From 0cc4d9c90911b0117cfd13fbee5e18bcfd9c89c3 Mon Sep 17 00:00:00 2001
From: Micah Anderson <micah@riseup.net>
Date: Mon, 30 Jul 2012 22:08:30 -0400
Subject: switch bandwidth_rate and bandwidth_burst to be relay_bandwidth_rate
 and relay_bandwidth_burst so we can use those variables for their proper tor
 configuration variables

---
 manifests/daemon.pp | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'manifests')

diff --git a/manifests/daemon.pp b/manifests/daemon.pp
index 6d8c315..5150c96 100644
--- a/manifests/daemon.pp
+++ b/manifests/daemon.pp
@@ -101,9 +101,11 @@ class tor::daemon inherits tor {
   define relay( $port                    = 0,
                 $listen_addresses        = [],
                 $outbound_bindaddresses  = $listen_addresses,
-                $bandwidth_rate  = 0,    # KB/s, 0 for no limit.
-                $bandwidth_burst = 0,    # KB/s, 0 for no limit.
-                $accounting_max          = 0,  # GB, 0 for no limit.
+                $bandwidth_rate          = '',    # KB/s, defaulting to using tor's default: 5120KB/s
+                $bandwidth_burst         = '',    # KB/s, defaulting to using tor's default: 10240KB/s
+                $relay_bandwidth_rate    = 0,     # KB/s, 0 for no limit.
+                $relay_bandwidth_burst   = 0,     # KB/s, 0 for no limit.
+                $accounting_max          = 0,     # GB, 0 for no limit.
                 $accounting_start        = [],
                 $contact_info            = '',
                 $my_family               = '', # TODO: autofill with other relays
-- 
cgit v1.2.3


From 5a1f664b66f62d2f75fb8ea8cee730aaf9097e84 Mon Sep 17 00:00:00 2001
From: Micah Anderson <micah@riseup.net>
Date: Fri, 3 Aug 2012 14:39:08 -0400
Subject: change location of control port in munin graphs, now that
 /usr/share/tor/tor-service-defaults-torrc exists and contains:

CookieAuthentication 1
CookieAuthFileGroupReadable 1
CookieAuthFile /var/run/tor/control.authcookie
---
 manifests/munin.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'manifests')

diff --git a/manifests/munin.pp b/manifests/munin.pp
index ac2630a..8504f89 100644
--- a/manifests/munin.pp
+++ b/manifests/munin.pp
@@ -17,7 +17,7 @@ class tor::munin {
   munin::plugin {
     [ "tor_connections", "tor_routers", "tor_traffic" ]:
       ensure => present,
-      config => "user debian-tor\n env.cookiefile /var/lib/tor/control_auth_cookie",
+      config => "user debian-tor\n env.cookiefile /var/run/tor/control.authcookie",
       script_path_in => "/usr/local/share/munin-plugins";
   }
 }
-- 
cgit v1.2.3


From 1591ee0c75565a0109ce4615f78e2bef444e1491 Mon Sep 17 00:00:00 2001
From: Micah Anderson <micah@riseup.net>
Date: Fri, 3 Aug 2012 15:00:32 -0400
Subject: add $cookie_authentication, $cookie_auth_file and
 $cookie_auth_file_group_readable variables

---
 manifests/daemon.pp         | 13 ++++++++++---
 templates/torrc.control.erb | 10 ++++++++++
 2 files changed, 20 insertions(+), 3 deletions(-)

(limited to 'manifests')

diff --git a/manifests/daemon.pp b/manifests/daemon.pp
index 5150c96..8f6d80d 100644
--- a/manifests/daemon.pp
+++ b/manifests/daemon.pp
@@ -123,13 +123,20 @@ class tor::daemon inherits tor {
   } 
 
   # control definition
-  define control( $port                    = 0,
-                  $hashed_control_password = '',
+  define control( $port                            = 0,
+                  $hashed_control_password         = '',
+                  $cookie_authentication           = 0,
+                  $cookie_auth_file                = '',
+                  $cookie_auth_file_group_readable = '',
                   $ensure                  = present ) {
 
-    if $hashed_control_password == '' and $ensure != 'absent' {
+    if $cookie_authentication == '0' and $hashed_control_password == '' and $ensure != 'absent' {
       fail("You need to define the tor control password")
     }
+
+    if $cookie_authentication == 0 and ($cookie_auth_file != '' or $cookie_auth_file_group_readable != '') {
+      notice("You set a tor cookie authentication option, but do not have cookie_authentication on")
+    }
     
     concatenated_file_part { '04.control':
       dir     => $tor::daemon::snippet_dir,
diff --git a/templates/torrc.control.erb b/templates/torrc.control.erb
index df9513a..7e10d4d 100644
--- a/templates/torrc.control.erb
+++ b/templates/torrc.control.erb
@@ -1,6 +1,16 @@
 # tor controller
 <%- if port != '0' then -%>
 ControlPort <%= port %>
+<%- if cookie_authentication != '0' then -%>
+CookieAuthentication 1
+<%- if cookie_auth_file != '' then -%>
+CookieAuthFile <%= cookie_auth_file %>
+<%- end -%>
+<%- if cookie_auth_file_group_readable != '' then -%>
+CookieAuthFileGroupReadable <%= cookie_auth_file_group_readable %>
+<%- end -%>
+<%- else %->
 HashedControlPassword <%= hashed_control_password %>
 <%- end -%>
+<%- end -%>
 
-- 
cgit v1.2.3