aboutsummaryrefslogtreecommitdiff
path: root/manifests
diff options
context:
space:
mode:
authorintrigeri <intrigeri@boum.org>2013-01-02 12:30:55 +0100
committerintrigeri <intrigeri@boum.org>2013-01-02 12:30:55 +0100
commit332bed5098758e5a2767246c4224b25f650c794f (patch)
tree1296b88ffec0df416db0f12f415d9abfddaa6d5b /manifests
parent27e960c83b26d036a940dff0fc61737fc4ed5af5 (diff)
downloadpuppet-tor-332bed5098758e5a2767246c4224b25f650c794f.tar.gz
puppet-tor-332bed5098758e5a2767246c4224b25f650c794f.tar.bz2
Linting.
Diffstat (limited to 'manifests')
-rw-r--r--manifests/daemon.pp225
-rw-r--r--manifests/munin.pp14
-rw-r--r--manifests/polipo.pp4
3 files changed, 145 insertions, 98 deletions
diff --git a/manifests/daemon.pp b/manifests/daemon.pp
index 8af53bf..2bee67b 100644
--- a/manifests/daemon.pp
+++ b/manifests/daemon.pp
@@ -8,11 +8,11 @@ class tor::daemon (
# packages, user, group
Service['tor'] {
- subscribe => File["${config_file}"],
+ subscribe => File[$config_file],
}
Package[ 'tor' ] {
- require => File["${data_dir}"],
+ require => File[$data_dir],
}
group { 'debian-tor':
@@ -24,14 +24,14 @@ class tor::daemon (
ensure => present,
allowdupe => false,
comment => 'tor user,,,',
- home => "${data_dir}",
+ home => $data_dir,
shell => '/bin/false',
gid => 'debian-tor',
- require => Group['debian-tor'],
+ require => Group['debian-tor'],
}
# directories
- file { "${data_dir}":
+ file { $data_dir:
ensure => directory,
mode => '0700',
owner => 'debian-tor',
@@ -54,56 +54,66 @@ class tor::daemon (
}
# tor configuration file
- concat { "${config_file}":
+ concat { $config_file:
mode => '0600',
- owner => 'debian-tor', group => 'debian-tor',
+ owner => 'debian-tor',
+ group => 'debian-tor',
}
# config file headers
concat::fragment { '00.header':
ensure => present,
content => template('tor/torrc.header.erb'),
- owner => 'debian-tor', group => 'debian-tor', mode => '0644',
+ owner => 'debian-tor', group => 'debian-tor', mode => '0644',
order => 00,
- target => "${config_file}",
+ target => $config_file,
}
# global configurations
concat::fragment { '01.global':
content => template('tor/torrc.global.erb'),
- owner => 'debian-tor', group => 'debian-tor', mode => '0644',
+ owner => 'debian-tor', group => 'debian-tor', mode => '0644',
order => 01,
- target => "${config_file}",
+ target => $config_file,
}
# socks definition
- define socks( $port = 0,
- $listen_addresses = [],
- $policies = [] ) {
+ define socks(
+ $port = 0,
+ $listen_addresses = [],
+ $policies = [] ) {
concat::fragment { '02.socks':
content => template('tor/torrc.socks.erb'),
- owner => 'debian-tor', group => 'debian-tor', mode => '0644',
+ owner => 'debian-tor', group => 'debian-tor', mode => '0644',
order => 02,
- target => "${tor::daemon::config_file}",
+ target => $tor::daemon::config_file,
}
}
# relay definition
- define relay( $port = 0,
- $listen_addresses = [],
- $outbound_bindaddresses = [],
- $bandwidth_rate = '', # KB/s, defaulting to using tor's default: 5120KB/s
- $bandwidth_burst = '', # KB/s, defaulting to using tor's default: 10240KB/s
- $relay_bandwidth_rate = 0, # KB/s, 0 for no limit.
- $relay_bandwidth_burst = 0, # KB/s, 0 for no limit.
- $accounting_max = 0, # GB, 0 for no limit.
