Complete examples

2025-06-03 13:33:14 +02:00 · 2025-06-03 13:33:14 +02:00 · 7724c245d5
commit 7724c245d5
parent 9fe172e8f2
10 changed files with 263 additions and 6 deletions
--- a/docs/data-sources/obfs4_bridge_line.md
+++ b/docs/data-sources/obfs4_bridge_line.md
@ -13,7 +13,8 @@ Generates a complete Tor bridge line using obfs4 state and network details
 ## Example Usage

 ```terraform
-# Copyright (c) HashiCorp, Inc.
+# Copyright (c) Abel Luck <abel@guardianproject.info>
+# SPDX-License-Identifier: GPL-3.0-or-later

 terraform {
  required_providers {
--- a/docs/index.md
+++ b/docs/index.md
@ -13,7 +13,8 @@ The Tor provider generates cryptographic identity materials for obfs4 Tor bridge
 ## Example Usage

 ```terraform
-# Copyright (c) HashiCorp, Inc.
+# Copyright (c) Abel Luck <abel@guardianproject.info>
+# SPDX-License-Identifier: GPL-3.0-or-later

 terraform {
  required_providers {
--- a/docs/resources/obfs4_state.md
+++ b/docs/resources/obfs4_state.md
@ -10,7 +10,64 @@ description: |-

 Generates obfs4 state and certificate for Tor bridges using external relay identity keys

+## Example Usage

+```terraform
+# Copyright (c) Abel Luck <abel@guardianproject.info>
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+terraform {
+  required_providers {
+    tor = {
+      source = "guardianproject/tor"
+    }
+  }
+}
+
+provider "tor" {}
+
+# Example: Generate obfs4 state using existing identity keys
+resource "tor_relay_identity_rsa" "bridge" {
+  key_size = 2048
+}
+
+resource "tor_relay_identity_ed25519" "bridge" {}
+
+resource "tor_obfs4_state" "example" {
+  rsa_identity_private_key     = tor_relay_identity_rsa.bridge.private_key_pem
+  ed25519_identity_private_key = tor_relay_identity_ed25519.bridge.private_key_pem
+}
+
+output "certificate" {
+  description = "obfs4 certificate for bridge line generation"
+  value       = tor_obfs4_state.example.certificate
+}
+
+output "iat_mode" {
+  description = "obfs4 IAT mode setting"
+  value       = tor_obfs4_state.example.iat_mode
+}
+
+output "state_json" {
+  description = "Complete obfs4 state in JSON format"
+  value       = tor_obfs4_state.example.state_json
+  sensitive   = true
+}
+
+# Example: Generate complete bridge line using all components
+data "tor_obfs4_bridge_line" "example" {
+  ip_address                = "203.0.113.1"
+  port                      = 9001
+  identity_fingerprint_sha1 = tor_relay_identity_rsa.bridge.public_key_fingerprint_sha1
+  obfs4_state_certificate   = tor_obfs4_state.example.certificate
+  obfs4_state_iat_mode      = tor_obfs4_state.example.iat_mode
+}
+
+output "bridge_line" {
+  description = "Complete bridge line for clients"
+  value       = data.tor_obfs4_bridge_line.example.bridge_line
+}
+```

 <!-- schema generated by tfplugindocs -->
 ## Schema
--- a/docs/resources/relay_identity_ed25519.md
+++ b/docs/resources/relay_identity_ed25519.md
@ -10,7 +10,46 @@ description: |-

 Generates Ed25519 private key for Tor relay identity as required by the Tor specification.

+## Example Usage

+```terraform
+# Copyright (c) Abel Luck <abel@guardianproject.info>
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+terraform {
+  required_providers {
+    tor = {
+      source = "guardianproject/tor"
+    }
+  }
+}
+
+provider "tor" {}
+
+# Example: Generate Ed25519 identity key for Tor relay
+resource "tor_relay_identity_ed25519" "example" {}
+
+output "private_key_pem" {
+  description = "Ed25519 private key in PEM format"
+  value       = tor_relay_identity_ed25519.example.private_key_pem
+  sensitive   = true
+}
+
+output "public_key_pem" {
+  description = "Ed25519 public key in PEM format"
+  value       = tor_relay_identity_ed25519.example.public_key_pem
+}
+
+output "public_key_fingerprint_sha1" {
+  description = "SHA1 fingerprint of the Ed25519 public key"
+  value       = tor_relay_identity_ed25519.example.public_key_fingerprint_sha1
+}
+
+output "public_key_fingerprint_sha256" {
+  description = "SHA256 fingerprint of the Ed25519 public key"
+  value       = tor_relay_identity_ed25519.example.public_key_fingerprint_sha256
+}
+```

 <!-- schema generated by tfplugindocs -->
 ## Schema
--- a/docs/resources/relay_identity_rsa.md
+++ b/docs/resources/relay_identity_rsa.md
@ -10,7 +10,48 @@ description: |-

 Generates 1024-bit RSA private key for Tor relay identity as required by the Tor specification.

