--- /dev/null
+class onion {
+ package { 'tor':
+ ensure => installed,
+ }
+ service { 'tor':
+ ensure => running,
+ require => Package['tor'],
+ }
+ exec { 'service tor reload':
+ path => '/usr/bin:/usr/sbin:/bin:/sbin',
+ command => 'service tor reload',
+ refreshonly => true,
+ require => Package['tor'],
+ }
+ file { '/var/lib/tor/onion':
+ require => Package['tor'],
+ ensure => directory,
+ owner => 'debian-tor',
+ group => 'debian-tor',
+ mode => '02700',
+ }
+
+ concat { '/etc/tor/torrc':
+ notify => Exec['service tor reload'],
+ require => Package['tor'],
+ }
+ concat::fragment { 'onion::torrc_header':
+ target => "/etc/tor/torrc",
+ order => 05,
+ content => "SocksPort 0\nLog notice syslog\n\n",
+ }
+}
--- /dev/null
+define onion::service (
+ $port,
+ $target_address,
+ $target_port
+) {
+ include onion
+
+ concat::fragment { "onion::torrc_onionservice::${name}":
+ target => "/etc/tor/torrc",
+ order => 10,
+ content => "HiddenServiceDir /var/lib/tor/onion/${name}\nHiddenServicePort ${port} ${target_address}:${target_port}\n\n",
+ }
+}
if has_role('ports-master') {
include roles::ports-master
}
+
+ if $::hostname in [klecker] {
+ onion::service { 'ftp.debian.org':
+ port => 80,
+ target_address => '130.89.148.12',
+ target_port => 81,
+ }
+ }
}
projects / mirror / dsa-puppet.git / commitdiff