# This class currently mostly manages the repository definition and key
# Use the "tor" or "onion" modules to manage package installation and service configuration
class nodo::utils::network::tor (
  $ensure = 'installed',
) {
  $keyrings_folder = "/usr/share/keyrings"
  $keyring         = "${keyrings_folder}/deb.torproject.org-keyring.gpg"

  nodo::subsystem::apt::repo { 'torproject.org':
    definition      => "deb [signed-by=${keyring}] https://deb.torproject.org/torproject.org ${::lsbdistcodename} main",
    key_source      => "puppet:///modules/nodo/${keyring}",
    keyrings_folder => "${keyrings_folder}",
  }

  # Puppet should setup the Tor Project's APT keyring only in the first time
  # Afterwards ${keyring} will be managed by the deb.torproject.org-keyring package
  #
  # References:
  #
  # * https://support.torproject.org/apt/tor-deb-repo/
  # * https://gitlab.torproject.org/tpo/web/support/-/merge_requests/220
  exec { 'torproject-keyring-copy':
    command => "cp ${keyrings_folder}/torproject.org.gpg ${keyring}",
    onlyif  => "/bin/test ! -e ${keyring}",
    creates => "${keyring}",
    require => File["${keyrings_folder}/torproject.org.gpg"],
    notify  => Exec["apt-repo-auto-update-torproject.org"],
  }

  package { "deb.torproject.org-keyring":
    ensure  => present,
    require => Nodo::Subsystem::Apt::Repo['torproject.org'],
  }

  package { [
    'nyx',
  ]:
    ensure => $ensure,
  }

  # Package 'tor-arm' was renamed to 'nyx'
  package { [
    'tor-arm',
  ]:
    ensure => absent,
  }
}