From 7724c245d5e1fc72e0e5e19195e20d4adb07e296 Mon Sep 17 00:00:00 2001
From: Abel Luck <abel@guardianproject.info>
Date: Tue, 3 Jun 2025 13:33:14 +0200
Subject: [PATCH] Complete examples

---
 docs/data-sources/obfs4_bridge_line.md        |  3 +-
 docs/index.md                                 |  3 +-
 docs/resources/obfs4_state.md                 | 57 +++++++++++++++++++
 docs/resources/relay_identity_ed25519.md      | 39 +++++++++++++
 docs/resources/relay_identity_rsa.md          | 41 +++++++++++++
 .../tor_obfs4_bridge_line/data-source.tf      |  2 -
 examples/provider/provider.tf                 |  2 -
 .../resources/tor_obfs4_state/resource.tf     | 51 +++++++++++++++++
 .../tor_relay_identity_ed25519/resource.tf    | 33 +++++++++++
 .../tor_relay_identity_rsa/resource.tf        | 38 +++++++++++++
 10 files changed, 263 insertions(+), 6 deletions(-)
 create mode 100644 examples/resources/tor_obfs4_state/resource.tf
 create mode 100644 examples/resources/tor_relay_identity_ed25519/resource.tf
 create mode 100644 examples/resources/tor_relay_identity_rsa/resource.tf

diff --git a/docs/data-sources/obfs4_bridge_line.md b/docs/data-sources/obfs4_bridge_line.md
index d75127e..49777cf 100644
--- a/docs/data-sources/obfs4_bridge_line.md
+++ b/docs/data-sources/obfs4_bridge_line.md
@@ -13,7 +13,8 @@ Generates a complete Tor bridge line using obfs4 state and network details
 ## Example Usage
 
 ```terraform
-# Copyright (c) HashiCorp, Inc.
+# Copyright (c) Abel Luck <abel@guardianproject.info>
+# SPDX-License-Identifier: GPL-3.0-or-later
 
 terraform {
   required_providers {
diff --git a/docs/index.md b/docs/index.md
index b70f61a..22d0753 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -13,7 +13,8 @@ The Tor provider generates cryptographic identity materials for obfs4 Tor bridge
 ## Example Usage
 
 ```terraform
-# Copyright (c) HashiCorp, Inc.
+# Copyright (c) Abel Luck <abel@guardianproject.info>
+# SPDX-License-Identifier: GPL-3.0-or-later
 
 terraform {
   required_providers {
diff --git a/docs/resources/obfs4_state.md b/docs/resources/obfs4_state.md
index 5638af3..2d83ea5 100644
--- a/docs/resources/obfs4_state.md
+++ b/docs/resources/obfs4_state.md
@@ -10,7 +10,64 @@ description: |-
 
 Generates obfs4 state and certificate for Tor bridges using external relay identity keys
 
+## Example Usage
 
+```terraform
+# Copyright (c) Abel Luck <abel@guardianproject.info>
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+terraform {
+  required_providers {
+    tor = {
+      source = "guardianproject/tor"
+    }
+  }
+}
+
+provider "tor" {}
+
+# Example: Generate obfs4 state using existing identity keys
+resource "tor_relay_identity_rsa" "bridge" {
+  key_size = 2048
+}
+
+resource "tor_relay_identity_ed25519" "bridge" {}
+
+resource "tor_obfs4_state" "example" {
+  rsa_identity_private_key     = tor_relay_identity_rsa.bridge.private_key_pem
+  ed25519_identity_private_key = tor_relay_identity_ed25519.bridge.private_key_pem
+}
+
+output "certificate" {
+  description = "obfs4 certificate for bridge line generation"
+  value       = tor_obfs4_state.example.certificate
+}
+
+output "iat_mode" {
+  description = "obfs4 IAT mode setting"
+  value       = tor_obfs4_state.example.iat_mode
+}
+
+output "state_json" {
+  description = "Complete obfs4 state in JSON format"
+  value       = tor_obfs4_state.example.state_json
+  sensitive   = true
+}
+
+# Example: Generate complete bridge line using all components
+data "tor_obfs4_bridge_line" "example" {
+  ip_address                = "203.0.113.1"
+  port                      = 9001
+  identity_fingerprint_sha1 = tor_relay_identity_rsa.bridge.public_key_fingerprint_sha1
+  obfs4_state_certificate   = tor_obfs4_state.example.certificate
+  obfs4_state_iat_mode      = tor_obfs4_state.example.iat_mode
+}
+
+output "bridge_line" {
+  description = "Complete bridge line for clients"
+  value       = data.tor_obfs4_bridge_line.example.bridge_line
+}
+```
 
 <!-- schema generated by tfplugindocs -->
 ## Schema
diff --git a/docs/resources/relay_identity_ed25519.md b/docs/resources/relay_identity_ed25519.md
index 5a8f006..2f3c9a3 100644
--- a/docs/resources/relay_identity_ed25519.md
+++ b/docs/resources/relay_identity_ed25519.md
@@ -10,7 +10,46 @@ description: |-
 
 Generates Ed25519 private key for Tor relay identity as required by the Tor specification.
 
