split out defines into their own files

diff --git a/manifests/daemon.pp b/manifests/daemon.pp
index 623aa2213e72234609e5128b96183ec23309dec2..1f4ea490d0321141434f378dc81e24af60113aef 100644 (file)
--- a/manifests/daemon.pp
+++ b/manifests/daemon.pp
@@ -76,235 +76,4 @@ class tor::daemon (
     order   => 01,
     target  => $config_file,
   }
-
-  # socks definition
-  define socks(
-    $port = 0,
-    $listen_addresses = [],
-    $policies = [] ) {
-
-    concat::fragment { '02.socks':
-      content => template('tor/torrc.socks.erb'),
-      owner   => 'debian-tor', group => 'debian-tor', mode => '0644',
-      order   => 02,
-      target  => $tor::daemon::config_file,
-    }
-  }
-
-  # relay definition
-  define relay(
-    $port                    = 0,
-    $listen_addresses        = [],
-    $outbound_bindaddresses  = [],
-    # KB/s, defaulting to using tor's default: 5120KB/s
-    $bandwidth_rate          = '',
-    # KB/s, defaulting to using tor's default: 10240KB/s
-    $bandwidth_burst         = '',
-    # KB/s, 0 for no limit
-    $relay_bandwidth_rate    = 0,
-    # KB/s, 0 for no limit
-    $relay_bandwidth_burst   = 0,
-    # GB, 0 for no limit
-    $accounting_max          = 0,
-    $accounting_start        = [],
-    $contact_info            = '',
-    # TODO: autofill with other relays
-    $my_family               = '',
-    $address                 = "tor.${::domain}",
-    $bridge_relay            = 0,
-    $ensure                  = present ) {
-
-    $nickname = $name
-
-    if $outbound_bindaddresses == [] {
-      $real_outbound_bindaddresses = $listen_addresses
-    } else {
-      $real_outbound_bindaddresses = $outbound_bindaddresses
-    }
-
-    concat::fragment { '03.relay':
-      ensure  => $ensure,
-      content => template('tor/torrc.relay.erb'),
-      owner   => 'debian-tor',
-      group   => 'debian-tor',
-      mode    => '0644',
-      order   => 03,
-      target  => $tor::daemon::config_file,
-    }
-  }
-
-  # control definition
-  define control(
-    $port                            = 0,
-    $hashed_control_password         = '',
-    $cookie_authentication           = 0,
-    $cookie_auth_file                = '',
-    $cookie_auth_file_group_readable = '',
-    $ensure                          = present ) {
-
-    if $cookie_authentication == '0' and $hashed_control_password == '' and $ensure != 'absent' {
-      fail('You need to define the tor control password')
-    }
-
-    if $cookie_authentication == 0 and ($cookie_auth_file != '' or $cookie_auth_file_group_readable != '') {
-      notice('You set a tor cookie authentication option, but do not have cookie_authentication on')
-    }
-
-    concat::fragment { '04.control':
-      ensure  => $ensure,
-      content => template('tor/torrc.control.erb'),
-      owner   => 'debian-tor',
-      group   => 'debian-tor',
-      mode    => '0600',
-      order   => 04,
-      target  => $tor::daemon::config_file,
-    }
-  }
-
-  # hidden services definition
-  define hidden_service(
-    $ports    = [],
-    $data_dir = $tor::daemon::data_dir,
-    $ensure   = present ) {
-
-    concat::fragment { "05.hidden_service.${name}":
-      ensure  => $ensure,
-      content => template('tor/torrc.hidden_service.erb'),
-      owner   => 'debian-tor',
-      group   => 'debian-tor',
-      mode    => '0644',
