aboutsummaryrefslogtreecommitdiff
path: root/manifests/utils/network/tor.pp
blob: f93d37a19b9906fa9e6db9eb15a3d05bf1c94c26 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47

# This class currently mostly manages the repository definition and key
# Use the "tor" or "onion" modules to manage package installation and service configuration
class nodo::utils::network::tor (
  $ensure = 'installed',
) {
  $keyrings_folder = "/usr/share/keyrings"
  $keyring         = "${keyrings_folder}/deb.torproject.org-keyring.gpg"

  nodo::subsystem::apt::repo { 'torproject.org':
    definition      => "deb [signed-by=${keyring}] https://deb.torproject.org/torproject.org ${::lsbdistcodename} main",
    key_source      => "puppet:///modules/nodo/${keyring}",
    keyrings_folder => "${keyrings_folder}",
  }

  # Puppet should setup the Tor Project's APT keyring only in the first time
  # Afterwards ${keyring} will be managed by the deb.torproject.org-keyring package
  #
  # References:
  #
  # * https://support.torproject.org/apt/tor-deb-repo/
  # * https://gitlab.torproject.org/tpo/web/support/-/merge_requests/220
  exec { 'torproject-keyring-copy':
    command => "cp ${keyrings_folder}/torproject.org.gpg ${keyring}",
    onlyif  => "/bin/test ! -e ${keyring}",
    creates => "${keyring}",
    require => File["${keyrings_folder}/torproject.org.gpg"],
    notify  => Exec["apt-repo-auto-update-torproject.org"],
  }

  package { "deb.torproject.org-keyring":
    ensure  => present,
    require => Nodo::Subsystem::Apt::Repo['torproject.org'],
  }

  package { [
    'nyx',
  ]:
    ensure => $ensure,
  }

  # Package 'tor-arm' was renamed to 'nyx'
  package { [
    'tor-arm',
  ]:
    ensure => absent,
  }
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-16 07:31:31 +0000