forked from ops/terraform-provider-tor
79 lines
2 KiB
HCL
79 lines
2 KiB
HCL
terraform {
|
|
required_providers {
|
|
tor = {
|
|
source = "guardianproject/tor"
|
|
version = "99.0.0"
|
|
}
|
|
local = {
|
|
source = "hashicorp/local"
|
|
version = "2.5.3"
|
|
}
|
|
}
|
|
}
|
|
|
|
provider "tor" {}
|
|
|
|
resource "tor_family_identity" "this" {
|
|
family_name = "MyFamily"
|
|
}
|
|
|
|
resource "tor_relay_identity_rsa" "this" {}
|
|
|
|
resource "tor_relay_identity_ed25519" "this" {}
|
|
|
|
resource "local_sensitive_file" "family_key" {
|
|
content_base64 = tor_family_identity.this.secret_key
|
|
filename = "./data/keys/MyKey.secret_family_key"
|
|
file_permission = "0600"
|
|
}
|
|
|
|
resource "local_file" "this" {
|
|
filename = "./torrc"
|
|
content = <<EOF
|
|
FamilyId ${tor_family_identity.this.id}
|
|
BridgeRelay 1
|
|
DataDirectory data
|
|
ORPort 3333
|
|
ServerTransportListenAddr obfs4 0.0.0.0:3334
|
|
ExtORPort auto
|
|
ContactInfo <address@email.com>
|
|
Nickname PickANickname
|
|
EOF
|
|
}
|
|
|
|
|
|
output "family_id" {
|
|
description = "Family ID for the bridge"
|
|
value = tor_family_identity.this.id
|
|
}
|
|
|
|
output "rsa_fingerprint_sha1" {
|
|
description = "RSA identity fingerprint (SHA1) - should be uppercase hex"
|
|
value = tor_relay_identity_rsa.this.public_key_fingerprint_sha1
|
|
}
|
|
|
|
output "rsa_fingerprint_sha1_hashed" {
|
|
description = "RSA identity fingerprint (SHA1) hashed for privacy monitoring"
|
|
value = tor_relay_identity_rsa.this.public_key_fingerprint_sha1_hashed
|
|
}
|
|
|
|
output "rsa_fingerprint_sha256" {
|
|
description = "RSA identity fingerprint (SHA256)"
|
|
value = tor_relay_identity_rsa.this.public_key_fingerprint_sha256
|
|
}
|
|
|
|
output "ed25519_fingerprint_sha256" {
|
|
description = "ED25519 identity fingerprint (base64 encoded public key bytes)"
|
|
value = tor_relay_identity_ed25519.this.public_key_fingerprint_sha256
|
|
}
|
|
|
|
output "ed25519_private_key_tor" {
|
|
description = "ED25519 private key in Tor binary format (base64 encoded)"
|
|
value = tor_relay_identity_ed25519.this.private_key_tor
|
|
sensitive = true
|
|
}
|
|
|
|
output "ed25519_public_key_tor" {
|
|
description = "ED25519 public key in Tor binary format (base64 encoded)"
|
|
value = tor_relay_identity_ed25519.this.public_key_tor
|
|
}
|