diff options
author | mh <mh@immerda.ch> | 2013-01-02 13:54:57 +0100 |
---|---|---|
committer | mh <mh@immerda.ch> | 2013-01-02 13:54:57 +0100 |
commit | 225adb9f30bff4064e3a166498f147bfd9a9f6eb (patch) | |
tree | 6836f4ddde3ea63be929048896ef6afd5568defc /manifests/daemon/base.pp | |
parent | 3fb09572cbbef20a72feb3e3a50711ba7eba1cea (diff) | |
download | puppet-tor-225adb9f30bff4064e3a166498f147bfd9a9f6eb.tar.gz puppet-tor-225adb9f30bff4064e3a166498f147bfd9a9f6eb.tar.bz2 |
refactor daemon and main class for better design
By extracting the resources to their own class we can avoid a bug
in puppet that makes it hard to deal with inherited parametrized
classes.
Diffstat (limited to 'manifests/daemon/base.pp')
-rw-r--r-- | manifests/daemon/base.pp | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/manifests/daemon/base.pp b/manifests/daemon/base.pp new file mode 100644 index 0000000..63d7bc4 --- /dev/null +++ b/manifests/daemon/base.pp @@ -0,0 +1,77 @@ +# extend basic tor things with a snippet based daemon configuration +class tor::daemon::base inherits tor::base { + # packages, user, group + Service['tor'] { + subscribe => File[$tor::daemon::config_file], + } + + Package[ 'tor' ] { + require => File[$tor::daemon::data_dir], + } + + group { 'debian-tor': + ensure => present, + allowdupe => false, + } + + user { 'debian-tor': + ensure => present, + allowdupe => false, + comment => 'tor user,,,', + home => $tor::daemon::data_dir, + shell => '/bin/false', + gid => 'debian-tor', + require => Group['debian-tor'], + } + + # directories + file { $tor::daemon::data_dir: + ensure => directory, + mode => '0700', + owner => 'debian-tor', + group => 'debian-tor', + require => User['debian-tor'], + } + + file { '/etc/tor': + ensure => directory, + mode => '0755', + owner => 'debian-tor', + group => 'debian-tor', + require => User['debian-tor'], + } + + file { '/var/lib/puppet/modules/tor': + ensure => absent, + recurse => true, + force => true, + } + + # tor configuration file + concat { $tor::daemon::config_file: + mode => '0600', + owner => 'debian-tor', + group => 'debian-tor', + } + + # config file headers + concat::fragment { '00.header': + ensure => present, + content => template('tor/torrc.header.erb'), + owner => 'debian-tor', + group => 'debian-tor', + mode => '0644', + order => 00, + target => $tor::daemon::config_file, + } + + # global configurations + concat::fragment { '01.global': + content => template('tor/torrc.global.erb'), + owner => 'debian-tor', + group => 'debian-tor', + mode => '0644', + order => 01, + target => $tor::daemon::config_file, + } +} |