2023-02-06 21:35:15 +01:00
|
|
|
{%- from "tor/map.jinja" import map with context -%}
|
2019-03-27 14:50:46 +01:00
|
|
|
|
|
|
|
|
include:
|
|
|
|
|
- tor.install
|
|
|
|
|
|
|
|
|
|
deploy_tor_torrc:
|
|
|
|
|
file.managed:
|
|
|
|
|
- name: {{ map.config_torrc }}
|
|
|
|
|
- source: salt://{{ slspath }}/files/ini.jinja
|
|
|
|
|
- user: root
|
|
|
|
|
- group: root
|
|
|
|
|
- mode: 644
|
|
|
|
|
- template: jinja
|
2023-02-05 18:18:34 +01:00
|
|
|
- defaults:
|
2019-03-27 14:50:46 +01:00
|
|
|
config: {{ map.torrc }}
|
2023-02-05 18:18:34 +01:00
|
|
|
- require:
|
2019-03-27 14:50:46 +01:00
|
|
|
- pkg: install_tor
|
|
|
|
|
- watch_in:
|
|
|
|
|
- service: install_tor
|
|
|
|
|
|
2023-02-06 21:35:15 +01:00
|
|
|
{%- if salt['pillar.get']('tor:ed25519_signing_cert', False) %}
|
2019-04-19 17:09:43 +02:00
|
|
|
deploy_tor_signing_cert:
|
|
|
|
|
file.decode:
|
|
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/ed25519_signing_cert
|
|
|
|
|
- contents_pillar: tor:ed25519_signing_cert
|
|
|
|
|
- encoding_type: base64
|
|
|
|
|
- watch_in:
|
|
|
|
|
- service: install_tor
|
|
|
|
|
|
|
|
|
|
set_owner_tor_signing_cert:
|
2019-03-27 14:50:46 +01:00
|
|
|
file.managed:
|
2019-04-19 17:09:43 +02:00
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/ed25519_signing_cert
|
2023-02-06 21:27:49 +01:00
|
|
|
- user: tor
|
|
|
|
|
- group: tor
|
2019-03-27 14:50:46 +01:00
|
|
|
- mode: 600
|
2023-02-05 18:18:34 +01:00
|
|
|
- require:
|
2019-03-27 14:50:46 +01:00
|
|
|
- file: deploy_tor_torrc
|
2019-04-19 17:09:43 +02:00
|
|
|
- file: deploy_tor_signing_cert
|
2019-03-27 14:50:46 +01:00
|
|
|
- watch_in:
|
|
|
|
|
- service: install_tor
|
2023-02-06 21:35:15 +01:00
|
|
|
{%- endif %}
|
2019-04-19 17:09:43 +02:00
|
|
|
|
2023-02-06 21:35:15 +01:00
|
|
|
{%- if salt['pillar.get']('tor:ed25519_signing_secret_key', False) %}
|
2019-04-19 17:09:43 +02:00
|
|
|
deploy_tor_signing_secret_key:
|
|
|
|
|
file.decode:
|
|
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/ed25519_signing_secret_key
|
|
|
|
|
- contents_pillar: tor:ed25519_signing_secret_key
|
|
|
|
|
- encoding_type: base64
|
|
|
|
|
- watch_in:
|
|
|
|
|
- service: install_tor
|
|
|
|
|
|
|
|
|
|
set_owner_tor_signing_secret_key:
|
2019-03-27 14:50:46 +01:00
|
|
|
file.managed:
|
2019-04-19 17:09:43 +02:00
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/ed25519_signing_secret_key
|
2023-02-06 21:27:49 +01:00
|
|
|
- user: tor
|
|
|
|
|
- group: tor
|
2019-03-27 14:50:46 +01:00
|
|
|
- mode: 600
|
2023-02-05 18:18:34 +01:00
|
|
|
- require:
|
2019-03-27 14:50:46 +01:00
|
|
|
- file: deploy_tor_torrc
|
2019-04-19 17:09:43 +02:00
|
|
|
- file: deploy_tor_signing_secret_key
|
2019-03-27 14:50:46 +01:00
|
|
|
- watch_in:
|
|
|
|
|
- service: install_tor
|
2023-02-06 21:35:15 +01:00
|
|
|
{%- endif %}
|
2019-04-19 17:09:43 +02:00
|
|
|
|
2023-02-06 21:35:15 +01:00
|
|
|
{%- if salt['pillar.get']('tor:ed25519_master_id_secret_key', False) %}
|
2019-04-19 17:09:43 +02:00
|
|
|
deploy_tor_master_id_secret_key:
|
|
|
|
|
file.decode:
|
|
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/ed25519_master_id_secret_key
|
|
|
|
|
- contents_pillar: tor:ed25519_master_id_secret_key
|
|
|
|
