Puppet Class: tor

Defined in:
modules/tor/manifests/init.pp

Overview

sets up a Tor relay

Parameters:

  • address (Variant[Stdlib::Ip_address, Stdlib::Fqdn])
  • nickname (String)
  • contact (String)
  • controlport (Stdlib::Port)
  • controlpassword (String)
  • orport (Stdlib::Port)
  • dirport (Stdlib::Port)
  • exit_policy (String)
  • apt_uri (Stdlib::Httpurl)
  • apt_dist (String)
  • service_ensure (Stdlib::Ensure::Service)
  • fingerprints (Array[String])


2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
# File 'modules/tor/manifests/init.pp', line 2

class tor(
    Variant[Stdlib::Ip_address, Stdlib::Fqdn] $address,
    String $nickname,
    String $contact,
    Stdlib::Port $controlport,
    String $controlpassword,
    Stdlib::Port $orport,
    Stdlib::Port $dirport,
    String $exit_policy,
    Stdlib::Httpurl $apt_uri,
    String $apt_dist,
    Stdlib::Ensure::Service $service_ensure,
    Array[String] $fingerprints,
) {

    apt::package_from_component { 'thirdparty-tor':
        component => 'thirdparty/tor',
        packages  => ['tor'],
        distro    => $apt_dist,
        uri       => $apt_uri,
    }

    # status monitor for tor - https://www.atagar.com/arm/
    package { 'tor-arm':
        ensure => 'present',
    }

    $family = join($fingerprints, ',')

    file { '/etc/tor/torrc':
        ensure  => 'present',
        mode    => '0444',
        owner   => 'root',
        group   => 'root',
        content => template('tor/torrc.erb'),
        notify  => Service['tor'],
        require => Package['tor'],
    }

    exec { 'tor-systemd-reload':
        refreshonly => true,
        command     => '/bin/systemctl daemon-reload',
    }

    service { 'tor':
        ensure  => $service_ensure,
        require => Package['tor'],
    }
}