diff --git a/.kitchen.yml b/.kitchen.yml index febedaa..cf59ada 100644 --- a/.kitchen.yml +++ b/.kitchen.yml @@ -99,6 +99,17 @@ suites: - ["private_network", {ip: "198.51.100.14"}] provisioner: playbook: "test/integration/default/6publicIPs-dedicatedExitIP-2instPerIP-exit-node.yml" + - name: t-exit-dirport0-6publicIPs-dedicatedExitIP-2instPerIP + driver: + network: + - ["private_network", {ip: "192.0.2.10"}] + - ["private_network", {ip: "198.51.100.10"}] + - ["private_network", {ip: "198.51.100.11"}] + - ["private_network", {ip: "198.51.100.12"}] + - ["private_network", {ip: "198.51.100.13"}] + - ["private_network", {ip: "198.51.100.14"}] + provisioner: + playbook: "test/integration/default/dirport0-6publicIPs-dedicatedExitIP-2instPerIP-exit-node.yml" - name: t-exit-6publicIPs-dedicatedExitIP-singleInstPerIP driver: network: diff --git a/templates/torrc b/templates/torrc index 5fa12f9..9594ed0 100644 --- a/templates/torrc +++ b/templates/torrc @@ -58,9 +58,11 @@ ExitRelay 1 {% if item.0.ipv6 != "" and item.0.ipv6 != "False" and tor_IPv6 == True and tor_IPv6Exit == True %} IPv6Exit 1 {% if tor_dedicatedExitIP != True %} +{% if item.1.dirport != 0 %} DirPort [{{ item.0.ipv6 }}]:{{ item.1.dirport }} NoAdvertise {% endif %} {% endif %} +{% endif %} {% if tor_ExitNoticePage == True and tor_config.DirPortFrontPage is not defined %} DirPortFrontPage {{ tor_ConfDir }}/tor-exit-notice.html {% endif %} @@ -69,22 +71,30 @@ DirPortFrontPage {{ tor_ConfDir }}/tor-exit-notice.html {% if tor_available_public_ipv4s|length >= tor_maxPublicIPs*2 %} {% if tor_ports|length == 2 %} OutboundBindAddressExit {{ tor_available_public_ipv4s[(loop_idx/2)|round(0,'floor')|int + tor_maxPublicIPs]}} +{% if item.1.dirport != 0 %} DirPort {{ tor_available_public_ipv4s[(loop_idx/2)|round(0,'floor')|int + tor_maxPublicIPs]}}:{{ item.1.dirport }} NoAdvertise +{% endif %} {% elif tor_ports|length == 1 %} OutboundBindAddressExit {{ tor_available_public_ipv4s[loop_idx + tor_maxPublicIPs]}} +{% if item.1.dirport != 0 %} DirPort {{ tor_available_public_ipv4s[loop_idx + tor_maxPublicIPs]}}:{{ item.1.dirport }} NoAdvertise {% endif %} {% endif %} +{% endif %} {% if tor_available_public_ipv6s|length >= tor_maxPublicIPs*2 and tor_IPv6 == True and tor_IPv6Exit == True %} {% if tor_ports|length == 2 %} OutboundBindAddressExit [{{ tor_available_public_ipv6s[(loop_idx/2)|round(0,'floor')|int + tor_maxPublicIPs]}}] +{% if item.1.dirport != 0 %} DirPort [{{ tor_available_public_ipv6s[(loop_idx/2)|round(0,'floor')|int + tor_maxPublicIPs]}}]:{{ item.1.dirport }} NoAdvertise +{% endif %} {% elif tor_ports|length == 1 %} OutboundBindAddressExit [{{ tor_available_public_ipv6s[loop_idx + tor_maxPublicIPs]}}] +{% if item.1.dirport != 0 %} DirPort [{{ tor_available_public_ipv6s[loop_idx + tor_maxPublicIPs]}}]:{{ item.1.dirport }} NoAdvertise {% endif %} {% endif %} {% endif %} +{% endif %} {% if tor_ExitPolicy_file is defined and (lookup('csvfile', inventory_hostname~'-'~item.0.ipv4~'_'~item.1.orport~' file='~tor_ExitPolicy_file~' delimiter=;') != []) %} ExitPolicy {{ lookup('csvfile', inventory_hostname~'-'~item.0.ipv4~'_'~item.1.orport~' file='~tor_ExitPolicy_file~' delimiter=;') }} diff --git a/test/integration/default/dirport0-6publicIPs-dedicatedExitIP-2instPerIP-exit-node.yml b/test/integration/default/dirport0-6publicIPs-dedicatedExitIP-2instPerIP-exit-node.yml new file mode 100644 index 0000000..84824f6 --- /dev/null +++ b/test/integration/default/dirport0-6publicIPs-dedicatedExitIP-2instPerIP-exit-node.yml @@ -0,0 +1,19 @@ +--- +- hosts: all + vars: + tor_maxPublicIPs: 3 + tor_dedicatedExitIP: True + tor_ExitRelay: True + tor_apt_update_cache: no + tor_ContactInfo: "ansible-relayor test-kitchen (you should never see this on a public relay) https://github.com/nusenu/ansible-relayor" + tor_ExitRelay: True + tor_ports: + - orport: 9000 + dirport: 0 + - orport: 9100 + dirport: 0 + tor_config: + DisableNetwork: 1 + PublishServerDescriptor: 0 + roles: + - "{{ playbook_dir | regex_replace('test/integration/default$') }}"