Remove is_ host variable in torrelay role

author: Matthieu Saulnier <fantom@fedoraproject.org> 2018-12-02 21:46:22 +0100
committer: Matthieu Saulnier <fantom@fedoraproject.org> 2018-12-02 21:46:22 +0100
commit: dfcfdfcd85a483caeb786a80dee46dc2157c3967 (patch)
tree: 04daef7b139d03da1e44970ae6d8fda08f424820
parent: 2c5927e9692f771eda8ba29e2a310fc2974485b0 (diff)
download: playbooks-ansible-dfcfdfcd85a483caeb786a80dee46dc2157c3967.tar.gz
playbooks-ansible-dfcfdfcd85a483caeb786a80dee46dc2157c3967.tar.xz
playbooks-ansible-dfcfdfcd85a483caeb786a80dee46dc2157c3967.zip
20 files changed, 90 insertions, 54 deletions
diff --git a/.gitignore b/.gitignore
index a146b72..8846e89 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,4 @@
 roles/dnsserver/vars/keys.yml
-roles/torrelay/templates/keys.j2
 roles/torrelay/vars/email.yml
 roles/torrelay/vars/keys.yml
 roles/mtaserver/files/virtual
diff --git a/host_vars/109.238.2.79 b/host_vars/109.238.2.79
index 619d48a..6b0ac1a 100644
--- a/host_vars/109.238.2.79
+++ b/host_vars/109.238.2.79
@@ -1,5 +1,8 @@
+# torrelay
 nickname: Casper02
-is_gardian: true
-bprate: '1 MBytes'
-bpburst: '2 MBytes'
+orport: 995
+dirport: 110
+bprate: '2 MBytes'
+bpburst: '3 MBytes'
+maxadvertised: '1 MBytes'
 is_ntpslave: true
diff --git a/host_vars/163.172.211.128 b/host_vars/163.172.211.128
index 3dff56b..a2964f6 100644
--- a/host_vars/163.172.211.128
+++ b/host_vars/163.172.211.128
@@ -1,5 +1,7 @@
+# torrelay
 nickname: Casper05
-is_gardian: true
+orport: 995
+dirport: 110
 bprate: '6 MBytes'
 bpburst: '7 MBytes'
 maxadvertised: '5 MBytes'
diff --git a/host_vars/176.31.191.26 b/host_vars/176.31.191.26
index 93236c8..43e29bb 100644
--- a/host_vars/176.31.191.26
+++ b/host_vars/176.31.191.26
@@ -1,7 +1,8 @@
+# torrelay
 nickname: Casper03
-is_gardian: true
+orport: 995
+dirport: 110
 bprate: '6 MBytes'
 bpburst: '7 MBytes'
 maxadvertised: '5 MBytes'
 is_ntpslave: true
-
diff --git a/host_vars/192.168.0.25 b/host_vars/192.168.0.25
index ee1c22c..873d8fa 100644
--- a/host_vars/192.168.0.25
+++ b/host_vars/192.168.0.25
@@ -1,8 +1,8 @@
 is_dnsmaster: true
 is_ntpmaster: true
-is_bridge: true
 is_mtamaster: true
 # torrelay
+orport: 995
 hiddenservices:
   - { number: 2, port: 80, host: "127.0.0.1:4433" }
   - { number: 3, port: 80, host: "127.0.0.1:4433" }
diff --git a/host_vars/51.15.179.153 b/host_vars/51.15.179.153
index 3833caa..6b6397d 100644
--- a/host_vars/51.15.179.153
+++ b/host_vars/51.15.179.153
@@ -1,5 +1,7 @@
+# torrelay
 nickname: Casper04
-is_gardian: true
+orport: 995
+dirport: 110
 bprate: '6 MBytes'
 bpburst: '7 MBytes'
 maxadvertised: '5 MBytes'
diff --git a/host_vars/bpr7drsao5vozzr5.onion b/host_vars/bpr7drsao5vozzr5.onion
index 3833caa..6b6397d 100644
--- a/host_vars/bpr7drsao5vozzr5.onion
+++ b/host_vars/bpr7drsao5vozzr5.onion
@@ -1,5 +1,7 @@
+# torrelay
 nickname: Casper04
-is_gardian: true
+orport: 995
+dirport: 110
 bprate: '6 MBytes'
 bpburst: '7 MBytes'
 maxadvertised: '5 MBytes'
diff --git a/host_vars/d72vewh3wa4lwpaj.onion b/host_vars/d72vewh3wa4lwpaj.onion
index ee1c22c..873d8fa 100644
--- a/host_vars/d72vewh3wa4lwpaj.onion
+++ b/host_vars/d72vewh3wa4lwpaj.onion
@@ -1,8 +1,8 @@
 is_dnsmaster: true
 is_ntpmaster: true
-is_bridge: true
 is_mtamaster: true
 # torrelay
+orport: 995
 hiddenservices:
   - { number: 2, port: 80, host: "127.0.0.1:4433" }
