aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorintrigeri <intrigeri@boum.org>2012-11-09 21:54:58 +0100
committerintrigeri <intrigeri@boum.org>2012-11-11 17:47:24 +0100
commit49cb5faa62544c589a82b9d48a768eb1391c9a61 (patch)
tree1ebac38338ae392ea7cdd72b902aa54e1cbab383
parent3a91fa40e19ab0645e159e76592fcbe60fc8ea41 (diff)
downloadpuppet-tor-49cb5faa62544c589a82b9d48a768eb1391c9a61.tar.gz
puppet-tor-49cb5faa62544c589a82b9d48a768eb1391c9a61.tar.bz2
Migrate to parameterized classes, drop global variables.
-rw-r--r--README69
-rw-r--r--manifests/daemon.pp28
-rw-r--r--manifests/init.pp9
-rw-r--r--manifests/torsocks.pp7
4 files changed, 77 insertions, 36 deletions
diff --git a/README b/README
index baafe84..9c040a3 100644
--- a/README
+++ b/README
@@ -18,6 +18,17 @@ policies, etc.
$bandwidth_rate or $bandwidth_burst please be aware that these values have
changed and adjust your configuration as necessary.
+ The $tor_ensure_version was converted to a parameter for the tor and
+ tor::daemon classes.
+
+ The $torsocks_ensure_version was converted to a parameter for the
+ tor::torsocks class.
+
+ The options that used to be settable with the
+ tor::daemon::global_opts define now are parameters for the
+ tor::daemon class, and tor::daemon::global_opts was
+ removed accordingly.
+
Usage
=====
@@ -27,31 +38,51 @@ Installing tor
To install tor, simply include the 'tor' class in your manifests:
- include tor
+ class { 'tor': }
-You can specify $tor_ensure_version and $torsocks_ensure_version to get a
-specific version installed.
+You can specify the $ensure_version class parameter to get a specific
+version installed.
However, if you want to make configuration changes to your tor daemon, you will
want to instead include the 'tor::daemon' class in your manifests, which will
inherit the 'tor' class from above:
- include tor::daemon
+ class { '::tor::daemon': }
+
+You have the following class parameters that you can specify:
-You have the following tor global variables that you can adjust in your node scope:
+data_dir (default: '/var/lib/tor')
+config_file (default: '/etc/tor/torrc')
+use_bridges (default: 0)
+automap_hosts_on_resolve (default: 0)
+log_rules (default: ['notice file /var/log/tor/notices.log'])
-$data_dir = '/var/lib/tor'
-$config_file = '/etc/tor/torrc'
-$log_rules = 'notice file /var/log/tor/notices.log'
+The data_dir will be used for the tor user's $HOME, and the tor DataDirectory
+value.
-The $data_dir will be used for the tor user's $HOME, and the tor DataDirectory
-value. The $config_file will be managed and the daemon restarted when it
-changed.
+The config_file will be managed and the daemon restarted when
+it changed.
-The $log_rules can be an array of different Log lines, each will be added to the
+use_bridges and automap_hosts_on_resolve are used to set the
+UseBridges and AutomapHostsOnResolve torrc settings.
+
+The log_rules can be an array of different Log lines, each will be added to the
config, for example the following will use syslog:
- tor::daemon::global_opts { "use_syslog": log_rules => [ 'notice syslog' ]; }
+ class { '::tor::daemon':
+ log_rules => [ 'notice syslog' ],
+ }
+
+If you want to set specific options for the tor class,
+you need to define it before tor::daemon in your manifests,
+e.g.:
+
+ class { '::tor':
+ use_munin => true,
+ }
+ class { '::tor::daemon':
+ automap_hosts_on_resolve => 1,
+ }
Configuring socks
-----------------
@@ -67,6 +98,15 @@ $port = 0 - SocksPort
$listen_address - can pass multiple values to configure SocksListenAddress lines
$policies - can pass multiple values to configure SocksPolicy lines
+Installing torsocks
+-------------------
+
+To install torsocks, simply include the 'torsocks' class in your manifests:
+
+ class { 'torsocks': }
+
+You can specify the $ensure_version class parameter to get a specific
+version installed.
Configuring relays
==================
@@ -157,5 +197,6 @@ Munin
=====
If you are using munin, and have the puppet munin module installed, you can set
-the variable $use_munin = true to have graphs setup for you.
+the use_munin parameter to true when defining the tor::daemon class to have
+graphs setup for you.
diff --git a/manifests/daemon.pp b/manifests/daemon.pp
index 06a396b..9351b3c 100644
--- a/manifests/daemon.pp
+++ b/manifests/daemon.pp
@@ -1,8 +1,12 @@
-class tor::daemon inherits tor {
-
- # config variables
- $data_dir = '/var/lib/tor'
- $config_file = '/etc/tor/torrc'
+class tor::daemon (
+ $data_dir = '/var/lib/tor',
+ $config_file = '/etc/tor/torrc',
+ $use_bridges = 0,
+ $automap_hosts_on_resolve = 0,
+ $log_rules = [ 'notice file /var/log/tor/notices.log' ],
+) inherits tor {
+
+ # constants
$spool_dir = '/var/lib/puppet/modules/tor'
$snippet_dir = "${spool_dir}/torrc.d"
@@ -74,16 +78,10 @@ class tor::daemon inherits tor {
}
# global configurations
- define global_opts( $data_dir = $tor::daemon::data_dir,
- $log_rules = [ 'notice file /var/log/tor/notices.log' ],
- $use_bridges = 0,
- $automap_hosts_on_resolve = 0) {
-
- concatenated_file_part { '01.global':
- dir => $tor::daemon::snippet_dir,
- content => template('tor/torrc.global.erb'),
- owner => 'debian-tor', group => 'debian-tor', mode => 0644,
- }
+ concatenated_file_part { '01.global':
+ dir => $snippet_dir,
+ content => template('tor/torrc.global.erb'),
+ owner => 'debian-tor', group => 'debian-tor', mode => 0644,
}
# socks definition
diff --git a/manifests/init.pp b/manifests/init.pp
index d916188..613eb29 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,9 +1,10 @@
-class tor {
+class tor (
+ $ensure_version = 'installed',
+ $use_munin = false,
+){
- if !$tor_ensure_version { $tor_ensure_version = 'installed' }
-
package { [ "tor", "tor-geoipdb" ]:
- ensure => $tor_ensure_version,
+ ensure => $ensure_version,
}
service { 'tor':
diff --git a/manifests/torsocks.pp b/manifests/torsocks.pp
index 7bb51ee..452b4f1 100644
--- a/manifests/torsocks.pp
+++ b/manifests/torsocks.pp
@@ -1,7 +1,8 @@
-class tor::torsocks {
- if !$torsocks_ensure_version { $torsocks_ensure_version = 'installed' }
+class tor::torsocks (
+ $ensure_version = 'installed',
+){
include ::tor
package{'torsocks':
- ensure => $torsocks_ensure_version,
+ ensure => $ensure_version,
}
}