onion\n/, + :owner => 'toranon', + :group => 'toranon', + :mode => '0600', + :notify => 'Service[tor]', + )} + it { is_expected.to contain_file('/var/lib/tor/test_os/private_key').with( + :owner => 'toranon', + :group => 'toranon', + :mode => '0600', + :notify => 'Service[tor]', + )} + end + context 'with private key to generate' do + let(:params){ + { + :ports => ['80'], + :private_key_name => 'test_os', + :private_key_store_path => File.expand_path(File.join(File.dirname(__FILE__),'..','tmp')), + } + } + it { is_expected.to compile.with_all_deps } + it { is_expected.to contain_concat__fragment('05.onion_service.test_os').with_content(/^HiddenServicePort 80 127.0.0.1:80/) } + it { is_expected.to contain_file('/var/lib/tor/test_os').with( + :ensure => 'directory', + :purge => true, + :force => true, + :recurse => true, + :owner => 'toranon', + :group => 'toranon', + :mode => '0750', + :require => 'Package[tor]', + )} + it { is_expected.to contain_file('/var/lib/tor/test_os/hostname').with( + :content => /^[a-z2-7]{16}\.onion\n/, + :owner => 'toranon', + :group => 'toranon', + :mode => '0600', + :notify => 'Service[tor]', + )} + it { is_expected.to contain_file('/var/lib/tor/test_os/private_key').with( + :owner => 'toranon', + :group => 'toranon', + :mode => '0600', + :notify => 'Service[tor]', + )} + end + end +end -- cgit v1.2.3