diff options
author | intrigeri <intrigeri@boum.org> | 2012-11-09 21:54:58 +0100 |
---|---|---|
committer | intrigeri <intrigeri@boum.org> | 2012-11-11 17:47:24 +0100 |
commit | 49cb5faa62544c589a82b9d48a768eb1391c9a61 (patch) | |
tree | 1ebac38338ae392ea7cdd72b902aa54e1cbab383 | |
parent | 3a91fa40e19ab0645e159e76592fcbe60fc8ea41 (diff) | |
download | puppet-tor-49cb5faa62544c589a82b9d48a768eb1391c9a61.tar.gz puppet-tor-49cb5faa62544c589a82b9d48a768eb1391c9a61.tar.bz2 |
Migrate to parameterized classes, drop global variables.
-rw-r--r-- | README | 69 | ||||
-rw-r--r-- | manifests/daemon.pp | 28 | ||||
-rw-r--r-- | manifests/init.pp | 9 | ||||
-rw-r--r-- | manifests/torsocks.pp | 7 |
4 files changed, 77 insertions, 36 deletions
@@ -18,6 +18,17 @@ policies, etc. $bandwidth_rate or $bandwidth_burst please be aware that these values have changed and adjust your configuration as necessary. + The $tor_ensure_version was converted to a parameter for the tor and + tor::daemon classes. + + The $torsocks_ensure_version was converted to a parameter for the + tor::torsocks class. + + The options that used to be settable with the + tor::daemon::global_opts define now are parameters for the + tor::daemon class, and tor::daemon::global_opts was + removed accordingly. + Usage ===== @@ -27,31 +38,51 @@ Installing tor To install tor, simply include the 'tor' class in your manifests: - include tor + class { 'tor': } -You can specify $tor_ensure_version and $torsocks_ensure_version to get a -specific version installed. +You can specify the $ensure_version class parameter to get a specific +version installed. However, if you want to make configuration changes to your tor daemon, you will want to instead include the 'tor::daemon' class in your manifests, which will inherit the 'tor' class from above: - include tor::daemon + class { '::tor::daemon': } + +You have the following class parameters that you can specify: -You have the following tor global variables that you can adjust in your node scope: +data_dir (default: '/var/lib/tor') +config_file (default: '/etc/tor/torrc') +use_bridges (default: 0) +automap_hosts_on_resolve (default: 0) +log_rules (default: ['notice file /var/log/tor/notices.log']) -$data_dir = '/var/lib/tor' -$config_file = '/etc/tor/torrc' -$log_rules = 'notice file /var/log/tor/notices.log' +The data_dir will be used for the tor user's $HOME, and the tor DataDirectory +value. -The $data_dir will be used for the tor user's $HOME, and the tor DataDirectory -value. The $config_file will be managed and the daemon restarted when it -changed. +The config_file will be managed and the daemon restarted when +it changed. -The $log_rules can be an array of different Log lines, each will be added to the +use_bridges and automap_hosts_on_resolve are used to set the +UseBridges and AutomapHostsOnResolve torrc settings. + +The log_rules can be an array of different Log lines, each will be added to the config, for example the following will use syslog: - tor::daemon::global_opts { "use_syslog": log_rules => [ 'notice syslog' ]; } + class { '::tor::daemon': + log_rules => [ 'notice syslog' ], + } + +If you want to set specific options for the tor class, +you need to define it before tor::daemon in your manifests, +e.g.: + + class { '::tor': + use_munin => true, + } + class { '::tor::daemon': + automap_hosts_on_resolve => 1, + } Configuring socks ----------------- @@ -67,6 +98,15 @@ $port = 0 - SocksPort $listen_address - can pass multiple values to configure SocksListenAddress lines $policies - can pass multiple values to configure SocksPolicy lines +Installing torsocks +------------------- + +To install torsocks, simply include the 'torsocks' class in your manifests: + + class { 'torsocks': } + +You can specify the $ensure_version class parameter to get a specific +version installed. Configuring relays ================== @@ -157,5 +197,6 @@ Munin ===== If you are using munin, and have the puppet munin module installed, you can set -the variable $use_munin = true to have graphs setup for you. +the use_munin parameter to true when defining the tor::daemon class to have +graphs setup for you. diff --git a/manifests/daemon.pp b/manifests/daemon.pp index 06a396b..9351b3c 100644 --- a/manifests/daemon.pp +++ b/manifests/daemon.pp @@ -1,8 +1,12 @@ -class tor::daemon inherits tor { - - # config variables - $data_dir = '/var/lib/tor' - $config_file = '/etc/tor/torrc' +class tor::daemon ( + $data_dir = '/var/lib/tor', + $config_file = '/etc/tor/torrc', + $use_bridges = 0, + $automap_hosts_on_resolve = 0, + $log_rules = [ 'notice file /var/log/tor/notices.log' ], +) inherits tor { + + # constants $spool_dir = '/var/lib/puppet/modules/tor' $snippet_dir = "${spool_dir}/torrc.d" @@ -74,16 +78,10 @@ class tor::daemon inherits tor { } # global configurations - define global_opts( $data_dir = $tor::daemon::data_dir, - $log_rules = [ 'notice file /var/log/tor/notices.log' ], - $use_bridges = 0, - $automap_hosts_on_resolve = 0) { - - concatenated_file_part { '01.global': - dir => $tor::daemon::snippet_dir, - content => template('tor/torrc.global.erb'), - owner => 'debian-tor', group => 'debian-tor', mode => 0644, - } + concatenated_file_part { '01.global': + dir => $snippet_dir, + content => template('tor/torrc.global.erb'), + owner => 'debian-tor', group => 'debian-tor', mode => 0644, } # socks definition diff --git a/manifests/init.pp b/manifests/init.pp index d916188..613eb29 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -1,9 +1,10 @@ -class tor { +class tor ( + $ensure_version = 'installed', + $use_munin = false, +){ - if !$tor_ensure_version { $tor_ensure_version = 'installed' } - package { [ "tor", "tor-geoipdb" ]: - ensure => $tor_ensure_version, + ensure => $ensure_version, } service { 'tor': diff --git a/manifests/torsocks.pp b/manifests/torsocks.pp index 7bb51ee..452b4f1 100644 --- a/manifests/torsocks.pp +++ b/manifests/torsocks.pp @@ -1,7 +1,8 @@ -class tor::torsocks { - if !$torsocks_ensure_version { $torsocks_ensure_version = 'installed' } +class tor::torsocks ( + $ensure_version = 'installed', +){ include ::tor package{'torsocks': - ensure => $torsocks_ensure_version, + ensure => $ensure_version, } } |