2019-03-27 14:50:46 +01:00
|
|
|
{% from "tor/map.jinja" import map with context %}
|
|
|
|
|
|
|
|
include:
|
|
|
|
- tor.repo
|
|
|
|
- tor.install
|
|
|
|
|
|
|
|
deploy_tor_torrc:
|
|
|
|
file.managed:
|
|
|
|
- name: {{ map.config_torrc }}
|
|
|
|
- source: salt://{{ slspath }}/files/ini.jinja
|
|
|
|
- user: root
|
|
|
|
- group: root
|
|
|
|
- mode: 644
|
|
|
|
- template: jinja
|
|
|
|
- defailts:
|
|
|
|
config: {{ map.torrc }}
|
|
|
|
- reguire:
|
|
|
|
- pkg: install_tor
|
|
|
|
- watch_in:
|
|
|
|
- service: install_tor
|
|
|
|
|
|
|
|
deploy_tor_torsocks:
|
|
|
|
file.managed:
|
|
|
|
- name: {{ map.config_torsocks }}
|
|
|
|
- source: salt://{{ slspath }}/files/ini.jinja
|
|
|
|
- user: root
|
|
|
|
- group: root
|
|
|
|
- mode: 644
|
|
|
|
- template: jinja
|
|
|
|
- defailts:
|
|
|
|
config: {{ map.torsocks }}
|
|
|
|
- reguire:
|
|
|
|
- pkg: install_tor
|
|
|
|
- watch_in:
|
|
|
|
- service: install_tor
|
|
|
|
|
|
|
|
|
2019-04-19 17:09:43 +02:00
|
|
|
{% if salt['pillar.get']('tor:ed25519_signing_cert', False) %}
|
2019-03-27 14:50:46 +01:00
|
|
|
|
2019-04-19 17:09:43 +02:00
|
|
|
deploy_tor_signing_cert:
|
|
|
|
file.decode:
|
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/ed25519_signing_cert
|
|
|
|
- contents_pillar: tor:ed25519_signing_cert
|
|
|
|
- encoding_type: base64
|
|
|
|
- watch_in:
|
|
|
|
- service: install_tor
|
|
|
|
|
|
|
|
set_owner_tor_signing_cert:
|
2019-03-27 14:50:46 +01:00
|
|
|
file.managed:
|
2019-04-19 17:09:43 +02:00
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/ed25519_signing_cert
|
2019-03-27 14:50:46 +01:00
|
|
|
- user: debian-tor
|
|
|
|
- group: debian-tor
|
|
|
|
- mode: 600
|
|
|
|
- reguire:
|
|
|
|
- file: deploy_tor_torrc
|
2019-04-19 17:09:43 +02:00
|
|
|
- file: deploy_tor_signing_cert
|
2019-03-27 14:50:46 +01:00
|
|
|
- watch_in:
|
|
|
|
- service: install_tor
|
2019-04-19 17:09:43 +02:00
|
|
|
|
2019-03-27 14:50:46 +01:00
|
|
|
{% endif %}
|
|
|
|
|
2019-04-19 17:09:43 +02:00
|
|
|
|
|
|
|
{% if salt['pillar.get']('tor:ed25519_signing_secret_key', False) %}
|
|
|
|
|
|
|
|
deploy_tor_signing_secret_key:
|
|
|
|
file.decode:
|
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/ed25519_signing_secret_key
|
|
|
|
- contents_pillar: tor:ed25519_signing_secret_key
|
|
|
|
- encoding_type: base64
|
|
|
|
- watch_in:
|
|
|
|
- service: install_tor
|
|
|
|
|
|
|
|
set_owner_tor_signing_secret_key:
|
2019-03-27 14:50:46 +01:00
|
|
|
file.managed:
|
2019-04-19 17:09:43 +02:00
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/ed25519_signing_secret_key
|
2019-03-27 14:50:46 +01:00
|
|
|
- user: debian-tor
|
|
|
|
- group: debian-tor
|
|
|
|
- mode: 600
|
|
|
|
- reguire:
|
|
|
|
- file: deploy_tor_torrc
|
2019-04-19 17:09:43 +02:00
|
|
|
- file: deploy_tor_signing_secret_key
|
2019-03-27 14:50:46 +01:00
|
|
|
- watch_in:
|
|
|
|
- service: install_tor
|
2019-04-19 17:09:43 +02:00
|
|
|
|
2019-03-27 14:50:46 +01:00
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
|
2019-04-19 17:09:43 +02:00
|
|
|
