Add transmission-daemon as a peer in proxy role

12 files changed, 43 insertions, 0 deletions

diff --git a/host_vars/163.172.211.128 b/host_vars/163.172.211.128
index 58fb49b..9dd5392 100644
--- a/host_vars/163.172.211.128
+++ b/host_vars/163.172.211.128
@@ -18,3 +18,5 @@ revport: 4435
 revports: 4433
 peers:
   - [ '9090', 'cockpit', 'vhost_cockpit', 'nse.admin.casperlefantom.net', '127.0.0.1', 'no' ]
+# bittorrent
+btname: bt3
diff --git a/host_vars/192.168.0.25 b/host_vars/192.168.0.25
index 1f4994c..c1d3ec9 100644
--- a/host_vars/192.168.0.25
+++ b/host_vars/192.168.0.25
@@ -43,6 +43,7 @@ peers:
   - [ '8086', 'onion2', 'vhost_onion2', 'lfa3azuyprfdawxf.onion', '127.0.0.1', 'yes' ]
   - [ '8088', 'jays-site', 'vhost_jays-site', 'jaysfoodventure.com www.jaysfoodventure.com admin.jaysfoodventure.com', '127.0.0.1', 'yes' ]
 # bittorrent
+btname: bt1
 downspeed: 400
 upspeed: 40
 altdownspeed: 0
diff --git a/host_vars/51.15.179.153 b/host_vars/51.15.179.153
index b9c2cf9..1f1f58c 100644
--- a/host_vars/51.15.179.153
+++ b/host_vars/51.15.179.153
@@ -22,3 +22,5 @@ revport: 4435
 revports: 4433
 peers:
   - [ '9090', 'cockpit', 'vhost_cockpit', 'nsd.admin.casperlefantom.net', '127.0.0.1', 'no' ]
+# bittorrent
+btname: bt2
diff --git a/host_vars/bpr7drsao5vozzr5.onion b/host_vars/bpr7drsao5vozzr5.onion
index b9c2cf9..1f1f58c 100644
--- a/host_vars/bpr7drsao5vozzr5.onion
+++ b/host_vars/bpr7drsao5vozzr5.onion
@@ -22,3 +22,5 @@ revport: 4435
 revports: 4433
 peers:
   - [ '9090', 'cockpit', 'vhost_cockpit', 'nsd.admin.casperlefantom.net', '127.0.0.1', 'no' ]
+# bittorrent
+btname: bt2
diff --git a/host_vars/d72vewh3wa4lwpaj.onion b/host_vars/d72vewh3wa4lwpaj.onion
index 1f4994c..c1d3ec9 100644
--- a/host_vars/d72vewh3wa4lwpaj.onion
+++ b/host_vars/d72vewh3wa4lwpaj.onion
@@ -43,6 +43,7 @@ peers:
   - [ '8086', 'onion2', 'vhost_onion2', 'lfa3azuyprfdawxf.onion', '127.0.0.1', 'yes' ]
   - [ '8088', 'jays-site', 'vhost_jays-site', 'jaysfoodventure.com www.jaysfoodventure.com admin.jaysfoodventure.com', '127.0.0.1', 'yes' ]
 # bittorrent
+btname: bt1
 downspeed: 400
 upspeed: 40
 altdownspeed: 0
diff --git a/host_vars/manchester.casperlefantom.net b/host_vars/manchester.casperlefantom.net
index 1f4994c..c1d3ec9 100644
--- a/host_vars/manchester.casperlefantom.net
+++ b/host_vars/manchester.casperlefantom.net
@@ -43,6 +43,7 @@ peers:
   - [ '8086', 'onion2', 'vhost_onion2', 'lfa3azuyprfdawxf.onion', '127.0.0.1', 'yes' ]
   - [ '8088', 'jays-site', 'vhost_jays-site', 'jaysfoodventure.com www.jaysfoodventure.com admin.jaysfoodventure.com', '127.0.0.1', 'yes' ]
 # bittorrent
+btname: bt1
 downspeed: 400
 upspeed: 40
 altdownspeed: 0
diff --git a/host_vars/manchester.home.casperlefantom.net b/host_vars/manchester.home.casperlefantom.net
index 1f4994c..c1d3ec9 100644
--- a/host_vars/manchester.home.casperlefantom.net
+++ b/host_vars/manchester.home.casperlefantom.net