|
- encoding_type: base64
|
|
|
|
|
- watch_in:
|
|
|
|
|
- service: install_tor
|
|
|
|
|
|
|
|
|
|
set_owner_tor_master_id_secret_key:
|
2019-03-27 14:50:46 +01:00
|
|
|
file.managed:
|
2019-04-19 17:09:43 +02:00
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/ed25519_master_id_secret_key
|
2023-02-06 21:27:49 +01:00
|
|
|
- user: tor
|
|
|
|
|
- group: tor
|
2019-03-27 14:50:46 +01:00
|
|
|
- mode: 600
|
2023-02-05 18:18:34 +01:00
|
|
|
- require:
|
2019-03-27 14:50:46 +01:00
|
|
|
- file: deploy_tor_torrc
|
2019-04-19 17:09:43 +02:00
|
|
|
- file: deploy_tor_master_id_secret_key
|
|
|
|
|
- watch_in:
|
|
|
|
|
- service: install_tor
|
2023-02-06 21:35:15 +01:00
|
|
|
{%- endif %}
|
2019-03-27 14:50:46 +01:00
|
|
|
|
2023-02-06 21:35:15 +01:00
|
|
|
{%- if salt['pillar.get']('tor:ed25519_master_id_public_key', False) %}
|
2019-04-19 17:09:43 +02:00
|
|
|
deploy_tor_master_id_public_key:
|
|
|
|
|
file.decode:
|
|
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/ed25519_master_id_public_key
|
|
|
|
|
- contents_pillar: tor:ed25519_master_id_public_key
|
|
|
|
|
- encoding_type: base64
|
|
|
|
|
- watch_in:
|
|
|
|
|
- service: install_tor
|
|
|
|
|
|
|
|
|
|
set_owner_tor_master_id_public_key:
|
2019-03-27 14:50:46 +01:00
|
|
|
file.managed:
|
|
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/ed25519_master_id_public_key
|
2023-02-06 21:27:49 +01:00
|
|
|
- user: tor
|
|
|
|
|
- group: tor
|
2019-03-27 14:50:46 +01:00
|
|
|
- mode: 600
|
2023-02-05 18:18:34 +01:00
|
|
|
- require:
|
2019-03-27 14:50:46 +01:00
|
|
|
- file: deploy_tor_torrc
|
2019-04-19 17:09:43 +02:00
|
|
|
- file: deploy_tor_master_id_public_key
|
2019-03-27 14:50:46 +01:00
|
|
|
- watch_in:
|
|
|
|
|
- service: install_tor
|
2023-02-06 21:35:15 +01:00
|
|
|
{%- endif %}
|
2019-03-27 14:50:46 +01:00
|
|
|
|
2023-02-06 21:35:15 +01:00
|
|
|
{%- if salt['pillar.get']('tor:secret_id_key', False) %}
|
2019-04-19 17:09:43 +02:00
|
|
|
deploy_tor_secret_id_key:
|
2019-03-27 14:50:46 +01:00
|
|
|
file.managed:
|
2019-04-19 17:09:43 +02:00
|
|
|
- name: {{ map.torrc.DataDirectory }}/keys/secret_id_key
|
|
|
|
|
- contents_pillar: tor:secret_id_key
|
2023-02-06 21:27:49 +01:00
|
|
|
- user: tor
|
|
|
|
|
- group: tor
|
2019-03-27 14:50:46 +01:00
|
|
|
- mode: 600
|
2023-02-05 18:18:34 +01:00
|
|
|
- require:
|
2019-03-27 14:50:46 +01:00
|
|
|
- file: deploy_tor_torrc
|
2019-04-19 17:09:43 +02:00
|
|
|
- watch_in:
|
|
|
|
|
- service: install_tor
|
2023-02-06 21:35:15 +01:00
|
|
|
{%- endif %}
|
2019-03-27 14:50:46 +01:00
|
|
|
|
2023-02-06 21:35:15 +01:00
|
|
|
{%- if salt['pillar.get']('tor:fingerprint', False) %}
|
2019-04-19 17:09:43 +02:00
|
|
|
deploy_tor_fingerprint:
|
2019-03-27 14:50:46 +01:00
|
|
|
file.managed:
|
2019-04-19 17:09:43 +02:00
|
|
|
- name: {{ map.torrc.DataDirectory }}/fingerprint
|
|
|
|
|
- contents_pillar: tor:fingerprint
|
2023-02-06 21:27:49 +01:00
|
|
|
- user: tor
|
|
|
|
|
- group: tor
|
2019-03-27 14:50:46 +01:00
|
|
|
- mode: 600
|
2023-02-05 18:18:34 +01:00
|
|
|
- require:
|
2019-03-27 14:50:46 +01:00
|
|
|
- file: deploy_tor_torrc
|
|
|
|
|
- watch_in:
|
|
|
|
|
- service: install_tor
|
2023-02-06 21:35:15 +01:00
|
|
|
{%- endif %}
|
