summaryrefslogtreecommitdiffstats
path: root/roles/torrelay/templates/torrc.j2
blob: fafce1fe1c9078327721ceb27c511e23baffd964 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72

Log notice file /var/log/tor/notices.log
Log warn file /var/log/tor/warnings.log
ControlPort 9051
HashedControlPassword {{ controlpasswd }}


HiddenServiceDir /var/lib/tor/hidden_service1/
HiddenServicePort 22 127.0.0.1:22
HiddenServicePort 54444 127.0.0.1:54444
HiddenServicePort 9090 127.0.0.1:9090
HiddenServicePort 80 127.0.0.1:4433
HiddenServicePort 5222 127.0.0.1:5222


{% if mtadomain is defined %}
HiddenServicePort 143 127.0.0.1:143
HiddenServicePort 993 127.0.0.1:993
HiddenServicePort 25 127.0.0.1:25
HiddenServicePort 587 127.0.0.1:587
{% endif %}


{% if hiddenservices is defined %}
{% for service in hiddenservices %}
HiddenServiceDir /var/lib/tor/hidden_service{{ service.number }}/
HiddenServicePort {{ service.port }} {{ service.host }}
{% endfor %}
{% endif %}


{% if orport is defined and dirport is defined %}
ORPort {{ orport }}
ORPort {{ ansible_default_ipv6.address }}:{{ orport }}
DirPort {{ dirport }}
{% elif orport is defined and dirport is not defined %}
ORPort {{ orport }}
ORPort {{ ansible_default_ipv6.address }}:{{ orport }}
BridgeRelay 1
{% endif %}


{% if nickname is defined %}
{% if tor_address is defined %}
Address {{ tor_address }}
{% endif %}
Nickname {{ nickname }}
RelayBandwidthRate {{ bprate }}
RelayBandwidthBurst {{ bpburst }}
{% if maxadvertised is defined %}
MaxAdvertisedBandwidth {{ maxadvertised }}
{% endif %}
ContactInfo {{ contactinfo }}
DirPortFrontPage /usr/local/share/tor/tor-exit-notice.html
{% endif %}


MyFamily {% for item in fingerprints %}${{ item }}, {% endfor %}


{% if is_exit is defined %}
ExitRelay 1
# # Exit policy for Web Browsing (only)
# # See https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy
ExitPolicy accept *:53                     # DNS
ExitPolicy accept 157.240.0.0/16:80        # HTTP - Facebook, Inc. (THEFA-3)
ExitPolicy accept [2a03:2880::/29]:80      # HTTP - IE-FACEBOOK-201100822 Facebook Ireland Ltd
ExitPolicy accept 157.240.0.0/16:443       # HTTPS - Facebook, Inc. (THEFA-3)
ExitPolicy accept [2a03:2880::/29]:443     # HTTPS - IE-FACEBOOK-201100822 Facebook Ireland Ltd
ExitPolicy reject *:*
{% else %}
ExitPolicy reject *:*
{% endif %}
generated by cgit (git 2.34.1) at 2024-06-19 16:16:22 +0000