diff --git a/.gitignore b/.gitignore index fd58f0b..126777e 100644 --- a/.gitignore +++ b/.gitignore @@ -38,3 +38,4 @@ dev/ CLAUDE.md extra .direnv +.claude diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..a8d705a --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,77 @@ +# Contributing to terraform-provider-tor + +Thank you for your interest in contributing to the terraform-provider-tor +project! This document provides guidelines for contributing to this +Terraform/OpenTofu provider that manages Tor bridge infrastructure. + +## Development Setup + +### Prerequisites + +- Go >= 1.23 +- Terraform >= 1.0 or OpenTofu +- Git + +### Building the Provider + +```bash +git clone https://github.com/guardianproject/terraform-provider-tor +cd terraform-provider-tor +make build +``` + +### Development Commands + +```bash +# Build and install +go install + +# Add dependencies +go get +go mod tidy + +# Generate documentation +make generate + +# Run linter +make lint + +# Run acceptance tests (creates real resources) +make testacc +``` + +## Project Structure + +``` +├── internal/provider/ # Resources and data sources +├── examples/ # Usage examples +│ ├── data-sources/ # Data source examples +│ ├── provider/ # Provider configuration examples +│ └── resources/ # Resource examples +├── docs/ # Generated documentation +``` + +## Security Considerations + +This provider handles cryptographic keys and sensitive data: + +- Never log or expose private keys in plaintext +- Follow security best practices for key generation +- Be mindful of state file security in examples and documentation +- Report security issues responsibly + +## Resources + +- [Terraform Plugin Development](https://developer.hashicorp.com/terraform/plugin) +- [Lyrebird](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/lyrebird) +- [obfs4proxy Documentation](https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/obfs4) + +## License + +This project is licensed under GPL-3.0-or-later. By contributing, you agree to license your contributions under the same license. + +## Getting Help + +- Open an issue for bugs or feature requests +- Check existing issues and documentation first +- Be respectful and constructive in all interactions diff --git a/README.md b/README.md index a89eb78..5d719ff 100644 --- a/README.md +++ b/README.md @@ -15,7 +15,7 @@ Terraform/OpenTofu. Instead of bridges generating new identity keys at startup (which would change on each deployment), this provider manages the identity lifecycle within your infrastructure-as-code workflow. -**Why?*** +**Why?** When deploying obfs4 bridges at scale, maintaining consistent bridge identity across VM upgrades and replacements is crucial. This provider solves that by: @@ -43,11 +43,9 @@ resource "tor_relay_identity_rsa" "bridge" {} resource "tor_relay_identity_ed25519" "bridge" {} -# Generate obfs4 state using the identity keys resource "tor_obfs4_state" "bridge" { rsa_identity_private_key = tor_relay_identity_rsa.bridge.private_key_pem ed25519_identity_private_key = tor_relay_identity_ed25519.bridge.private_key_pem - iat_mode = 1 } # Generate bridge line for client distribution