-      order   => 05,
-      target  => $tor::daemon::config_file,
-    }
-  }
-
-  # directory advertising
-  define directory (
-    $port             = 0,
-    $listen_addresses = [],
-    $port_front_page  = '/etc/tor/tor.html',
-    $ensure           = present ) {
-
-    concat::fragment { '06.directory':
-      ensure  => $ensure,
-      content => template('tor/torrc.directory.erb'),
-      owner   => 'debian-tor',
-      group   => 'debian-tor',
-      mode    => '0644',
-      order   => 06,
-      target  => $tor::daemon::config_file,
-    }
-
-    file { '/etc/tor/tor.html':
-      ensure  => $ensure,
-      source  => 'puppet:///modules/tor/tor.html',
-      require => File['/etc/tor'],
-      owner   => 'debian-tor',
-      group   => 'debian-tor',
-      mode    => '0644',
-    }
-  }
-
-  # exit policies
-  define exit_policy(
-    $accept         = [],
-    $reject         = [],
-    $reject_private = 1,
-    $ensure         = present ) {
-
-    concat::fragment { "07.exit_policy.${name}":
-      ensure  => $ensure,
-      content => template('tor/torrc.exit_policy.erb'),
-      owner   => 'debian-tor',
-      group   => 'debian-tor',
-      mode    => '0644',
-      order   => 07,
-      target  => $tor::daemon::config_file,
-    }
-  }
-
-  # DNS definition
-  define dns(
-    $port             = 0,
-    $listen_addresses = [],
-    $ensure           = present ) {
-
-    concat::fragment { "08.dns.${name}":
-      ensure  => $ensure,
-      content => template('tor/torrc.dns.erb'),
-      owner   => 'debian-tor',
-      group   => 'debian-tor',
-      mode    => '0644',
-      order   => 08,
-      target  => $tor::daemon::config_file,
-    }
-  }
-
-  # Transparent proxy definition
-  define transparent(
-    $port             = 0,
-    $listen_addresses = [],
-    $ensure           = present ) {
-
-    concat::fragment { "09.transparent.${name}":
-      ensure  => $ensure,
-      content => template('tor/torrc.transparent.erb'),
-      owner   => 'debian-tor',
-      group   => 'debian-tor',
-      mode    => '0644',
-      order   => 09,
-      target  => $tor::daemon::config_file,
-    }
-  }
-
-  # Bridge definition
-  define bridge(
-    $ip,
-    $port,
-    $fingerprint = false,
-    $ensure      = present ) {
-
-    concat::fragment { "10.bridge.${name}":
-      ensure  => $ensure,
-      content => template('tor/torrc.bridge.erb'),
-      owner   => 'debian-tor',
-      group   => 'debian-tor',
-      mode    => '0644',
-      order   => 10,
-      target  => $tor::daemon::config_file,
-    }
-  }
-
-  # map address definition
-  define map_address(
-    $address    = '',
-    $newaddress = '') {
-
-    concat::fragment { "08.map_address.${name}":
-      ensure  => $ensure,
-      content => template('tor/torrc.map_address.erb'),
-      owner   => 'debian-tor',
-      group   => 'debian-tor',
-      mode    => '0644',
-      order   => 08,
-      target  => $tor::daemon::config_file,
-    }
-  }
-
-  # Arbitrary torrc snippet definition
-  define snippet(
-    $content = '',
-    $ensure  = present ) {
-
-    concat::fragment { "99.snippet.${name}":
-      ensure  => $ensure,
-      content => $content,
-      owner   => 'debian-tor',
-      group   => 'debian-tor',
-      mode    => '0644',
-      order   => 99,
-      target  => $tor::daemon::config_file,
-    }
-  }
-
 }