   - { number: 3, port: 80, host: "127.0.0.1:4433" }
diff --git a/host_vars/gfuzfrkr6mg47ktw.onion b/host_vars/gfuzfrkr6mg47ktw.onion
index 93236c8..43e29bb 100644
--- a/host_vars/gfuzfrkr6mg47ktw.onion
+++ b/host_vars/gfuzfrkr6mg47ktw.onion
@@ -1,7 +1,8 @@
+# torrelay
 nickname: Casper03
-is_gardian: true
+orport: 995
+dirport: 110
 bprate: '6 MBytes'
 bpburst: '7 MBytes'
 maxadvertised: '5 MBytes'
 is_ntpslave: true
-
diff --git a/host_vars/manchester.casperlefantom.net b/host_vars/manchester.casperlefantom.net
index ee1c22c..873d8fa 100644
--- a/host_vars/manchester.casperlefantom.net
+++ b/host_vars/manchester.casperlefantom.net
@@ -1,8 +1,8 @@
 is_dnsmaster: true
 is_ntpmaster: true
-is_bridge: true
 is_mtamaster: true
 # torrelay
+orport: 995
 hiddenservices:
   - { number: 2, port: 80, host: "127.0.0.1:4433" }
   - { number: 3, port: 80, host: "127.0.0.1:4433" }
diff --git a/host_vars/manchester.home.casperlefantom.net b/host_vars/manchester.home.casperlefantom.net
index ee1c22c..873d8fa 100644
--- a/host_vars/manchester.home.casperlefantom.net
+++ b/host_vars/manchester.home.casperlefantom.net
@@ -1,8 +1,8 @@
 is_dnsmaster: true
 is_ntpmaster: true
-is_bridge: true
 is_mtamaster: true
 # torrelay
+orport: 995
 hiddenservices:
   - { number: 2, port: 80, host: "127.0.0.1:4433" }
   - { number: 3, port: 80, host: "127.0.0.1:4433" }
diff --git a/host_vars/ns2.casperlefantom.net b/host_vars/ns2.casperlefantom.net
index 619d48a..6b0ac1a 100644
--- a/host_vars/ns2.casperlefantom.net
+++ b/host_vars/ns2.casperlefantom.net
@@ -1,5 +1,8 @@
+# torrelay
 nickname: Casper02
-is_gardian: true
-bprate: '1 MBytes'
-bpburst: '2 MBytes'
+orport: 995
+dirport: 110
+bprate: '2 MBytes'
+bpburst: '3 MBytes'
+maxadvertised: '1 MBytes'
 is_ntpslave: true
diff --git a/host_vars/ns3.casperlefantom.net b/host_vars/ns3.casperlefantom.net
index 93236c8..43e29bb 100644
--- a/host_vars/ns3.casperlefantom.net
+++ b/host_vars/ns3.casperlefantom.net
@@ -1,7 +1,8 @@
+# torrelay
 nickname: Casper03
-is_gardian: true
+orport: 995
+dirport: 110
 bprate: '6 MBytes'
 bpburst: '7 MBytes'
 maxadvertised: '5 MBytes'
 is_ntpslave: true
-
diff --git a/host_vars/ns4.casperlefantom.net b/host_vars/ns4.casperlefantom.net
index 3833caa..6b6397d 100644
--- a/host_vars/ns4.casperlefantom.net
+++ b/host_vars/ns4.casperlefantom.net
@@ -1,5 +1,7 @@
+# torrelay
 nickname: Casper04
-is_gardian: true
+orport: 995
+dirport: 110
 bprate: '6 MBytes'
 bpburst: '7 MBytes'
 maxadvertised: '5 MBytes'
diff --git a/host_vars/ns5.casperlefantom.net b/host_vars/ns5.casperlefantom.net
index 3dff56b..a2964f6 100644
--- a/host_vars/ns5.casperlefantom.net
+++ b/host_vars/ns5.casperlefantom.net
@@ -1,5 +1,7 @@
+# torrelay
 nickname: Casper05
-is_gardian: true
+orport: 995
+dirport: 110
 bprate: '6 MBytes'
 bpburst: '7 MBytes'
 maxadvertised: '5 MBytes'
diff --git a/host_vars/qunkjql4sgxnb6vr.onion b/host_vars/qunkjql4sgxnb6vr.onion
index 619d48a..6b0ac1a 100644
--- a/host_vars/qunkjql4sgxnb6vr.onion
+++ b/host_vars/qunkjql4sgxnb6vr.onion
@@ -1,5 +1,8 @@
+# torrelay
 nickname: Casper02
-is_gardian: true
-bprate: '1 MBytes'
-bpburst: '2 MBytes'
+orport: 995
+dirport: 110
+bprate: '2 MBytes'
+bpburst: '3 MBytes'
+maxadvertised: '1 MBytes'
 is_ntpslave: true
diff --git a/host_vars/wuvphkytdeukbrqm.onion b/host_vars/wuvphkytdeukbrqm.onion
index 3dff56b..a2964f6 100644
--- a/host_vars/wuvphkytdeukbrqm.onion