+## Example Usage
 
+```terraform
+# Copyright (c) Abel Luck <abel@guardianproject.info>
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+terraform {
+  required_providers {
+    tor = {
+      source = "guardianproject/tor"
+    }
+  }
+}
+
+provider "tor" {}
+
+# Example: Generate Ed25519 identity key for Tor relay
+resource "tor_relay_identity_ed25519" "example" {}
+
+output "private_key_pem" {
+  description = "Ed25519 private key in PEM format"
+  value       = tor_relay_identity_ed25519.example.private_key_pem
+  sensitive   = true
+}
+
+output "public_key_pem" {
+  description = "Ed25519 public key in PEM format"
+  value       = tor_relay_identity_ed25519.example.public_key_pem
+}
+
+output "public_key_fingerprint_sha1" {
+  description = "SHA1 fingerprint of the Ed25519 public key"
+  value       = tor_relay_identity_ed25519.example.public_key_fingerprint_sha1
+}
+
+output "public_key_fingerprint_sha256" {
+  description = "SHA256 fingerprint of the Ed25519 public key"
+  value       = tor_relay_identity_ed25519.example.public_key_fingerprint_sha256
+}
+```
 
 <!-- schema generated by tfplugindocs -->
 ## Schema
diff --git a/docs/resources/relay_identity_rsa.md b/docs/resources/relay_identity_rsa.md
index eccbc72..3b4a271 100644
--- a/docs/resources/relay_identity_rsa.md
+++ b/docs/resources/relay_identity_rsa.md
@@ -10,7 +10,48 @@ description: |-
 
 Generates 1024-bit RSA private key for Tor relay identity as required by the Tor specification.
 
+## Example Usage
 
+```terraform
+# Copyright (c) Abel Luck <abel@guardianproject.info>
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+terraform {
+  required_providers {
+    tor = {
+      source = "guardianproject/tor"
+    }
+  }
+}
+
+provider "tor" {}
+
+# Example: Generate RSA identity key for Tor relay
+resource "tor_relay_identity_rsa" "example" {
+  key_size = 2048 # Default RSA key size for Tor relays
+}
+
+output "private_key_pem" {
+  description = "RSA private key in PEM format"
+  value       = tor_relay_identity_rsa.example.private_key_pem
+  sensitive   = true
+}
+
+output "public_key_pem" {
+  description = "RSA public key in PEM format"
+  value       = tor_relay_identity_rsa.example.public_key_pem
+}
+
+output "public_key_fingerprint_sha1" {
+  description = "SHA1 fingerprint of the RSA public key"
+  value       = tor_relay_identity_rsa.example.public_key_fingerprint_sha1
+}
+
+output "public_key_fingerprint_sha256" {
+  description = "SHA256 fingerprint of the RSA public key"
+  value       = tor_relay_identity_rsa.example.public_key_fingerprint_sha256
+}
+```
 