diff --git a/manifests/daemon/bridge.pp b/manifests/daemon/bridge.pp
new file mode 100644 (file)
index 0000000..063f565
--- /dev/null
+++ b/manifests/daemon/bridge.pp
@@ -0,0 +1,18 @@
+# Bridge definition
+define tor::daemon::bridge(
+  $ip,
+  $port,
+  $fingerprint = false,
+  $ensure      = present ) {
+
+  concat::fragment { "10.bridge.${name}":
+    ensure  => $ensure,
+    content => template('tor/torrc.bridge.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 10,
+    target  => $tor::daemon::config_file,
+  }
+}
+

diff --git a/manifests/daemon/control.pp b/manifests/daemon/control.pp
new file mode 100644 (file)
index 0000000..0172656
--- /dev/null
+++ b/manifests/daemon/control.pp
@@ -0,0 +1,27 @@
+# control definition
+define tor::daemon::control(
+  $port                            = 0,
+  $hashed_control_password         = '',
+  $cookie_authentication           = 0,
+  $cookie_auth_file                = '',
+  $cookie_auth_file_group_readable = '',
+  $ensure                          = present ) {
+
+  if $cookie_authentication == '0' and $hashed_control_password == '' and $ensure != 'absent' {
+    fail('You need to define the tor control password')
+  }
+
+  if $cookie_authentication == 0 and ($cookie_auth_file != '' or $cookie_auth_file_group_readable != '') {
+    notice('You set a tor cookie authentication option, but do not have cookie_authentication on')
+  }
+
+  concat::fragment { '04.control':
+    ensure  => $ensure,
+    content => template('tor/torrc.control.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0600',
+    order   => 04,
+    target  => $tor::daemon::config_file,
+  }
+}

diff --git a/manifests/daemon/directory.pp b/manifests/daemon/directory.pp
new file mode 100644 (file)
index 0000000..b71b6e6
--- /dev/null
+++ b/manifests/daemon/directory.pp
@@ -0,0 +1,27 @@
+# directory advertising
+define tor::daemon::directory (
+  $port             = 0,
+  $listen_addresses = [],
+  $port_front_page  = '/etc/tor/tor.html',
+  $ensure           = present ) {
+
+  concat::fragment { '06.directory':
+    ensure  => $ensure,
+    content => template('tor/torrc.directory.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 06,
+    target  => $tor::daemon::config_file,
+  }
+
+  file { '/etc/tor/tor.html':
+    ensure  => $ensure,
+    source  => 'puppet:///modules/tor/tor.html',
+    require => File['/etc/tor'],
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+  }
+}
+

diff --git a/manifests/daemon/dns.pp b/manifests/daemon/dns.pp
new file mode 100644 (file)
index 0000000..f3a7027
--- /dev/null
+++ b/manifests/daemon/dns.pp
@@ -0,0 +1,17 @@
+# DNS definition
+define tor::daemon::dns(
+  $port             = 0,
+  $listen_addresses = [],
+  $ensure           = present ) {
+
+  concat::fragment { "08.dns.${name}":
+    ensure  => $ensure,
+    content => template('tor/torrc.dns.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 08,
+    target  => $tor::daemon::config_file,
+  }
+}
+

diff --git a/manifests/daemon/exit_policy.pp b/manifests/daemon/exit_policy.pp
new file mode 100644 (file)
index 0000000..f459ece
--- /dev/null
+++ b/manifests/daemon/exit_policy.pp
@@ -0,0 +1,18 @@
+# exit policies
+define tor::daemon::exit_policy(
+  $accept         = [],
+  $reject         = [],
+  $reject_private = 1,
+  $ensure         = present ) {
+
+  concat::fragment { "07.exit_policy.${name}":
+    ensure  => $ensure,
+    content => template('tor/torrc.exit_policy.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 07,
+    target  => $tor::daemon::config_file,
+  }
+}
+

diff --git a/manifests/daemon/hidden_service.pp b/manifests/daemon/hidden_service.pp
new file mode 100644 (file)
index 0000000..c827211
--- /dev/null
+++ b/manifests/daemon/hidden_service.pp
@@ -0,0 +1,17 @@
+# hidden services definition
+define tor::daemon::hidden_service(
+  $ports    = [],
+  $data_dir = $tor::daemon::data_dir,
+  $ensure   = present ) {
+
+  concat::fragment { "05.hidden_service.${name}":
+    ensure  => $ensure,
+    content => template('tor/torrc.hidden_service.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 05,
+    target  => $tor::daemon::config_file,
+  }
+}
+

