1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
|
# manages an onionbalance installation
#
# Parameters:
#
# services: a hash of onionbalance service instances
# services => {
# keyname_of_service1 => {
# name1 => onionservice_addr_3,
# name2 => onionservice_addr_2,
# _key_content => content_of_key_of_onionbalanced_service1,
# },
# }
#
class tor::onionbalance(
$services,
) {
include ::tor
case $osfamily {
'Debian': {
$pkg_name = 'onionbalance'
$instance_file = '/etc/tor/instances/onionbalance/torrc'
$instance_user = '_tor-onionbalance'
exec{'/usr/sbin/tor-instance-create onionbalance':
creates => '/etc/tor/instances/onionbalance',
require => Package['tor'],
before => File[$instance_file],
} -> augeas{"manage_onionbalance_in_group_${instance_user}":
context => '/files/etc/group',
changes => [ "set ${instance_user}/user[last()+1] onionbalance" ],
onlyif => "match ${instance_user}/*[../user='onionbalance'] size == 0",
require => Package['onionbalance'],
}
}
'RedHat': {
$instance_file = '/etc/tor/onionbalance.torrc'
$instance_user = 'toranon'
$pkg_name = 'python2-onionbalance'
}
default: {
fail("OSFamily ${osfamily} not (yet) supported for onionbalance")
}
}
package{$pkg_name:
ensure => 'installed',
tag => 'onionbalance',
} -> file{
'/etc/onionbalance/config.yaml':
content => template('tor/onionbalance/config.yaml.erb'),
owner => root,
group => $instance_user,
mode => '0640',
notify => Service['onionbalance'];
$instance_file:
content => template("tor/onionbalance/${osfamily}.torrc.erb"),
owner => root,
group => 0,
mode => '0644',
require => Package['tor'],
notify => Service['tor@onionbalance'],
}
tor::onionbalance::keys{
keys($services):
values => $services,
group => $instance_user,
}
service{
'tor@onionbalance':
ensure => running,
enable => true;
'onionbalance':
ensure => running,
enable => true,
subscribe => Service['tor@onionbalance'];
}
}
|