Move hidden services to a define

Replace the array-based tor::hidden_services parameter with a define that adds a section to the concat for torrc.
2014-11-16 18:11:23 -06:00 · 2014-11-16 18:11:23 -06:00 · 9c36fbf5e2
parent 5767e56a44
commit 9c36fbf5e2
5 changed files with 30 additions and 19 deletions
--- a/2
+++ b/2
@ -6,3 +6,5 @@ license 'Apache 2.0'
 summary 'Tor onion router'
 description 'A Puppet module to deploy and manage Tor nodes'
 project_page 'https://github.com/inkblot/puppet-tor'
+
+dependency 'puppetlabs/concat', '>= 1.0.0'
--- a/manifests/init.pp
+++ b/manifests/init.pp
@ -28,7 +28,6 @@ class tor (
    $directory                  = false,
    $dirport                    = '9000',
    $dirlistenaddress           = '0.0.0.0:9000',
-    $hidden_services            = [],
    $transport                  = false,
    $translistenaddress         = '127.0.0.1',
    $dnsport                    = false,
@ -39,15 +38,19 @@ class tor (
        ensure => installed,
    }

-    file { '/etc/tor/torrc':
-        ensure  => present,
+    concat { '/etc/tor/torrc':
        owner   => 'root',
        group   => 'root',
-        content => template('tor/torrc.erb'),
        require => Package['tor'],
        notify  => Service['tor'],
    }

+    concat::fragment { 'torrc-main':
+        target  => '/etc/tor/torrc',
+        content => template('tor/torrc.erb'),
+        order   => '00',
+    }
+
    service { 'tor':
        ensure => running,
    }
--- a/manifests/service.pp
+++ b/manifests/service.pp
@ -0,0 +1,13 @@
+# ex: syntax=puppet si ts=4 sw=4 et
+
+define tor::service (
+    $real_port    = 'same',
+    $real_address = '127.0.0.1',
+    $virtual_port,
+) {
+    concat::fragment { "torrc-service-${name}":
+        target  => '/etc/tor/torrc',
+        content => template('tor/service.erb'),
+        order   => "05-${name}-00",
+    }
+}
--- a/templates/service.erb
+++ b/templates/service.erb
@ -0,0 +1,8 @@
+
+############### This section is location-hidden service <%= @name %>  ###
+
+## Once you have configured a hidden service, you can find the hidden
+## service hostname in /var/lib/tor/<%= @name %>/hostname
+
+HiddenServiceDir /var/lib/tor/<%= @name %>
+HiddenServicePort <%= @virtual_port %> <%= @real_address %>:<%= @real_port === 'same' ? @virtual_port : @real_port %>
--- a/templates/torrc.erb
+++ b/templates/torrc.erb
@ -70,21 +70,6 @@ TransListenAddress <%= @translistenaddress %>
 ## authentication methods, to prevent attackers from accessing it.
 #HashedControlPassword 16:872860B76453A77D60CA2BB8C1A7042072093276A3D701AD684053EC4C
 #CookieAuthentication 1
-<%- unless @hidden_services.empty? -%>
-
-############### This section is just for location-hidden services ###
-
-## Once you have configured a hidden service, you can look at the
-## contents of the file ".../hidden_service/hostname" for the address
-## to tell people.
-<%-   @hidden_services.each do |service| -%>
-
-HiddenServiceDir /var/lib/tor/<%= service['name'] %>
-<%-     service['ports'].each do |port| -%>
-HiddenServicePort <%= port['hsport'] %> <%= port['origin'] %>
-<%-     end -%>
-<%-   end -%>
-<%- end -%>
 <%- if @relay -%>

 ################ This section is just for relays #####################