[MediaWiki-commits] [Gerrit] tor: pass hashed_control_password as a class variable - change (operations/puppet)

Faidon Liambotis (Code Review) Fri, 18 Dec 2015 07:14:36 -0800

Faidon Liambotis has submitted this change and it was merged.

Change subject: tor: pass hashed_control_password as a class variable
......................................................................



tor: pass hashed_control_password as a class variable

Do not lookup from passwords directly from the tor module, but pass it
down from the role class instead.

Change-Id: I8916d697271c26fdf8720302f1f914f323cf1153
---
M manifests/role/tor.pp
M modules/tor/manifests/init.pp
M modules/tor/templates/torrc.erb
3 files changed, 11 insertions(+), 8 deletions(-)

Approvals:
  Faidon Liambotis: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/manifests/role/tor.pp b/manifests/role/tor.pp
index 781b040..28e5384 100644
--- a/manifests/role/tor.pp
+++ b/manifests/role/tor.pp
@@ -5,15 +5,17 @@
     }
 
     include passwords::tor
+    $controlpassword = $passwords::tor::hashed_control_password
 
     class { '::tor':
-        tor_controlport => '9051',
-        tor_orport      => '443',
-        tor_dirport     => '80',
-        tor_address     => 'tor-eqiad-1.wikimedia.org',
-        tor_nickname    => 'wikimediaeqiad1',
-        tor_contact     => '[email protected]',
-        tor_exit_policy => 'reject *:*', # no exits allowed
+        tor_controlport     => '9051',
+        tor_controlpassword => $controlpassword,
+        tor_orport          => '443',
+        tor_dirport         => '80',
+        tor_address         => 'tor-eqiad-1.wikimedia.org',
+        tor_nickname        => 'wikimediaeqiad1',
+        tor_contact         => '[email protected]',
+        tor_exit_policy     => 'reject *:*', # no exits allowed
     }
 
     # actual Tor port where clients connect, public
diff --git a/modules/tor/manifests/init.pp b/modules/tor/manifests/init.pp
index 2c6cc00..c81230f 100644
--- a/modules/tor/manifests/init.pp
+++ b/modules/tor/manifests/init.pp
@@ -3,6 +3,7 @@
     $tor_address,
     $tor_nickname,
     $tor_contact,
+    $tor_controlpassword,
     $tor_controlport = '9051',
     $tor_orport = '443', # use 9001 if in use
     $tor_dirport = '80', # use 9030 if in use
diff --git a/modules/tor/templates/torrc.erb b/modules/tor/templates/torrc.erb
index 93d70c1..a51a85a 100644
--- a/modules/tor/templates/torrc.erb
+++ b/modules/tor/templates/torrc.erb
@@ -12,7 +12,7 @@
 ControlPort <%= @tor_controlport %>
 
 ## password for connections on the control port, generate hash with 'tor 
--hash-password'
-HashedControlPassword <%= 
scope.lookupvar('passwords::tor::hashed_control_password') %>
+HashedControlPassword <%= @tor_controlpassword %>
 
 ## port for incoming Tor connections
 ORPort <%= @tor_orport %>

-- 
To view, visit https://gerrit.wikimedia.org/r/260011
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I8916d697271c26fdf8720302f1f914f323cf1153
Gerrit-PatchSet: 1
Gerrit-Project: operations/puppet
Gerrit-Branch: production
Gerrit-Owner: Faidon Liambotis <[email protected]>
Gerrit-Reviewer: Faidon Liambotis <[email protected]>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] tor: pass hashed_control_password as a class variable - change (operations/puppet)

Reply via email to