X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fonion%2Fmanifests%2Fservice.pp;h=4f822991272989450928d2967177e1d1bfe04778;hb=ed3fa843350ea51e5505c3fae278590a6958e298;hp=08b892a02744ad9a71344c2b5e62b110e1138ee1;hpb=5712e0084ff0cf829d43268c975b1e88ce7b653e;p=mirror%2Fdsa-puppet.git

diff --git a/modules/onion/manifests/service.pp b/modules/onion/manifests/service.pp
index 08b892a02..4f8229912 100644
--- a/modules/onion/manifests/service.pp
+++ b/modules/onion/manifests/service.pp
@@ -1,24 +1,57 @@
 define onion::service (
 	$port,
 	$target_address,
-	$target_port
+	$target_port,
+	$ensure = present,
+	$direct = false
 ) {
-	include onion
-
-	concat::fragment { "onion::torrc_onionservice::${name}":
-		target  => "/etc/tor/torrc",
-		order   => 50,
-		content => "HiddenServiceDir /var/lib/tor/onion/${name}\nHiddenServicePort ${port} ${target_address}:${target_port}\n\n",
+	if ($ensure == "ifstatic") {
+		$my_ensure = has_static_component($name) ? {
+			true => "present",
+			false => "absent"
+		}
+	} else {
+		$my_ensure = $ensure
 	}
 
-	$onion_hn = onion_hostname($name)
-	if $onion_hn {
-		$hostname_without_onion = regsubst($onion_hn, '\.onion$', '')
-		@@concat::fragment { "onion::balance::instance::$name::$fqdn":
-			target  => "/etc/onionbalance/config.yaml",
-			content => "      - address: ${hostname_without_onion}\n        name: ${hostname}-${name}\n",
-			order   => "50-${name}-20",
-			tag     => "onion::balance::$name",
+	if ($my_ensure == "present") {
+		include onion
+
+		concat::fragment { "onion::torrc_onionservice::${name}":
+			target  => "/etc/tor/torrc",
+			order   => '50',
+			content  => @("EOF"),
+				HiddenServiceDir /var/lib/tor/onion/${name}
+				HiddenServiceVersion 2
+				HiddenServicePort ${port} ${target_address}:${target_port}
+
+				| EOF
+		}
+
+		$onion_hn = onion_tor_service_hostname($name)
+		if $onion_hn {
+			$hostname_without_onion = regsubst($onion_hn, '\.onion$', '')
+
+			if ($direct) {
+				@@concat::fragment { "onion::balance::onionbalance-services.yaml::${name}":
+					target  => "/srv/puppet.debian.org/puppet-facts/onionbalance-services.yaml",
+					content => "{\"${name}\": \"${onion_hn}\"}\n",
+					tag     => "onionbalance-services.yaml",
+				}
+			} else {
+				@@concat::fragment { "onion::balance::instance::dsa-snippet::$name::$fqdn":
+					target  => "/etc/onionbalance/config-dsa-snippet.yaml",
+					content => "- service: ${name}\n  address: ${hostname_without_onion}\n  name: ${hostname}-${name}\n",
+					tag     => "onion::balance::dsa-snippet",
+				}
+			}
+		}
+	} elsif ($my_ensure == "absent") {
+		file { "/var/lib/tor/onion/${name}":
+			ensure => absent,
+			force  => true,
 		}
+	} else {
+		fail("Invalid ensure value ${my_ensure}")
 	}
 }