switched to roles

- all tasks/* have been moved to their own roles in roles/* - each file && template is now oragnized per-role - annotated each task which still isn't idempotent !TODO!
2025-10-15 21:50:09 +00:00 · 2023-01-14 17:26:17 -06:00
parent d435ab80ac
commit abaa4c9639
23 changed files with 33 additions and 24 deletions
--- a/roles/tor/tasks/main.yml
+++ b/roles/tor/tasks/main.yml
@@ -0,0 +1,30 @@
+---
+- name: Install torrc
+  template:
+    src: torrc
+    dest: /etc/tor/torrc
+    owner: root
+    group: root
+    mode: u=rw,g=r,o=r
+
+- name: Create Tor HS directory
+  file:
+    path: /var/lib/tor/{{ domain }}
+    state: directory
+    owner: debian-tor
+    group: debian-tor
+    mode: u=rwx,g=,o=
+
+- name: Set Tor HS keys
+  copy:
+    src: secrets/hs_ed25519_secret_key
+    dest: /var/lib/tor/{{ domain }}/hs_ed25519_secret_key
+    owner: debian-tor
+    group: debian-tor
+    mode: u=rw,g=,o=
+
+- name: Enable Tor Service
+  systemd:
+    name: tor
+    enabled: yes
+    state: started
--- a/roles/tor/templates/torrc
+++ b/roles/tor/templates/torrc
@@ -0,0 +1,2 @@
+HiddenServiceDir /var/lib/tor/{{ domain }}
+HiddenServicePort 80 127.0.0.1:2171