diff options
Diffstat (limited to 'manifests/utils/network/tor.pp')
-rw-r--r-- | manifests/utils/network/tor.pp | 32 |
1 files changed, 29 insertions, 3 deletions
diff --git a/manifests/utils/network/tor.pp b/manifests/utils/network/tor.pp index 78b08a4..f93d37a 100644 --- a/manifests/utils/network/tor.pp +++ b/manifests/utils/network/tor.pp @@ -3,9 +3,28 @@ class nodo::utils::network::tor ( $ensure = 'installed', ) { + $keyrings_folder = "/usr/share/keyrings" + $keyring = "${keyrings_folder}/deb.torproject.org-keyring.gpg" + nodo::subsystem::apt::repo { 'torproject.org': - definition => "deb [signed-by=/etc/apt/trusted.gpg.d/torproject.org.gpg] https://deb.torproject.org/torproject.org ${::lsbdistcodename} main", - key_source => 'puppet:///modules/nodo/etc/apt/trusted.gpg.d/torproject.org.gpg', + definition => "deb [signed-by=${keyring}] https://deb.torproject.org/torproject.org ${::lsbdistcodename} main", + key_source => "puppet:///modules/nodo/${keyring}", + keyrings_folder => "${keyrings_folder}", + } + + # Puppet should setup the Tor Project's APT keyring only in the first time + # Afterwards ${keyring} will be managed by the deb.torproject.org-keyring package + # + # References: + # + # * https://support.torproject.org/apt/tor-deb-repo/ + # * https://gitlab.torproject.org/tpo/web/support/-/merge_requests/220 + exec { 'torproject-keyring-copy': + command => "cp ${keyrings_folder}/torproject.org.gpg ${keyring}", + onlyif => "/bin/test ! -e ${keyring}", + creates => "${keyring}", + require => File["${keyrings_folder}/torproject.org.gpg"], + notify => Exec["apt-repo-auto-update-torproject.org"], } package { "deb.torproject.org-keyring": @@ -14,8 +33,15 @@ class nodo::utils::network::tor ( } package { [ - 'tor-arm', + 'nyx', ]: ensure => $ensure, } + + # Package 'tor-arm' was renamed to 'nyx' + package { [ + 'tor-arm', + ]: + ensure => absent, + } } |