diff options
author | mh <mh@immerda.ch> | 2013-01-02 13:54:57 +0100 |
---|---|---|
committer | mh <mh@immerda.ch> | 2013-01-02 13:54:57 +0100 |
commit | 225adb9f30bff4064e3a166498f147bfd9a9f6eb (patch) | |
tree | 6836f4ddde3ea63be929048896ef6afd5568defc | |
parent | 3fb09572cbbef20a72feb3e3a50711ba7eba1cea (diff) | |
download | puppet-tor-225adb9f30bff4064e3a166498f147bfd9a9f6eb.tar.gz puppet-tor-225adb9f30bff4064e3a166498f147bfd9a9f6eb.tar.bz2 |
refactor daemon and main class for better design
By extracting the resources to their own class we can avoid a bug
in puppet that makes it hard to deal with inherited parametrized
classes.
-rw-r--r-- | README | 8 | ||||
-rw-r--r-- | manifests/base.pp | 14 | ||||
-rw-r--r-- | manifests/compact.pp | 2 | ||||
-rw-r--r-- | manifests/daemon.pp | 77 | ||||
-rw-r--r-- | manifests/daemon/base.pp | 77 | ||||
-rw-r--r-- | manifests/daemon/map_address.pp | 3 | ||||
-rw-r--r-- | manifests/init.pp | 13 | ||||
-rw-r--r-- | manifests/munin.pp | 1 | ||||
-rw-r--r-- | manifests/polipo.pp | 1 | ||||
-rw-r--r-- | manifests/polipo/base.pp | 1 | ||||
-rw-r--r-- | manifests/polipo/debian.pp | 1 | ||||
-rw-r--r-- | manifests/torsocks.pp | 1 |
12 files changed, 113 insertions, 86 deletions
@@ -81,14 +81,12 @@ config, for example the following will use syslog: } If you want to set specific options for the tor class, -you need to define it before tor::daemon in your manifests, +you may pass them directly to the tor::daemon in your manifests, e.g.: - class { '::tor': - use_munin => true, - } class { '::tor::daemon': - automap_hosts_on_resolve => 1, + use_munin => true, + automap_hosts_on_resolve => 1, } Configuring socks diff --git a/manifests/base.pp b/manifests/base.pp new file mode 100644 index 0000000..b98451b --- /dev/null +++ b/manifests/base.pp @@ -0,0 +1,14 @@ +# basic management of resources for tor +class tor::base { + package { [ 'tor', 'tor-geoipdb' ]: + ensure => $tor::ensure_version, + } + + service { 'tor': + ensure => running, + enable => true, + hasrestart => true, + hasstatus => true, + require => Package['tor'], + } +} diff --git a/manifests/compact.pp b/manifests/compact.pp index 472a4a6..c0f5919 100644 --- a/manifests/compact.pp +++ b/manifests/compact.pp @@ -1,3 +1,5 @@ +# manage a complete tor +# installation with all the basics class tor::compact { include ::tor include tor::polipo diff --git a/manifests/daemon.pp b/manifests/daemon.pp index 1f4ea49..000c959 100644 --- a/manifests/daemon.pp +++ b/manifests/daemon.pp @@ -1,79 +1,18 @@ +# manage a snippet based tor installation class tor::daemon ( + $ensure_version = 'installed', + $use_munin = false, $data_dir = '/var/lib/tor', $config_file = '/etc/tor/torrc', $use_bridges = 0, $automap_hosts_on_resolve = 0, $log_rules = [ 'notice file /var/log/tor/notices.log' ] -) inherits tor { +) { - # packages, user, group - Service['tor'] { - subscribe => File[$config_file], + class{'tor': + ensure_version => $ensure_version, + use_munin => $use_munin, } - Package[ 'tor' ] { - require => File[$data_dir], - } - - group { 'debian-tor': - ensure => present, - allowdupe => false, - } - - user { 'debian-tor': - ensure => present, - allowdupe => false, - comment => 'tor user,,,', - home => $data_dir, - shell => '/bin/false', - gid => 'debian-tor', - require => Group['debian-tor'], - } - - # directories - file { $data_dir: - ensure => directory, - mode => '0700', - owner => 'debian-tor', - group => 'debian-tor', - require => User['debian-tor'], - } - - file { '/etc/tor': - ensure => directory, - mode => '0755', - owner => 'debian-tor', - group => 'debian-tor', - require => User['debian-tor'], - } - - file { '/var/lib/puppet/modules/tor': - ensure => absent, - recurse => true, - force => true, - } - - # tor configuration file - concat { $config_file: - mode => '0600', - owner => 'debian-tor', - group => 'debian-tor', - } - - # config file headers - concat::fragment { '00.header': - ensure => present, - content => template('tor/torrc.header.erb'), - owner => 'debian-tor', group => 'debian-tor', mode => '0644', - order => 00, - target => $config_file, - } - - # global configurations - concat::fragment { '01.global': - content => template('tor/torrc.global.erb'), - owner => 'debian-tor', group => 'debian-tor', mode => '0644', - order => 01, - target => $config_file, - } + include tor::daemon::base } diff --git a/manifests/daemon/base.pp b/manifests/daemon/base.pp new file mode 100644 index 0000000..63d7bc4 --- /dev/null +++ b/manifests/daemon/base.pp @@ -0,0 +1,77 @@ +# extend basic tor things with a snippet based daemon configuration +class tor::daemon::base inherits tor::base { + # packages, user, group + Service['tor'] { + subscribe => File[$tor::daemon::config_file], + } + + Package[ 'tor' ] { + require => File[$tor::daemon::data_dir], + } + + group { 'debian-tor': + ensure => present, + allowdupe => false, + } + + user { 'debian-tor': + ensure => present, + allowdupe => false, + comment => 'tor user,,,', + home => $tor::daemon::data_dir, + shell => '/bin/false', + gid => 'debian-tor', + require => Group['debian-tor'], + } + + # directories + file { $tor::daemon::data_dir: + ensure => directory, + mode => '0700', + owner => 'debian-tor', + group => 'debian-tor', + require => User['debian-tor'], + } + + file { '/etc/tor': + ensure => directory, + mode => '0755', + owner => 'debian-tor', + group => 'debian-tor', + require => User['debian-tor'], + } + + file { '/var/lib/puppet/modules/tor': + ensure => absent, + recurse => true, + force => true, + } + + # tor configuration file + concat { $tor::daemon::config_file: + mode => '0600', + owner => 'debian-tor', + group => 'debian-tor', + } + + # config file headers + concat::fragment { '00.header': + ensure => present, + content => template('tor/torrc.header.erb'), + owner => 'debian-tor', + group => 'debian-tor', + mode => '0644', + order => 00, + target => $tor::daemon::config_file, + } + + # global configurations + concat::fragment { '01.global': + content => template('tor/torrc.global.erb'), + owner => 'debian-tor', + group => 'debian-tor', + mode => '0644', + order => 01, + target => $tor::daemon::config_file, + } +} diff --git a/manifests/daemon/map_address.pp b/manifests/daemon/map_address.pp index 6cb0956..e970fe5 100644 --- a/manifests/daemon/map_address.pp +++ b/manifests/daemon/map_address.pp @@ -1,7 +1,8 @@ # map address definition define tor::daemon::map_address( $address = '', - $newaddress = '') { + $newaddress = '' + $ensure = 'present') { concat::fragment { "08.map_address.${name}": ensure => $ensure, diff --git a/manifests/init.pp b/manifests/init.pp index c620718..3653c89 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,19 +1,10 @@ +# manage a basic tor installation class tor ( $ensure_version = 'installed', $use_munin = false ){ - package { [ 'tor', 'tor-geoipdb' ]: - ensure => $ensure_version, - } - - service { 'tor': - ensure => running, - enable => true, - hasrestart => true, - hasstatus => true, - require => Package['tor'], - } + include tor::base if $use_munin { include tor::munin diff --git a/manifests/munin.pp b/manifests/munin.pp index 2f0d5c2..ecc3130 100644 --- a/manifests/munin.pp +++ b/manifests/munin.pp @@ -1,3 +1,4 @@ +# munin plugins for puppet class tor::munin { file { diff --git a/manifests/polipo.pp b/manifests/polipo.pp index 1201e55..73dc226 100644 --- a/manifests/polipo.pp +++ b/manifests/polipo.pp @@ -1,3 +1,4 @@ +# manage the polipo proxy service class tor::polipo { include ::tor diff --git a/manifests/polipo/base.pp b/manifests/polipo/base.pp index f988e55..df2d6ea 100644 --- a/manifests/polipo/base.pp +++ b/manifests/polipo/base.pp @@ -1,3 +1,4 @@ +# manage polipo resources class tor::polipo::base { package{'polipo': ensure => present, diff --git a/manifests/polipo/debian.pp b/manifests/polipo/debian.pp index db29fe6..e39f603 100644 --- a/manifests/polipo/debian.pp +++ b/manifests/polipo/debian.pp @@ -1,3 +1,4 @@ +# manage polipo on debian class tor::polipo::debian inherits tor::polipo::base { # TODO: restore file to original state after the following bug is solved: # http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580434 diff --git a/manifests/torsocks.pp b/manifests/torsocks.pp index b4c3ad6..e9fc75b 100644 --- a/manifests/torsocks.pp +++ b/manifests/torsocks.pp @@ -1,3 +1,4 @@ +# manage torsocks class tor::torsocks ( $ensure_version = 'installed' ){ |