 <!-- schema generated by tfplugindocs -->
 ## Schema
diff --git a/examples/data-sources/tor_obfs4_bridge_line/data-source.tf b/examples/data-sources/tor_obfs4_bridge_line/data-source.tf
index 14e3efb..be4882a 100644
--- a/examples/data-sources/tor_obfs4_bridge_line/data-source.tf
+++ b/examples/data-sources/tor_obfs4_bridge_line/data-source.tf
@@ -1,5 +1,3 @@
-# Copyright (c) HashiCorp, Inc.
-
 terraform {
   required_providers {
     tor = {
diff --git a/examples/provider/provider.tf b/examples/provider/provider.tf
index 1d806f4..6775805 100644
--- a/examples/provider/provider.tf
+++ b/examples/provider/provider.tf
@@ -1,5 +1,3 @@
-# Copyright (c) HashiCorp, Inc.
-
 terraform {
   required_providers {
     tor = {
diff --git a/examples/resources/tor_obfs4_state/resource.tf b/examples/resources/tor_obfs4_state/resource.tf
new file mode 100644
index 0000000..67f85f9
--- /dev/null
+++ b/examples/resources/tor_obfs4_state/resource.tf
@@ -0,0 +1,51 @@
+terraform {
+  required_providers {
+    tor = {
+      source = "guardianproject/tor"
+    }
+  }
+}
+
+provider "tor" {}
+
+# Example: Generate obfs4 state using existing identity keys
+resource "tor_relay_identity_rsa" "bridge" {
+  key_size = 2048
+}
+
+resource "tor_relay_identity_ed25519" "bridge" {}
+
+resource "tor_obfs4_state" "example" {
+  rsa_identity_private_key     = tor_relay_identity_rsa.bridge.private_key_pem
+  ed25519_identity_private_key = tor_relay_identity_ed25519.bridge.private_key_pem
+}
+
+output "certificate" {
+  description = "obfs4 certificate for bridge line generation"
+  value       = tor_obfs4_state.example.certificate
+}
+
+output "iat_mode" {
+  description = "obfs4 IAT mode setting"
+  value       = tor_obfs4_state.example.iat_mode
+}
+
+output "state_json" {
+  description = "Complete obfs4 state in JSON format"
+  value       = tor_obfs4_state.example.state_json
+  sensitive   = true
+}
+
+# Example: Generate complete bridge line using all components
+data "tor_obfs4_bridge_line" "example" {
+  ip_address                = "203.0.113.1"
+  port                      = 9001
+  identity_fingerprint_sha1 = tor_relay_identity_rsa.bridge.public_key_fingerprint_sha1
+  obfs4_state_certificate   = tor_obfs4_state.example.certificate
+  obfs4_state_iat_mode      = tor_obfs4_state.example.iat_mode
+}
+
+output "bridge_line" {
+  description = "Complete bridge line for clients"
+  value       = data.tor_obfs4_bridge_line.example.bridge_line
+}
\ No newline at end of file
diff --git a/examples/resources/tor_relay_identity_ed25519/resource.tf b/examples/resources/tor_relay_identity_ed25519/resource.tf
new file mode 100644
index 0000000..4a0a251
--- /dev/null
+++ b/examples/resources/tor_relay_identity_ed25519/resource.tf
@@ -0,0 +1,33 @@
+terraform {
+  required_providers {
+    tor = {
+      source = "guardianproject/tor"
+    }
+  }
+}
+
+provider "tor" {}
+
+# Example: Generate Ed25519 identity key for Tor relay
+resource "tor_relay_identity_ed25519" "example" {}
+
+output "private_key_pem" {
+  description = "Ed25519 private key in PEM format"
+  value       = tor_relay_identity_ed25519.example.private_key_pem
+  sensitive   = true
+}
+
+output "public_key_pem" {
+  description = "Ed25519 public key in PEM format"
+  value       = tor_relay_identity_ed25519.example.public_key_pem
+}
+
+output "public_key_fingerprint_sha1" {
+  description = "SHA1 fingerprint of the Ed25519 public key"
+  value       = tor_relay_identity_ed25519.example.public_key_fingerprint_sha1
+}
+
+output "public_key_fingerprint_sha256" {
+  description = "SHA256 fingerprint of the Ed25519 public key"
+  value       = tor_relay_identity_ed25519.example.public_key_fingerprint_sha256
+}
\ No newline at end of file
diff --git a/examples/resources/tor_relay_identity_rsa/resource.tf b/examples/resources/tor_relay_identity_rsa/resource.tf
new file mode 100644
index 0000000..b9d6c5b
--- /dev/null
+++ b/examples/resources/tor_relay_identity_rsa/resource.tf
@@ -0,0 +1,38 @@
+# Copyright (c) Abel Luck <abel@guardianproject.info>
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+terraform {
+  required_providers {
+    tor = {
+      source = "guardianproject/tor"
+    }
+  }
+}
+
+provider "tor" {}
+
+# Example: Generate RSA identity key for Tor relay
+resource "tor_relay_identity_rsa" "example" {
+  key_size = 2048 # Default RSA key size for Tor relays
+}
+
+output "private_key_pem" {
+  description = "RSA private key in PEM format"
+  value       = tor_relay_identity_rsa.example.private_key_pem
+  sensitive   = true
+}
+
+output "public_key_pem" {
+  description = "RSA public key in PEM format"
+  value       = tor_relay_identity_rsa.example.public_key_pem
+}
+
+output "public_key_fingerprint_sha1" {
+  description = "SHA1 fingerprint of the RSA public key"
+  value       = tor_relay_identity_rsa.example.public_key_fingerprint_sha1
+}
+
+output "public_key_fingerprint_sha256" {
+  description = "SHA256 fingerprint of the RSA public key"
+  value       = tor_relay_identity_rsa.example.public_key_fingerprint_sha256
+}
\ No newline at end of file