diff options
| -rw-r--r-- | manifests/daemon.pp | 13 | ||||
| -rw-r--r-- | templates/torrc.control.erb | 10 |
2 files changed, 20 insertions, 3 deletions
diff --git a/manifests/daemon.pp b/manifests/daemon.pp index 5150c96..8f6d80d 100644 --- a/manifests/daemon.pp +++ b/manifests/daemon.pp @@ -123,13 +123,20 @@ class tor::daemon inherits tor { } # control definition - define control( $port = 0, - $hashed_control_password = '', + define control( $port = 0, + $hashed_control_password = '', + $cookie_authentication = 0, + $cookie_auth_file = '', + $cookie_auth_file_group_readable = '', $ensure = present ) { - if $hashed_control_password == '' and $ensure != 'absent' { + if $cookie_authentication == '0' and $hashed_control_password == '' and $ensure != 'absent' { fail("You need to define the tor control password") } + + if $cookie_authentication == 0 and ($cookie_auth_file != '' or $cookie_auth_file_group_readable != '') { + notice("You set a tor cookie authentication option, but do not have cookie_authentication on") + } concatenated_file_part { '04.control': dir => $tor::daemon::snippet_dir, diff --git a/templates/torrc.control.erb b/templates/torrc.control.erb index df9513a..7e10d4d 100644 --- a/templates/torrc.control.erb +++ b/templates/torrc.control.erb @@ -1,6 +1,16 @@ # tor controller <%- if port != '0' then -%> ControlPort <%= port %> +<%- if cookie_authentication != '0' then -%> +CookieAuthentication 1 +<%- if cookie_auth_file != '' then -%> +CookieAuthFile <%= cookie_auth_file %> +<%- end -%> +<%- if cookie_auth_file_group_readable != '' then -%> +CookieAuthFileGroupReadable <%= cookie_auth_file_group_readable %> +<%- end -%> +<%- else %-> HashedControlPassword <%= hashed_control_password %> <%- end -%> +<%- end -%> |