+++ b/host_vars/wuvphkytdeukbrqm.onion
@@ -1,5 +1,7 @@
+# torrelay
 nickname: Casper05
-is_gardian: true
+orport: 995
+dirport: 110
 bprate: '6 MBytes'
 bpburst: '7 MBytes'
 maxadvertised: '5 MBytes'
diff --git a/roles/torrelay/tasks/fw.yml b/roles/torrelay/tasks/fw.yml
index 590f0bd..66b16b5 100644
--- a/roles/torrelay/tasks/fw.yml
+++ b/roles/torrelay/tasks/fw.yml
@@ -1,19 +1,43 @@
-- name: Ouverture des ports Firewalld standards
+- name: Ouverture du port ORPort
   firewalld:
-    port: "{{ item[0] }}"
-    permanent: "{{ item[1] }}"
+    port: "{{ orport }}"
+    permanent: "{{ item }}"
     state: enabled
-  with_nested:
-    - [ '9001/tcp', '9030/tcp' ]
-    - [ 'true', 'false' ]
-  when: is_public is defined
+  with_items:
+    - "true"
+    - "false"
+  when: orport is defined and orport != httpsport
+        and orport != pop3sport
 
-- name: Ouverture des ports Firewalld spéciaux
+- name: Ouverture du port ORPort
+  firewalld: 
+    service: "pop3s"
+    permanent: "{{ item }}"
+    state: enabled
+  with_items:
+    - "true"
+    - "false"
+  when: orport is defined and orport != httpsport
+        and orport == pop3sport
+
+- name: Ouverture du port DIRPort
+  firewalld:
+    port: "{{ dirport }}"
+    permanent: "{{ item }}"
+    state: enabled
+  with_items:
+    - "true"
+    - "false"
+  when: dirport is defined and dirport != httpport
+        and dirport != pop3port
+
+- name: Ouverture du port DIRPort
   firewalld:
-    service: "{{ item[0] }}"
-    permanent: "{{ item[1] }}"
+    service: "pop3"
+    permanent: "{{ item }}"
     state: enabled
-  with_nested:
-    - [ 'pop3', 'pop3s' ]
-    - [ 'true', 'false' ]
-  when: is_gardian is defined
+  with_items:
+    - "true"
+    - "false"
+  when: dirport is defined and dirport != httpport
+        and dirport == pop3port
diff --git a/roles/torrelay/templates/torrc.j2 b/roles/torrelay/templates/torrc.j2
index 482ee1f..e32760c 100644
--- a/roles/torrelay/templates/torrc.j2
+++ b/roles/torrelay/templates/torrc.j2
@@ -27,20 +27,11 @@ HiddenServicePort {{ service.port }} {{ service.host }}
 {% endif %}
 
 
-{% if is_public is defined %}
+{% if orport is defined and dirport is defined %}
 ORPort {{ orport }}
 DirPort {{ dirport }}
-{% endif %}
-
-
-{% if is_gardian is defined %}
-ORPort {{ pop3sport }}
-DirPort {{ pop3port }}
-{% endif %}
-
-
-{% if is_bridge is defined %}
-ORPort {{ pop3sport }}
+{% elif orport is defined and dirport is not defined %}
+ORPort {{ orport }}
 BridgeRelay 1
 {% endif %}
 
diff --git a/roles/torrelay/vars/main.yml b/roles/torrelay/vars/main.yml
index 9f5db23..e378dfd 100644
--- a/roles/torrelay/vars/main.yml
+++ b/roles/torrelay/vars/main.yml
@@ -1,5 +1,3 @@
-orport: 9001
-dirport: 9030
 fingerprints:
   - 7350AB9ED7568F22745198359373C04AC783C37C
   - 7520892E3DD133D0B0464D01A158B54B8E2A8B75
author	Matthieu Saulnier <fantom@fedoraproject.org>	2018-12-02 21:46:22 +0100
committer	Matthieu Saulnier <fantom@fedoraproject.org>	2018-12-02 21:46:22 +0100
commit	dfcfdfcd85a483caeb786a80dee46dc2157c3967 (patch)
tree	04daef7b139d03da1e44970ae6d8fda08f424820
parent	2c5927e9692f771eda8ba29e2a310fc2974485b0 (diff)
download	playbooks-ansible-dfcfdfcd85a483caeb786a80dee46dc2157c3967.tar.gz playbooks-ansible-dfcfdfcd85a483caeb786a80dee46dc2157c3967.tar.xz playbooks-ansible-dfcfdfcd85a483caeb786a80dee46dc2157c3967.zip