diff --git a/manifests/daemon/map_address.pp b/manifests/daemon/map_address.pp
new file mode 100644 (file)
index 0000000..6cb0956
--- /dev/null
+++ b/manifests/daemon/map_address.pp
@@ -0,0 +1,16 @@
+# map address definition
+define tor::daemon::map_address(
+  $address    = '',
+  $newaddress = '') {
+
+  concat::fragment { "08.map_address.${name}":
+    ensure  => $ensure,
+    content => template('tor/torrc.map_address.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 08,
+    target  => $tor::daemon::config_file,
+  }
+}
+

diff --git a/manifests/daemon/relay.pp b/manifests/daemon/relay.pp
new file mode 100644 (file)
index 0000000..d5296de
--- /dev/null
+++ b/manifests/daemon/relay.pp
@@ -0,0 +1,41 @@
+# relay definition
+define tor::daemon::relay(
+  $port                    = 0,
+  $listen_addresses        = [],
+  $outbound_bindaddresses  = [],
+  # KB/s, defaulting to using tor's default: 5120KB/s
+  $bandwidth_rate          = '',
+  # KB/s, defaulting to using tor's default: 10240KB/s
+  $bandwidth_burst         = '',
+  # KB/s, 0 for no limit
+  $relay_bandwidth_rate    = 0,
+  # KB/s, 0 for no limit
+  $relay_bandwidth_burst   = 0,
+  # GB, 0 for no limit
+  $accounting_max          = 0,
+  $accounting_start        = [],
+  $contact_info            = '',
+  # TODO: autofill with other relays
+  $my_family               = '',
+  $address                 = "tor.${::domain}",
+  $bridge_relay            = 0,
+  $ensure                  = present ) {
+
+  $nickname = $name
+
+  if $outbound_bindaddresses == [] {
+    $real_outbound_bindaddresses = $listen_addresses
+  } else {
+    $real_outbound_bindaddresses = $outbound_bindaddresses
+  }
+
+  concat::fragment { '03.relay':
+    ensure  => $ensure,
+    content => template('tor/torrc.relay.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 03,
+    target  => $tor::daemon::config_file,
+  }
+}

diff --git a/manifests/daemon/snippet.pp b/manifests/daemon/snippet.pp
new file mode 100644 (file)
index 0000000..b9089b4
--- /dev/null
+++ b/manifests/daemon/snippet.pp
@@ -0,0 +1,16 @@
+# Arbitrary torrc snippet definition
+define tor::daemon::snippet(
+  $content = '',
+  $ensure  = present ) {
+
+  concat::fragment { "99.snippet.${name}":
+    ensure  => $ensure,
+    content => $content,
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 99,
+    target  => $tor::daemon::config_file,
+  }
+}
+

diff --git a/manifests/daemon/socks.pp b/manifests/daemon/socks.pp
new file mode 100644 (file)
index 0000000..910461c
--- /dev/null
+++ b/manifests/daemon/socks.pp
@@ -0,0 +1,15 @@
+# socks definition
+define tor::daemon::socks(
+  $port = 0,
+  $listen_addresses = [],
+  $policies = [] ) {
+
+  concat::fragment { '02.socks':
+    content => template('tor/torrc.socks.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 02,
+    target  => $tor::daemon::config_file,
+  }
+}

diff --git a/manifests/daemon/transparent.pp b/manifests/daemon/transparent.pp
new file mode 100644 (file)
index 0000000..74fed4f
--- /dev/null
+++ b/manifests/daemon/transparent.pp
@@ -0,0 +1,17 @@
+# Transparent proxy definition
+define tor::daemon::transparent(
+  $port             = 0,
+  $listen_addresses = [],
+  $ensure           = present ) {
+
+  concat::fragment { "09.transparent.${name}":
+    ensure  => $ensure,
+    content => template('tor/torrc.transparent.erb'),
+    owner   => 'debian-tor',
+    group   => 'debian-tor',
+    mode    => '0644',
+    order   => 09,
+    target  => $tor::daemon::config_file,
+  }
+}
+