blob: f38781d27cce3cdaec25b241a6f91b3c2da21c3d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
- name: Installation du paquet Tor depuis le dépôt
yum: name=tor state=present
when: ansible_pkg_mgr == "yum"
- name: Installation du paquet Tor depuis le dépôt
dnf: name=tor state=present
when: ansible_pkg_mgr == "dnf"
- name: Installation de paquets optionnels depuis le dépôt
yum: name={{ item }} state=present
with_items:
- tor-arm
- proxychains
when: ansible_distribution == "Fedora" and ansible_pkg_mgr == "yum"
- name: Installation de paquets optionnels depuis le dépôt
dnf: name={{ item }} state=present
with_items:
- tor-arm
- proxychains
when: ansible_distribution == "Fedora" and ansible_pkg_mgr == "dnf"
- name: Configuration de proxychains
copy: src=proxychains.conf dest=/etc/proxychains.conf
mode=644
when: ansible_distribution == "Fedora"
- name: Création des répertoires de base
file: path=/usr/local/share/tor state=directory
- name: Installation de la page d'accueil html
copy: src=tor-exit-notice.html dest=/usr/local/share/tor/tor-exit-notice.html
mode=644
- name: Configuration du service
template: src=keys.j2 dest=/etc/tor/torrc
owner=root
group=root
mode=644
- name: Ouverture des ports Firewalld standards
firewalld: port={{ item[0] }} permanent={{ item[1] }} state=enabled
with_nested:
- [ '9001/tcp', '9030/tcp' ]
- [ 'true', 'false' ]
when: ansible_distribution == "Fedora" and is_public is defined
- name: Ouverture des ports Firewalld spéciaux
firewalld: service={{ item[0] }} permanent={{ item[1] }} state=enabled
with_nested:
- [ 'pop3', 'pop3s' ]
- [ 'true', 'false' ]
when: ansible_distribution == "Fedora" and is_gardian is defined
- name: Déploiement du module SELinux pour hidden_services
copy: src=tor-selinux-f22-policy-module.pp dest=/root/tor-selinux-f22-policy-module.pp
mode=644
when: ansible_distribution == "Fedora"
- name: Déploiement du module SELinux pour AVC dac error
copy: src=tor-dac-capabilities.pp dest=/root/tor-dac-capabilities.pp
mode=644
when: ansible_distribution == "Fedora"
- name: Déploiement du module SELinux pour hidden_services
copy: src=tor-selinux-centos6.6-policy-module.pp dest=/root/tor-selinux-centos6.6-policy-module.pp
mode=644
when: ansible_distribution == "CentOS"
- name: Configuration du booleen SELinux
seboolean: name=tor_can_network_relay state=yes persistent=yes
when: ansible_selinux.status != "disabled" and is_gardian is defined
- name: Activation et démarrage du relai Tor
service: name=tor state=started enabled=yes
|
