From 3fb09572cbbef20a72feb3e3a50711ba7eba1cea Mon Sep 17 00:00:00 2001
From: mh <mh@immerda.ch>
Date: Wed, 2 Jan 2013 13:41:56 +0100
Subject: split out defines into their own files

---
 manifests/daemon/bridge.pp         | 18 +++++++++++++++++
 manifests/daemon/control.pp        | 27 +++++++++++++++++++++++++
 manifests/daemon/directory.pp      | 27 +++++++++++++++++++++++++
 manifests/daemon/dns.pp            | 17 ++++++++++++++++
 manifests/daemon/exit_policy.pp    | 18 +++++++++++++++++
 manifests/daemon/hidden_service.pp | 17 ++++++++++++++++
 manifests/daemon/map_address.pp    | 16 +++++++++++++++
 manifests/daemon/relay.pp          | 41 ++++++++++++++++++++++++++++++++++++++
 manifests/daemon/snippet.pp        | 16 +++++++++++++++
 manifests/daemon/socks.pp          | 15 ++++++++++++++
 manifests/daemon/transparent.pp    | 17 ++++++++++++++++
 11 files changed, 229 insertions(+)
 create mode 100644 manifests/daemon/bridge.pp
 create mode 100644 manifests/daemon/control.pp
 create mode 100644 manifests/daemon/directory.pp
 create mode 100644 manifests/daemon/dns.pp
 create mode 100644 manifests/daemon/exit_policy.pp
 create mode 100644 manifests/daemon/hidden_service.pp
 create mode 100644 manifests/daemon/map_address.pp
 create mode 100644 manifests/daemon/relay.pp
 create mode 100644 manifests/daemon/snippet.pp
 create mode 100644 manifests/daemon/socks.pp
 create mode 100644 manifests/daemon/transparent.pp

(limited to 'manifests/daemon')