@@ -43,6 +43,7 @@ peers:
   - [ '8086', 'onion2', 'vhost_onion2', 'lfa3azuyprfdawxf.onion', '127.0.0.1', 'yes' ]
   - [ '8088', 'jays-site', 'vhost_jays-site', 'jaysfoodventure.com www.jaysfoodventure.com admin.jaysfoodventure.com', '127.0.0.1', 'yes' ]
 # bittorrent
+btname: bt1
 downspeed: 400
 upspeed: 40
 altdownspeed: 0
diff --git a/host_vars/ns4.casperlefantom.net b/host_vars/ns4.casperlefantom.net
index b9c2cf9..1f1f58c 100644
--- a/host_vars/ns4.casperlefantom.net
+++ b/host_vars/ns4.casperlefantom.net
@@ -22,3 +22,5 @@ revport: 4435
 revports: 4433
 peers:
   - [ '9090', 'cockpit', 'vhost_cockpit', 'nsd.admin.casperlefantom.net', '127.0.0.1', 'no' ]
+# bittorrent
+btname: bt2
diff --git a/host_vars/ns5.casperlefantom.net b/host_vars/ns5.casperlefantom.net
index 58fb49b..9dd5392 100644
--- a/host_vars/ns5.casperlefantom.net
+++ b/host_vars/ns5.casperlefantom.net
@@ -18,3 +18,5 @@ revport: 4435
 revports: 4433
 peers:
   - [ '9090', 'cockpit', 'vhost_cockpit', 'nse.admin.casperlefantom.net', '127.0.0.1', 'no' ]
+# bittorrent
+btname: bt3
diff --git a/host_vars/wuvphkytdeukbrqm.onion b/host_vars/wuvphkytdeukbrqm.onion
index 58fb49b..9dd5392 100644
--- a/host_vars/wuvphkytdeukbrqm.onion
+++ b/host_vars/wuvphkytdeukbrqm.onion
@@ -18,3 +18,5 @@ revport: 4435
 revports: 4433
 peers:
   - [ '9090', 'cockpit', 'vhost_cockpit', 'nse.admin.casperlefantom.net', '127.0.0.1', 'no' ]
+# bittorrent
+btname: bt3
diff --git a/roles/proxy/tasks/config.yml b/roles/proxy/tasks/config.yml
index 38096b5..a933e00 100644
--- a/roles/proxy/tasks/config.yml
+++ b/roles/proxy/tasks/config.yml
@@ -83,3 +83,13 @@
     src: "/etc/pki/tls/private/{{ maindomain }}.{{ crtversion }}.key"
     dest: /etc/pki/tls/private/casperlefantom.1.key
     state: link
+
+- name: Installation du htpasswd pour bittorrent
+  copy:
+    src: certs/htpasswd.bin
+    dest: /etc/squid/htpasswd.bin
+    owner: root
+    group: root
+    mode: 0444
+  when: btname is defined
+  notify: restart squid
diff --git a/roles/proxy/templates/squid.conf.j2 b/roles/proxy/templates/squid.conf.j2
index dbd54cc..e1a7975 100644
--- a/roles/proxy/templates/squid.conf.j2
+++ b/roles/proxy/templates/squid.conf.j2
@@ -44,6 +44,23 @@ http_access allow {{ peer.2 }}
 
 {% endfor %}
 
+
+{% if btname is defined %}
+auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/htpasswd.bin
+auth_param basic children 10
+auth_param basic realm Transmission-daemon on {{ btname }} server
+auth_param basic credentialsttl 24 hours
+
+cache_peer 127.0.0.1 parent 9091 0 no-query originserver no-digest name=bt
+acl systemusers proxy_auth REQUIRED
+acl users proxy_auth {{ btuser }}
+acl vhost_bt dstdomain {{ btname }}.admin.casperlefantom.net
+cache_peer_access bt allow vhost_bt
+http_access allow vhost_bt systemusers users
+{% endif %}
+
+
+
 # remove headers
 reply_header_access Allow allow all
 reply_header_access WWW-Authenticate allow all