{% if salt['pillar.get']('tor:ed25519_master_id_secret_key', False) %}
|
|
|
|
|
|
|
|
deploy_tor_master_id_secret_key:
|
|
|
|
file.decode:
|
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/ed25519_master_id_secret_key
|
|
|
|
- contents_pillar: tor:ed25519_master_id_secret_key
|
|
|
|
- encoding_type: base64
|
|
|
|
- watch_in:
|
|
|
|
- service: install_tor
|
|
|
|
|
|
|
|
set_owner_tor_master_id_secret_key:
|
2019-03-27 14:50:46 +01:00
|
|
|
file.managed:
|
2019-04-19 17:09:43 +02:00
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/ed25519_master_id_secret_key
|
|
|
|
- user: debian-tor
|
|
|
|
- group: debian-tor
|
2019-03-27 14:50:46 +01:00
|
|
|
- mode: 600
|
|
|
|
- reguire:
|
|
|
|
- file: deploy_tor_torrc
|
2019-04-19 17:09:43 +02:00
|
|
|
- file: deploy_tor_master_id_secret_key
|
|
|
|
- watch_in:
|
|
|
|
- service: install_tor
|
2019-03-27 14:50:46 +01:00
|
|
|
|
2019-04-19 17:09:43 +02:00
|
|
|
{% endif %}
|
2019-03-27 14:50:46 +01:00
|
|
|
|
2019-04-19 17:09:43 +02:00
|
|
|
|
|
|
|
|
|
|
|
{% if salt['pillar.get']('tor:ed25519_master_id_public_key', False) %}
|
|
|
|
|
|
|
|
deploy_tor_master_id_public_key:
|
|
|
|
file.decode:
|
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/ed25519_master_id_public_key
|
|
|
|
- contents_pillar: tor:ed25519_master_id_public_key
|
|
|
|
- encoding_type: base64
|
|
|
|
- watch_in:
|
|
|
|
- service: install_tor
|
|
|
|
|
|
|
|
set_owner_tor_master_id_public_key:
|
2019-03-27 14:50:46 +01:00
|
|
|
file.managed:
|
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/ed25519_master_id_public_key
|
|
|
|
- user: debian-tor
|
|
|
|
- group: debian-tor
|
|
|
|
- mode: 600
|
|
|
|
- reguire:
|
|
|
|
- file: deploy_tor_torrc
|
2019-04-19 17:09:43 +02:00
|
|
|
- file: deploy_tor_master_id_public_key
|
2019-03-27 14:50:46 +01:00
|
|
|
- watch_in:
|
|
|
|
- service: install_tor
|
|
|
|
|
|
|
|
{% endif %}
|
|
|
|
|
|
|
|
|
2019-04-19 17:09:43 +02:00
|
|
|
|
|
|
|
{% if salt['pillar.get']('tor:secret_id_key', False) %}
|
|
|
|
deploy_tor_secret_id_key:
|
2019-03-27 14:50:46 +01:00
|
|
|
file.managed:
|
2019-04-19 17:09:43 +02:00
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/secret_id_key
|
|
|
|
- contents_pillar: tor:secret_id_key
|
|
|
|
- user: debian-tor
|
|
|
|
- group: debian-tor
|
2019-03-27 14:50:46 +01:00
|
|
|
- mode: 600
|
|
|
|
- reguire:
|
|
|
|
- file: deploy_tor_torrc
|
2019-04-19 17:09:43 +02:00
|
|
|
- watch_in:
|
|
|
|
- service: install_tor
|
|
|
|
{% endif %}
|
2019-03-27 14:50:46 +01:00
|
|
|
|
|
|
|
|
2019-04-19 17:09:43 +02:00
|
|
|
|
|
|
|
{% if salt['pillar.get']('tor:fingerprint', False) %}
|
|
|
|
deploy_tor_fingerprint:
|
2019-03-27 14:50:46 +01:00
|
|
|
file.managed:
|
2019-04-19 17:09:43 +02:00
|
|
|
- name: {{ map.torrc.DataDirectory }}/fingerprint
|
|
|
|
- contents_pillar: tor:fingerprint
|
2019-03-27 14:50:46 +01:00
|
|
|
- user: debian-tor
|
|
|
|
- group: debian-tor
|
|
|
|
- mode: 600
|
|
|
|
- reguire:
|
|
|
|
- file: deploy_tor_torrc
|
|
|
|
- watch_in:
|
|
|
|
- service: install_tor
|
|
|
|
{% endif %}
|
|
|
|
|
2019-04-19 17:09:43 +02:00
|
|
|
|