First working version

2025-06-03 13:23:45 +02:00 · 2025-06-03 13:23:45 +02:00 · d8eda81e0e
commit d8eda81e0e
parent 63ed6316bc
31 changed files with 3134 additions and 0 deletions
--- a/examples/README.md
+++ b/examples/README.md
@ -0,0 +1,29 @@
+# Terraform Provider for Tor Examples
+
+This directory contains example configurations for the Terraform provider for Tor bridges.
+
+## Examples
+
+### Complete Workflow
+- `provider/provider.tf` - Complete bridge deployment example with all resources
+
+### Individual Resources
+- `resources/tor_relay_identity_rsa/` - RSA identity key generation
+- `resources/tor_relay_identity_ed25519/` - Ed25519 identity key generation  
+- `resources/tor_obfs4_state/` - obfs4 state generation
+
+### Data Sources
+- `data-sources/tor_obfs4_bridge_line/` - Bridge line generation from components
+
+## Usage
+
+Each example can be run independently:
+
+```bash
+cd examples/provider
+terraform init
+terraform plan
+terraform apply
+```
+
+The complete workflow example in `provider/` demonstrates how all resources work together to create a fully configured bridge with generated bridge line for client distribution.
--- a/examples/data-sources/tor_obfs4_bridge_line/data-source.tf
+++ b/examples/data-sources/tor_obfs4_bridge_line/data-source.tf
@ -0,0 +1,48 @@
+# Copyright (c) HashiCorp, Inc.
+
+terraform {
+  required_providers {
+    tor = {
+      source = "guardianproject/tor"
+    }
+  }
+}
+
+provider "tor" {}
+
+# Example: Generate a bridge line from existing components
+data "tor_obfs4_bridge_line" "example" {
+  ip_address                = "192.0.2.1"
+  port                      = 443
+  identity_fingerprint_sha1 = "1234567890abcdef1234567890abcdef12345678"
+  obfs4_state_certificate   = "example-cert-value"
+  obfs4_state_iat_mode      = 0
+}
+
+output "bridge_line" {
+  description = "Generated bridge line for clients"
+  value       = data.tor_obfs4_bridge_line.example.bridge_line
+}
+
+# Example: Complete workflow integration
+resource "tor_relay_identity_rsa" "bridge" {}
+
+resource "tor_relay_identity_ed25519" "bridge" {}
+
+resource "tor_obfs4_state" "bridge" {
+  rsa_identity_private_key     = tor_relay_identity_rsa.bridge.private_key_pem
+  ed25519_identity_private_key = tor_relay_identity_ed25519.bridge.private_key_pem
+}
+
+data "tor_obfs4_bridge_line" "integrated" {
+  ip_address                = "10.0.0.1"
+  port                      = 9001
+  identity_fingerprint_sha1 = tor_relay_identity_rsa.bridge.public_key_fingerprint_sha1
+  obfs4_state_certificate   = tor_obfs4_state.bridge.certificate
+  obfs4_state_iat_mode      = tor_obfs4_state.bridge.iat_mode
+}
+
+output "integrated_bridge_line" {
+  description = "Bridge line from integrated workflow"
+  value       = data.tor_obfs4_bridge_line.integrated.bridge_line
+}
--- a/examples/provider/provider.tf
+++ b/examples/provider/provider.tf
@ -0,0 +1,56 @@
+# Copyright (c) HashiCorp, Inc.
+
+terraform {
+  required_providers {
+    tor = {
+      source = "guardianproject/tor"
+    }
+  }
+}
+
+provider "tor" {}
+
+# Generate relay identity keys
+resource "tor_relay_identity_rsa" "bridge" {}
+
+resource "tor_relay_identity_ed25519" "bridge" {}
+
+# Generate obfs4 state using the identity keys
+resource "tor_obfs4_state" "bridge" {
+  rsa_identity_private_key     = tor_relay_identity_rsa.bridge.private_key_pem
+  ed25519_identity_private_key = tor_relay_identity_ed25519.bridge.private_key_pem
+  iat_mode                     = 1
+}
+
+# Generate bridge line for client distribution
+data "tor_obfs4_bridge_line" "bridge" {
+  ip_address                = "192.0.2.1"
+  port                      = 443
+  identity_fingerprint_sha1 = tor_relay_identity_rsa.bridge.public_key_fingerprint_sha1
+  obfs4_state_certificate   = tor_obfs4_state.bridge.certificate
+  obfs4_state_iat_mode      = tor_obfs4_state.bridge.iat_mode
+}
+
+# Output bridge configuration for deployment
+output "rsa_identity_pem" {
+  description = "RSA identity private key for bridge configuration"
+  value       = tor_relay_identity_rsa.bridge.private_key_pem
+  sensitive   = true
+}
+
+output "ed25519_identity_pem" {
+  description = "Ed25519 identity private key for bridge configuration"
+  value       = tor_relay_identity_ed25519.bridge.private_key_pem
+  sensitive   = true
+}
+
+output "obfs4_state_json" {
+  description = "Complete obfs4 state for bridge runtime"
+  value       = tor_obfs4_state.bridge.state_json
+  sensitive   = true
+}
+
+output "bridge_line" {
+  description = "Complete bridge line for client use"
+  value       = data.tor_obfs4_bridge_line.bridge.bridge_line
+}