summaryrefslogtreecommitdiff
path: root/src/Propellor/Property/Tor.hs
diff options
context:
space:
mode:
Diffstat (limited to 'src/Propellor/Property/Tor.hs')
-rw-r--r--src/Propellor/Property/Tor.hs34
1 files changed, 25 insertions, 9 deletions
diff --git a/src/Propellor/Property/Tor.hs b/src/Propellor/Property/Tor.hs
index ea9f39ed..8794bc7f 100644
--- a/src/Propellor/Property/Tor.hs
+++ b/src/Propellor/Property/Tor.hs
@@ -53,12 +53,20 @@ named n = configured [("Nickname", n')]
where
n' = saneNickname n
+-- | Configures tor with secret_id_key, ed25519_master_id_public_key,
+-- and ed25519_master_id_secret_key from privdata.
torPrivKey :: Context -> Property (HasInfo + DebianLike)
-torPrivKey context = f `File.hasPrivContent` context
- `onChange` File.ownerGroup f user (userGroup user)
+torPrivKey context = mconcat (map go keyfiles)
+ `onChange` restarted
`requires` torPrivKeyDirExists
where
- f = torPrivKeyDir </> "secret_id_key"
+ keyfiles = map (torPrivKeyDir </>)
+ [ "secret_id_key"
+ , "ed25519_master_id_public_key"
+ , "ed25519_master_id_secret_key"
+ ]
+ go f = f `File.hasPrivContent` context
+ `onChange` File.ownerGroup f user (userGroup user)
torPrivKeyDirExists :: Property DebianLike
torPrivKeyDirExists = File.dirExists torPrivKeyDir
@@ -124,22 +132,30 @@ bandwidthRate' s divby = case readSize dataUnits s of
-- If used without `hiddenServiceData`, tor will generate a new
-- private key.
hiddenService :: HiddenServiceName -> Port -> Property DebianLike
-hiddenService hn (Port port) = ConfFile.adjustSection
- (unwords ["hidden service", hn, "available on port", show port])
+hiddenService hn port = hiddenService' hn [port]
+
+hiddenService' :: HiddenServiceName -> [Port] -> Property DebianLike
+hiddenService' hn ports = ConfFile.adjustSection
+ (unwords ["hidden service", hn, "available on ports", intercalate "," (map val ports')])
(== oniondir)
(not . isPrefixOf "HiddenServicePort")
- (const [oniondir, onionport])
- (++ [oniondir, onionport])
+ (const (oniondir : onionports))
+ (++ oniondir : onionports)
mainConfig
`onChange` restarted
where
oniondir = unwords ["HiddenServiceDir", varLib </> hn]
- onionport = unwords ["HiddenServicePort", show port, "127.0.0.1:" ++ show port]
+ onionports = map onionport ports'
+ ports' = sort ports
+ onionport port = unwords ["HiddenServicePort", val port, "127.0.0.1:" ++ val port]
-- | Same as `hiddenService` but also causes propellor to display
-- the onion address of the hidden service.
hiddenServiceAvailable :: HiddenServiceName -> Port -> Property DebianLike
-hiddenServiceAvailable hn port = hiddenServiceHostName $ hiddenService hn port
+hiddenServiceAvailable hn port = hiddenServiceAvailable' hn [port]
+
+hiddenServiceAvailable' :: HiddenServiceName -> [Port] -> Property DebianLike
+hiddenServiceAvailable' hn ports = hiddenServiceHostName $ hiddenService' hn ports
where
hiddenServiceHostName p = adjustPropertySatisfy p $ \satisfy -> do
r <- satisfy