+## Example Usage

+```terraform
+# Copyright (c) Abel Luck <abel@guardianproject.info>
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+terraform {
+  required_providers {
+    tor = {
+      source = "guardianproject/tor"
+    }
+  }
+}
+
+provider "tor" {}
+
+# Example: Generate RSA identity key for Tor relay
+resource "tor_relay_identity_rsa" "example" {
+  key_size = 2048 # Default RSA key size for Tor relays
+}
+
+output "private_key_pem" {
+  description = "RSA private key in PEM format"
+  value       = tor_relay_identity_rsa.example.private_key_pem
+  sensitive   = true
+}
+
+output "public_key_pem" {
+  description = "RSA public key in PEM format"
+  value       = tor_relay_identity_rsa.example.public_key_pem
+}
+
+output "public_key_fingerprint_sha1" {
+  description = "SHA1 fingerprint of the RSA public key"
+  value       = tor_relay_identity_rsa.example.public_key_fingerprint_sha1
+}
+
+output "public_key_fingerprint_sha256" {
+  description = "SHA256 fingerprint of the RSA public key"
+  value       = tor_relay_identity_rsa.example.public_key_fingerprint_sha256
+}
+```

 <!-- schema generated by tfplugindocs -->
 ## Schema
--- a/examples/data-sources/tor_obfs4_bridge_line/data-source.tf
+++ b/examples/data-sources/tor_obfs4_bridge_line/data-source.tf
@ -1,5 +1,3 @@
-# Copyright (c) HashiCorp, Inc.
-
 terraform {
  required_providers {
    tor = {
--- a/examples/provider/provider.tf
+++ b/examples/provider/provider.tf
@ -1,5 +1,3 @@
-# Copyright (c) HashiCorp, Inc.
-
 terraform {
  required_providers {
    tor = {
--- a/examples/resources/tor_obfs4_state/resource.tf
+++ b/examples/resources/tor_obfs4_state/resource.tf
@ -0,0 +1,51 @@
+terraform {
+  required_providers {
+    tor = {
+      source = "guardianproject/tor"
+    }
+  }
+}
+
+provider "tor" {}
+
+# Example: Generate obfs4 state using existing identity keys
+resource "tor_relay_identity_rsa" "bridge" {
+  key_size = 2048
+}
+
+resource "tor_relay_identity_ed25519" "bridge" {}
+
+resource "tor_obfs4_state" "example" {
+  rsa_identity_private_key     = tor_relay_identity_rsa.bridge.private_key_pem
+  ed25519_identity_private_key = tor_relay_identity_ed25519.bridge.private_key_pem
+}
+
+output "certificate" {
+  description = "obfs4 certificate for bridge line generation"
+  value       = tor_obfs4_state.example.certificate
+}
+
+output "iat_mode" {
+  description = "obfs4 IAT mode setting"
+  value       = tor_obfs4_state.example.iat_mode
+}
+
+output "state_json" {
+  description = "Complete obfs4 state in JSON format"
+  value       = tor_obfs4_state.example.state_json
+  sensitive   = true
+}
+
+# Example: Generate complete bridge line using all components
+data "tor_obfs4_bridge_line" "example" {
+  ip_address                = "203.0.113.1"
+  port                      = 9001
+  identity_fingerprint_sha1 = tor_relay_identity_rsa.bridge.public_key_fingerprint_sha1
+  obfs4_state_certificate   = tor_obfs4_state.example.certificate
+  obfs4_state_iat_mode      = tor_obfs4_state.example.iat_mode
+}
+
+output "bridge_line" {
+  description = "Complete bridge line for clients"
+  value       = data.tor_obfs4_bridge_line.example.bridge_line
+}
--- a/examples/resources/tor_relay_identity_ed25519/resource.tf
+++ b/examples/resources/tor_relay_identity_ed25519/resource.tf
@ -0,0 +1,33 @@
+terraform {
+  required_providers {
+    tor = {
+      source = "guardianproject/tor"
+    }
+  }
+}
+
+provider "tor" {}
+
+# Example: Generate Ed25519 identity key for Tor relay
+resource "tor_relay_identity_ed25519" "example" {}
+
+output "private_key_pem" {
+  description = "Ed25519 private key in PEM format"
+  value       = tor_relay_identity_ed25519.example.private_key_pem
+  sensitive   = true
+}
+
+output "public_key_pem" {
+  description = "Ed25519 public key in PEM format"
+  value       = tor_relay_identity_ed25519.example.public_key_pem
+}
+
+output "public_key_fingerprint_sha1" {
+  description = "SHA1 fingerprint of the Ed25519 public key"
+  value       = tor_relay_identity_ed25519.example.public_key_fingerprint_sha1
+}
+
+output "public_key_fingerprint_sha256" {
+  description = "SHA256 fingerprint of the Ed25519 public key"
+  value       = tor_relay_identity_ed25519.example.public_key_fingerprint_sha256
+}
--- a/examples/resources/tor_relay_identity_rsa/resource.tf
+++ b/examples/resources/tor_relay_identity_rsa/resource.tf
@ -0,0 +1,38 @@
+# Copyright (c) Abel Luck <abel@guardianproject.info>
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+terraform {
+  required_providers {
+    tor = {
+      source = "guardianproject/tor"
+    }
+  }
+}
+
+provider "tor" {}
+
+# Example: Generate RSA identity key for Tor relay
+resource "tor_relay_identity_rsa" "example" {
+  key_size = 2048 # Default RSA key size for Tor relays
+}
+
+output "private_key_pem" {
+  description = "RSA private key in PEM format"
+  value       = tor_relay_identity_rsa.example.private_key_pem
+  sensitive   = true
+}
+
+output "public_key_pem" {
+  description = "RSA public key in PEM format"
+  value       = tor_relay_identity_rsa.example.public_key_pem
+}
+
+output "public_key_fingerprint_sha1" {
+  description = "SHA1 fingerprint of the RSA public key"
+  value       = tor_relay_identity_rsa.example.public_key_fingerprint_sha1
+}
+
+output "public_key_fingerprint_sha256" {
+  description = "SHA256 fingerprint of the RSA public key"
+  value       = tor_relay_identity_rsa.example.public_key_fingerprint_sha256
+}