- $accounting_start = [],
- $contact_info = '',
- $my_family = '', # TODO: autofill with other relays
- $address = "tor.${domain}",
- $bridge_relay = 0,
- $ensure = present ) {
+ define relay(
+ $port = 0,
+ $listen_addresses = [],
+ $outbound_bindaddresses = [],
+ # KB/s, defaulting to using tor's default: 5120KB/s
+ $bandwidth_rate = '',
+ # KB/s, defaulting to using tor's default: 10240KB/s
+ $bandwidth_burst = '',
+ # KB/s, 0 for no limit
+ $relay_bandwidth_rate = 0,
+ # KB/s, 0 for no limit
+ $relay_bandwidth_burst = 0,
+ # GB, 0 for no limit
+ $accounting_max = 0,
+ $accounting_start = [],
+ $contact_info = '',
+ # TODO: autofill with other relays
+ $my_family = '',
+ $address = "tor.${::domain}",
+ $bridge_relay = 0,
+ $ensure = present ) {
+
$nickname = $name
if $outbound_bindaddresses == [] {
@@ -115,154 +125,185 @@ class tor::daemon (
concat::fragment { '03.relay':
ensure => $ensure,
content => template('tor/torrc.relay.erb'),
- owner => 'debian-tor', group => 'debian-tor', mode => '0644',
+ owner => 'debian-tor',
+ group => 'debian-tor',
+ mode => '0644',
order => 03,
- target => "${tor::daemon::config_file}",
+ target => $tor::daemon::config_file,
}
- }
+ }
# control definition
- define control( $port = 0,
- $hashed_control_password = '',
- $cookie_authentication = 0,
- $cookie_auth_file = '',
- $cookie_auth_file_group_readable = '',
- $ensure = present ) {
+ define control(
+ $port = 0,
+ $hashed_control_password = '',
+ $cookie_authentication = 0,
+ $cookie_auth_file = '',
+ $cookie_auth_file_group_readable = '',
+ $ensure = present ) {
if $cookie_authentication == '0' and $hashed_control_password == '' and $ensure != 'absent' {
fail('You need to define the tor control password')
}
- if $cookie_authentication == 0 and ("${cookie_auth_file}" != '' or "${cookie_auth_file_group_readable}" != '') {
+ if $cookie_authentication == 0 and ($cookie_auth_file != '' or $cookie_auth_file_group_readable != '') {
notice('You set a tor cookie authentication option, but do not have cookie_authentication on')
}
-
+
concat::fragment { '04.control':
ensure => $ensure,
content => template('tor/torrc.control.erb'),
- owner => 'debian-tor', group => 'debian-tor', mode => '0600',
+ owner => 'debian-tor',
+ group => 'debian-tor',
+ mode => '0600',
order => 04,
- target => "${tor::daemon::config_file}",
+ target => $tor::daemon::config_file,
}
- }
+ }
# hidden services definition
- define hidden_service( $ports = [],
- $data_dir = "${tor::daemon::data_dir}",
- $ensure = present ) {
+ define hidden_service(
+ $ports = [],
+ $data_dir = $tor::daemon::data_dir,
+ $ensure = present ) {
concat::fragment { "05.hidden_service.${name}":
ensure => $ensure,
content => template('tor/torrc.hidden_service.erb'),
- owner => 'debian-tor', group => 'debian-tor', mode => '0644',
+ owner => 'debian-tor',
+ group => 'debian-tor',
+ mode => '0644',
order => 05,
- target => "${tor::daemon::config_file}",
+ target => $tor::daemon::config_file,
}
- }
-
+ }
+
# directory advertising
- define directory ( $port = 0,
- $listen_addresses = [],
- $port_front_page = '/etc/tor/tor.html',
- $ensure = present ) {
+ define directory (
+ $port = 0,
+ $listen_addresses = [],
+ $port_front_page = '/etc/tor/tor.html',
+ $ensure = present ) {
concat::fragment { '06.directory':
ensure => $ensure,
content => template('tor/torrc.directory.erb'),
- owner => 'debian-tor', group => 'debian-tor', mode => '0644',
+ owner => 'debian-tor',
+ group => 'debian-tor',
+ mode => '0644',
order => 06,
- target => "${tor::daemon::config_file}",
+ target => $tor::daemon::config_file,
}
-
+
file { '/etc/tor/tor.html':
ensure => $ensure,
source => 'puppet:///modules/tor/tor.html',
require => File['/etc/tor'],
- owner => 'debian-tor', group => 'debian-tor', mode => '0644',
+ owner => 'debian-tor',
+ group => 'debian-tor',
+ mode => '0644',
}
- }
+ }
# exit policies
- define exit_policy( $accept = [],
- $reject = [],
- $reject_private = 1,
- $ensure = present ) {
+ define exit_policy(
+ $accept = [],
+ $reject = [],
+ $reject_private = 1,
+ $ensure = present ) {