diff --git a/manifests/daemon/bridge.pp b/manifests/daemon/bridge.pp
new file mode 100644
index 0000000..063f565
--- /dev/null
+++ b/manifests/daemon/bridge.pp
@@ -0,0 +1,18 @@
+# Bridge definition
+define tor::daemon::bridge(
+  $ip,
+  $port,
+  $fingerprint = false,
+  $ensure      = present ) {
+
+  concat::fragment { "10.bridge.${name}":
+    ensure  => $ensure,
+    content => template('tor/torrc.bridge.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 10,
+    target  => $tor::daemon::config_file,
+  }
+}
+
diff --git a/manifests/daemon/control.pp b/manifests/daemon/control.pp
new file mode 100644
index 0000000..0172656
--- /dev/null
+++ b/manifests/daemon/control.pp
@@ -0,0 +1,27 @@
+# control definition
+define tor::daemon::control(
+  $port                            = 0,
+  $hashed_control_password         = '',
+  $cookie_authentication           = 0,
+  $cookie_auth_file                = '',
+  $cookie_auth_file_group_readable = '',
+  $ensure                          = present ) {
+
+  if $cookie_authentication == '0' and $hashed_control_password == '' and $ensure != 'absent' {
+    fail('You need to define the tor control password')
+  }
+
+  if $cookie_authentication == 0 and ($cookie_auth_file != '' or $cookie_auth_file_group_readable != '') {
+    notice('You set a tor cookie authentication option, but do not have cookie_authentication on')
+  }
+
+  concat::fragment { '04.control':
+    ensure  => $ensure,
+    content => template('tor/torrc.control.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0600',
+    order   => 04,
+    target  => $tor::daemon::config_file,
+  }
+}
diff --git a/manifests/daemon/directory.pp b/manifests/daemon/directory.pp
new file mode 100644
index 0000000..b71b6e6
--- /dev/null
+++ b/manifests/daemon/directory.pp
@@ -0,0 +1,27 @@
+# directory advertising
+define tor::daemon::directory (
+  $port             = 0,
+  $listen_addresses = [],
+  $port_front_page  = '/etc/tor/tor.html',
+  $ensure           = present ) {
+
+  concat::fragment { '06.directory':
+    ensure  => $ensure,
+    content => template('tor/torrc.directory.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 06,
+    target  => $tor::daemon::config_file,
+  }
+
+  file { '/etc/tor/tor.html':
+    ensure  => $ensure,
+    source  => 'puppet:///modules/tor/tor.html',
+    require => File['/etc/tor'],
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+  }
+}
+
diff --git a/manifests/daemon/dns.pp b/manifests/daemon/dns.pp
new file mode 100644
index 0000000..f3a7027
--- /dev/null
+++ b/manifests/daemon/dns.pp
@@ -0,0 +1,17 @@
+# DNS definition
+define tor::daemon::dns(
+  $port             = 0,
+  $listen_addresses = [],
+  $ensure           = present ) {
+
+  concat::fragment { "08.dns.${name}":
+    ensure  => $ensure,
+    content => template('tor/torrc.dns.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 08,
+    target  => $tor::daemon::config_file,
+  }
+}
+
diff --git a/manifests/daemon/exit_policy.pp b/manifests/daemon/exit_policy.pp
new file mode 100644
index 0000000..f459ece
--- /dev/null
+++ b/manifests/daemon/exit_policy.pp
@@ -0,0 +1,18 @@
+# exit policies
+define tor::daemon::exit_policy(
+  $accept         = [],
+  $reject         = [],
+  $reject_private = 1,
+  $ensure         = present ) {
+
+  concat::fragment { "07.exit_policy.${name}":
+    ensure  => $ensure,
+    content => template('tor/torrc.exit_policy.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 07,
+    target  => $tor::daemon::config_file,
+  }
+}
+
diff --git a/manifests/daemon/hidden_service.pp b/manifests/daemon/hidden_service.pp
new file mode 100644
index 0000000..c827211
--- /dev/null
+++ b/manifests/daemon/hidden_service.pp
@@ -0,0 +1,17 @@
+# hidden services definition
+define tor::daemon::hidden_service(
+  $ports    = [],
+  $data_dir = $tor::daemon::data_dir,
+  $ensure   = present ) {
+
+  concat::fragment { "05.hidden_service.${name}":
+    ensure  => $ensure,
+    content => template('tor/torrc.hidden_service.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 05,
+    target  => $tor::daemon::config_file,
+  }
+}
+
diff --git a/manifests/daemon/map_address.pp b/manifests/daemon/map_address.pp
new file mode 100644
index 0000000..6cb0956
--- /dev/null
+++ b/manifests/daemon/map_address.pp
@@ -0,0 +1,16 @@
+# map address definition
+define tor::daemon::map_address(
+  $address    = '',
+  $newaddress = '') {
+
+  concat::fragment { "08.map_address.${name}":
+    ensure  => $ensure,
+    content => template('tor/torrc.map_address.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 08,
+    target  => $tor::daemon::config_file,
+  }
+}
+
diff --git a/manifests/daemon/relay.pp b/manifests/daemon/relay.pp
new file mode 100644
index 0000000..d5296de
--- /dev/null
+++ b/manifests/daemon/relay.pp
@@ -0,0 +1,41 @@
+# relay definition
+define tor::daemon::relay(
+  $port                    = 0,
+  $listen_addresses        = [],
+  $outbound_bindaddresses  = [],
+  # KB/s, defaulting to using tor's default: 5120KB/s
+  $bandwidth_rate          = '',
+  # KB/s, defaulting to using tor's default: 10240KB/s
+  $bandwidth_burst         = '',
+  # KB/s, 0 for no limit
+  $relay_bandwidth_rate    = 0,
+  # KB/s, 0 for no limit
+  $relay_bandwidth_burst   = 0,
+  # GB, 0 for no limit
+  $accounting_max          = 0,
+  $accounting_start        = [],
+  $contact_info            = '',
+  # TODO: autofill with other relays
+  $my_family               = '',
+  $address                 = "tor.${::domain}",
+  $bridge_relay            = 0,
+  $ensure                  = present ) {
+
+  $nickname = $name
+
+  if $outbound_bindaddresses == [] {
+    $real_outbound_bindaddresses = $listen_addresses
+  } else {
+    $real_outbound_bindaddresses = $outbound_bindaddresses
+  }
+
+  concat::fragment { '03.relay':
+    ensure  => $ensure,
+    content => template('tor/torrc.relay.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 03,
+    target  => $tor::daemon::config_file,
+  }
+}
diff --git a/manifests/daemon/snippet.pp b/manifests/daemon/snippet.pp
new file mode 100644
index 0000000..b9089b4
--- /dev/null
+++ b/manifests/daemon/snippet.pp
@@ -0,0 +1,16 @@
+# Arbitrary torrc snippet definition
+define tor::daemon::snippet(
+  $content = '',
+  $ensure  = present ) {
+
+  concat::fragment { "99.snippet.${name}":
+    ensure  => $ensure,
+    content => $content,
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 99,
+    target  => $tor::daemon::config_file,
+  }
+}
+
diff --git a/manifests/daemon/socks.pp b/manifests/daemon/socks.pp
new file mode 100644
index 0000000..910461c
--- /dev/null
+++ b/manifests/daemon/socks.pp
@@ -0,0 +1,15 @@
+# socks definition
+define tor::daemon::socks(
+  $port = 0,
+  $listen_addresses = [],
+  $policies = [] ) {
+
+  concat::fragment { '02.socks':
+    content => template('tor/torrc.socks.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 02,
+    target  => $tor::daemon::config_file,
+  }
+}
diff --git a/manifests/daemon/transparent.pp b/manifests/daemon/transparent.pp
new file mode 100644
index 0000000..74fed4f
--- /dev/null
+++ b/manifests/daemon/transparent.pp
@@ -0,0 +1,17 @@
+# Transparent proxy definition
+define tor::daemon::transparent(
+  $port             = 0,
+  $listen_addresses = [],
+  $ensure           = present ) {
+
+  concat::fragment { "09.transparent.${name}":
+    ensure  => $ensure,
+    content => template('tor/torrc.transparent.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 09,
+    target  => $tor::daemon::config_file,
+  }
+}
+
-- 
cgit v1.2.3