Adoptable Cookbooks List

Looking for a cookbook to adopt? You can now see a list of cookbooks available for adoption!
List of Adoptable Cookbooks

Supermarket Belongs to the Community

Supermarket belongs to the community. While Chef has the responsibility to keep it running and be stewards of its functionality, what it does and how it works is driven by the community. The chef/supermarket repository will continue to be where development of the Supermarket application takes place. Come be part of shaping the direction of Supermarket by opening issues and pull requests or by joining us on the Chef Mailing List.

Select Badges

Select Supported Platforms

Select Status

RSS

tor-full (3) Versions 0.1.1

Installs/Configures tor

Policyfile
Berkshelf
Knife
cookbook 'tor-full', '= 0.1.1', :supermarket
cookbook 'tor-full', '= 0.1.1'
knife supermarket install tor-full
knife supermarket download tor-full
README
Dependencies
Changelog
Quality 0%

tor-full Cookbook

Installs and configures tor on a node

Requirements

Depends on tor package on debian or ubuntu and tor-core on centos and redhat

Attributes

#######################################
# General config section
#######################################
#The directory for keeping all the keys/etc
default['tor']['DataDirectory'] = "/var/lib/tor"
#The minimum log level to log. Possible values include debug, info, notice, warn, and err.
default['tor']['MinLogLevel'] = "notice"
#Where logs should be written. Valid values include a path to a file or "syslog"
default['tor']['LogDestination'] = "/var/log/tor/log"
#List of 'address:port' to open tor socks proxy on. Defaults to disabled
#Example: ['127.0.0.1:9050'] opens socks proxy on 9050 accessible to only the local machine
default['tor']['SocksPorts'] = []
#######################################
# Hidden Services config section
#######################################
#Desc: hidden services tor should expose
#Example:
#default['tor']['hiddenServices'] = {
# 'HIDDEN_SERVICE_NAME':{
#   'HiddenServiceDir' => '/var/lib/tor/some_service/', #default is /var/lib/tor/HIDDEN_SERVICE_NAME/
#   'HiddenServicePorts' => ['80 127.0.0.1:80'] #x y:z says to redirect requests on port x to the address y:z
#}
default['tor']['HiddenServices'] = {}
#######################################
# Relay config section
#######################################
#if true tor will act as a relay
default['tor']['relay']['enabled'] = false
#What port to advertise for incoming Tor connections
default['tor']['relay']['ORPort'] = '9001'
#The IP address or full DNS name for incoming connections to your relay.
default['tor']['relay']['Address'] = nil
#If you have multiple network interfaces, you can specify one for outgoing traffic to use
default['tor']['relay']['OutboundBindAddress'] = nil
#A handle for your relay, so people don't have to refer to it by key
default['tor']['relay']['Nickname'] = "IDidntEditTheConfig"
#Limit how much relayed traffic you will allow in kilobytes (not bits)
default['tor']['relay']['RelayBandwidthRate'] = nil
#Limit how much relayed traffic you will allow for bursts in kilobytes (not bits)
default['tor']['relay']['RelayBandwidthBurst'] = nil
#ContactInfo you can be reached at
#Example: "0xFFFFFFFF Random Person nobody AT example dot com"
default['tor']['relay']['ContactInfo'] = nil
#Sets the exit node policy for tor defaults to no exit
#Exampe: ['accept *:6660-6667','reject *:*'] # allow irc ports but no more
default['tor']['relay']['ExitPolicy'] = ['reject *:*']
#Set to 1 to run a bridge relay
default['tor']['relay']['BridgeRelay'] = 0
#Set to 0 to run a private bridge relay
default['tor']['relay']['PublishServerDescriptor'] = 1
#If true tor relay will server as a directory mirror
default['tor']['relay']['Directory'] = false
#"address:port" from which to mirror directory information
default['tor']['relay']['DirPort'] = "9030"
#If you run more than one tor node add keyids for other tor nodes
default['tor']['relay']['MyFamily'] = []

Recipes

tor-full::default

Installs Tor and enables Tor service. By default it will not open a socks proxy, offer a hidden service,
or act as a relay.

tor-full::relay

Installs Tor and configs Tor to be a relay. By default the relay will not be an exit or directory.
Make sure to read through the attributes section for relays above.

Examples

Open local socks port

The example role below opens a Tor socks proxy on port 9050 available to localhost only

name "torproxy"
run_list("recipe[tor-full]")
override_attributes(
  "tor" => {
    "SocksPorts" => ["127.0.0.1:9050"]
  }
)

Hidden service on port 80

The example role below serves a website on port 80 as a hidden service.

name "torservice"
run_list("recipe[tor-full]")
override_attributes(
  "tor" => {
    "hiddenServices" => {
      "hidden_web_service" => {
       "HiddenServicePorts" => ["80 127.0.0.1:8080"]
       #requests on port 80 are redirected to localhost port 8080
      }
    }
  }
)

Note: The tor-full recipe will write the hidden service's hostname to the attribute node.tor.hiddenServices.HIDDEN_SERVICE_NAME.hostname after node convergence.

Tor Relay

The node config below sets up a Tor relay. The relay is a directory and an exit
for IRC (ports 6660 & 6667).

{
  "run_list": [
    "recipe[tor-full::relay]"
  ],
  "tor": { 
    "relay": {
      "Address":"tor.icyego.com",
      "Nickname":"IcyEgo",
      "RelayBandwidthRate":"1000",
      "RelayBandwidthBurst":"1100",
      "ContactInfo":"ContactInfo 0x04FAC2E9CC21424A Richard Klafter <rpklafter@yahoo.com>",
      "Directory":true,
      "ExitPolicy":["accept *:6660-6667","reject *:*"]
    }
  }
}

Note: you can make recipe[tor-full] behave like recipe[tor-full::relay] by
setting the attribute tor.relay.enabled = true.

Dependent cookbooks

This cookbook has no specified dependencies.

Contingent cookbooks

There are no cookbooks that are contingent upon this one.

tor-full CHANGELOG

This file is used to list changes made in each version of the tor cookbook.

0.1.0

  • Richard Klafter - Initial release of tor-full

Foodcritic Metric
            

0.1.1 failed this metric

FC019: Access node attributes in a consistent manner: /tmp/cook/1100ef253c220c48043fc4c7/tor-full/recipes/default.rb:11
FC019: Access node attributes in a consistent manner: /tmp/cook/1100ef253c220c48043fc4c7/tor-full/recipes/default.rb:23
FC031: Cookbook without metadata file: /tmp/cook/1100ef253c220c48043fc4c7/tor-full/metadata.rb:1
FC045: Consider setting cookbook name in metadata: /tmp/cook/1100ef253c220c48043fc4c7/tor-full/metadata.rb:1