concat::fragment { "07.exit_policy.${name}":
ensure => $ensure,
content => template('tor/torrc.exit_policy.erb'),
- owner => 'debian-tor', group => 'debian-tor', mode => '0644',
+ owner => 'debian-tor',
+ group => 'debian-tor',
+ mode => '0644',
order => 07,
- target => "${tor::daemon::config_file}",
+ target => $tor::daemon::config_file,
}
- }
+ }
# DNS definition
- define dns( $port = 0,
- $listen_addresses = [],
- $ensure = present ) {
+ define dns(
+ $port = 0,
+ $listen_addresses = [],
+ $ensure = present ) {
concat::fragment { "08.dns.${name}":
ensure => $ensure,
content => template('tor/torrc.dns.erb'),
- owner => 'debian-tor', group => 'debian-tor', mode => '0644',
+ owner => 'debian-tor',
+ group => 'debian-tor',
+ mode => '0644',
order => 08,
- target => "${tor::daemon::config_file}",
+ target => $tor::daemon::config_file,
}
}
# Transparent proxy definition
- define transparent( $port = 0,
- $listen_addresses = [],
- $ensure = present ) {
+ define transparent(
+ $port = 0,
+ $listen_addresses = [],
+ $ensure = present ) {
concat::fragment { "09.transparent.${name}":
ensure => $ensure,
content => template('tor/torrc.transparent.erb'),
- owner => 'debian-tor', group => 'debian-tor', mode => '0644',
+ owner => 'debian-tor',
+ group => 'debian-tor',
+ mode => '0644',
order => 09,
- target => "${tor::daemon::config_file}",
+ target => $tor::daemon::config_file,
}
}
# Bridge definition
- define bridge( $ip,
- $port,
- $fingerprint = false,
- $ensure = present ) {
+ define bridge(
+ $ip,
+ $port,
+ $fingerprint = false,
+ $ensure = present ) {
concat::fragment { "10.bridge.${name}":
ensure => $ensure,
content => template('tor/torrc.bridge.erb'),
- owner => 'debian-tor', group => 'debian-tor', mode => '0644',
+ owner => 'debian-tor',
+ group => 'debian-tor',
+ mode => '0644',
order => 10,
- target => "${tor::daemon::config_file}",
+ target => $tor::daemon::config_file,
}
}
# map address definition
- define map_address( $address = '',
- $newaddress = '') {
+ define map_address(
+ $address = '',
+ $newaddress = '') {
concat::fragment { "08.map_address.${name}":
ensure => $ensure,
content => template('tor/torrc.map_address.erb'),
- owner => 'debian-tor', group => 'debian-tor', mode => '0644',
+ owner => 'debian-tor',
+ group => 'debian-tor',
+ mode => '0644',
order => 08,
- target => "${tor::daemon::config_file}",
+ target => $tor::daemon::config_file,
}
}
# Arbitrary torrc snippet definition
- define snippet( $content = '',
- $ensure = present ) {
+ define snippet(
+ $content = '',
+ $ensure = present ) {
concat::fragment { "99.snippet.${name}":
ensure => $ensure,
- content => "${content}",
- owner => 'debian-tor', group => 'debian-tor', mode => '0644',
+ content => $content,
+ owner => 'debian-tor',
+ group => 'debian-tor',
+ mode => '0644',
order => 99,
- target => "${tor::daemon::config_file}",
+ target => $tor::daemon::config_file,
}
}
diff --git a/manifests/munin.pp b/manifests/munin.pp
index 2974195..2f0d5c2 100644
--- a/manifests/munin.pp
+++ b/manifests/munin.pp
@@ -3,15 +3,21 @@ class tor::munin {
file {
'/usr/local/share/munin-plugins/tor_connections':
source => 'puppet:///modules/tor/munin/tor_connections',
- mode => '0755', owner => root, group => root;
-
+ mode => '0755',
+ owner => root,
+ group => root;
+
'/usr/local/share/munin-plugins/tor_routers':
source => 'puppet:///modules/tor/munin/tor_routers',
- mode => '0755', owner => root, group => root;
+ mode => '0755',
+ owner => root,
+ group => root;
'/usr/local/share/munin-plugins/tor_traffic':
source => 'puppet:///modules/tor/munin/tor_traffic',
- mode => '0755', owner => root, group => root;
+ mode => '0755',
+ owner => root,
+ group => root;
}
munin::plugin {
diff --git a/manifests/polipo.pp b/manifests/polipo.pp
index 9a8fdb5..1201e55 100644
--- a/manifests/polipo.pp
+++ b/manifests/polipo.pp
@@ -1,8 +1,8 @@
class tor::polipo {
include ::tor
- case "${::operatingsystem}" {
+ case $::operatingsystem {
'debian': { include tor::polipo::debian }
- default: { include tor::polipo::base }
+ default: { include tor::polipo::base }
}
}