# Generate the hash using 'tor --hash-password <password>'
class onion::monitor(
  $control_password        = lookup('onion::monitor::control_password'),
  $hashed_control_password = lookup('onion::monitor::hashed_control_password')
) {
  tor::daemon::control{ "control":
    port                    => 9051,
    ensure                  => present,
    hashed_control_password => $hashed_control_password,
  }

  file { '/root/.arm':
    ensure => directory,
    owner  => root,
    group  => root,
    mode   => '0750',
  }

  file { '/var/lib/tor/.arm':
    ensure => directory,
    owner  => debian-tor,
    group  => debian-tor,
    mode   => '0750',
  }

  file { '/root/.arm/armrc':
    ensure  => present,
    owner   => root,
    group   => root,
    mode    => '0640',
    content => template('onion/armrc.erb'),
    require => File['/root/.arm'],
  }

  file { '/var/lib/tor/.arm/armrc':
    ensure  => present,
    owner   => debian-tor,
    group   => debian-tor,
    mode    => '0640',
    content => template('onion/armrc.erb'),
    require => File['/var/lib/tor/.arm'],
  }
}