cookbook 'tor-full', '~> 0.2.0'
tor-full (3) Versions 0.2.0 Follow1
Installs/Configures tor
cookbook 'tor-full', '~> 0.2.0', :supermarket
knife supermarket install tor-full
knife supermarket download tor-full
Description
Installs Tor and optionally sets up a hidden service or configures as a relay
Requirements
Ohai and Chef:
- Ohai: 6.14.0+
This cookbook makes use of node['platform_family']
to simplify platform
selection logic. This attribute was introduced in Ohai v0.6.12.
Platform:
The following platform families are supported:
- Debian
- RHEL
- Fedora
Cookbooks:
- apt (for Debian installation)
- yum (for RHEL 5 installation)
Attributes
General config section
-
node['tor']['DataDirectory']
- The directory for keeping all the keys/etc -
node['tor']['MinLogLevel']
- The minimum log level to log. Possible values include debug, info, notice, warn, and err. -
node['tor']['LogDestination']
- Where logs should be written. Valid values include a path to a file or "syslog" -
node['tor']['SocksPorts']
- List of 'address:port' to open tor socks proxy on. Defaults to disabled
Hidden Services config section
-
node['tor']['HiddenServices']
- hidden services Tor should exposeruby # Example default['tor']['hiddenServices'] = { 'HIDDEN_SERVICE_NAME':{ 'HiddenServiceDir' => '/var/lib/tor/some_service/', #default is /var/lib/tor/HIDDEN_SERVICE_NAME/ 'HiddenServicePorts' => ['80 127.0.0.1:80'] #x y:z says to redirect requests on port x to the address y:z }
Relay config section
-
node['tor']['relay']['enabled']
- if true tor will act as a relay -
node['tor']['relay']['ORPort']
- What port to advertise for incoming Tor connections -
node['tor']['relay']['Address']
- The IP address or full DNS name for incoming connections to your relay -
node['tor']['relay']['OutboundBindAddress']
- If you have multiple network interfaces, you can specify one for outgoing traffic to use -
node['tor']['relay']['Nickname']
- A handle for your relay, so people don't have to refer to it by key -
node['tor']['relay']['RelayBandwidthRate']
- Limit how much relayed traffic you will allow in kilobytes (not bits) -
node['tor']['relay']['RelayBandwidthBurst']
- Limit how much relayed traffic you will allow for bursts in kilobytes (not bits) -
node['tor']['relay']['ContactInfo']
- ContactInfo you can be reached at- Example:
"0xFFFFFFFF Random Person nobody AT example dot com"
- Example:
-
node['tor']['relay']['ExitPolicy']
- Sets the exit node policy for tor defaults to no exit- Exampe:
['accept *:6660-6667','reject *:*'] # allow irc ports but no more
- Exampe:
-
node['tor']['relay']['BridgeRelay']
- Set to 1 to run a bridge relay -
node['tor']['relay']['PublishServerDescriptor']
- Set to 0 to run a private bridge relay -
node['tor']['relay']['Directory']
- If true tor relay will server as a directory mirror -
node['tor']['relay']['DirPort']
- "address:port" from which to mirror directory information -
node['tor']['relay']['DirPortFrontPage']
- If true a blob of html will be returned on your DirPort explaining Tor.- To send a custom HTML blob specify its full path, example
"/etc/tor/tor-exit-notice.html"
- To send a custom HTML blob specify its full path, example
-
node['tor']['relay']['MyFamily']
- If you run more than one tor node add keyids for other tor nodes
Recipes
tor-full::default
Installs Tor and enables Tor service. By default it will not open a socks proxy, offer a hidden service,
or act as a relay.
tor-full::relay
Installs Tor and configs Tor to be a relay. By default the relay will not be an exit or directory.
Make sure to read through the attributes section for relays above.
Usage
This cookbook primarily installs Tor core packages. It can also be
used to run a Tor relay or a hidden service.
To install tor client (all supported platforms):
include_recipe 'tor'
To install tor relay:
include_recipe "tor::relay"
Examples
Open local socks port
The example role below opens a Tor socks proxy on port 9050 available to localhost only
name "torproxy" run_list("recipe[tor-full]") override_attributes( "tor" => { "SocksPorts" => ["127.0.0.1:9050"] } )
Hidden service on port 80
The example role below serves a website on port 80 as a hidden service.
name "torservice" run_list("recipe[tor-full]") override_attributes( "tor" => { "hiddenServices" => { "hidden_web_service" => { "HiddenServicePorts" => ["80 127.0.0.1:8080"] #requests on port 80 are redirected to localhost port 8080 } } } )
Note: The tor-full
recipe will write the hidden service's hostname to the attribute node.tor.hiddenServices.HIDDEN_SERVICE_NAME.hostname
after node convergence.
Tor Relay
The node config below sets up a Tor relay. The relay is a directory and an exit
for IRC (ports 6660 & 6667).
{ "run_list": [ "recipe[tor-full::relay]" ], "tor": { "relay": { "Address":"tor.icyego.com", "Nickname":"IcyEgo", "RelayBandwidthRate":"1000", "RelayBandwidthBurst":"1100", "ContactInfo":"ContactInfo 0x04FAC2E9CC21424A Richard Klafter <rpklafter@yahoo.com>", "Directory":true, "ExitPolicy":["accept *:6660-6667","reject *:*"] } } }
Note: you can make recipe[tor-full]
behave like recipe[tor-full::relay]
by
setting the attribute tor.relay.enabled = true
.
License and Author
- Author:: Richard Klafter (rpklafter@yahoo.com)
- License:: MIT
Dependent cookbooks
apt >= 0.0.0 |
yum >= 0.0.0 |
Contingent cookbooks
There are no cookbooks that are contingent upon this one.
tor-full CHANGELOG
This file is used to list changes made in each version of the tor cookbook.
0.2.0
- Ben Chrobot
- Updated Readme
- Tor now installed from TorProject.org repository
- Added BATS test suite
0.1.0
- Richard Klafter - Initial release of tor-full
Collaborator Number Metric
0.2.0 failed this metric
Failure: Cookbook has 0 collaborators. A cookbook must have at least 2 collaborators to pass this metric.
Contributing File Metric
0.2.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.2.0 passed this metric
No Binaries Metric
0.2.0 passed this metric
Testing File Metric
0.2.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.2.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.2.0 failed this metric
0.2.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a CONTRIBUTING.md file
Foodcritic Metric
0.2.0 passed this metric
No Binaries Metric
0.2.0 passed this metric
Testing File Metric
0.2.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.2.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.2.0 passed this metric
0.2.0 passed this metric
Testing File Metric
0.2.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must contain a TESTING.md file
Version Tag Metric
0.2.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number
0.2.0 failed this metric
0.2.0 failed this metric
Failure: To pass this metric, your cookbook metadata must include a source url, the source url must be in the form of https://github.com/user/repo, and your repo must include a tag that matches this cookbook version number