terraform { required_providers { tor = { source = "guardianproject/tor" version = "99.0.0" } } } provider "tor" {} # Generate RSA identity key for the bridge resource "tor_relay_identity_rsa" "bridge" {} # Generate Ed25519 identity key for the bridge resource "tor_relay_identity_ed25519" "bridge" {} # Generate family identity for the bridge resource "tor_family_identity" "bridge" { family_name = "MyBridgeFamily" } # Generate obfs4 state using the identity keys resource "tor_obfs4_state" "bridge" { rsa_identity_private_key = tor_relay_identity_rsa.bridge.private_key_pem ed25519_identity_private_key = tor_relay_identity_ed25519.bridge.private_key_pem } # Generate bridge line for client distribution data "tor_obfs4_bridge_line" "bridge" { ip_address = "203.0.113.1" port = 9001 identity_fingerprint_sha1 = tor_relay_identity_rsa.bridge.public_key_fingerprint_sha1 obfs4_state_certificate = tor_obfs4_state.bridge.certificate obfs4_state_iat_mode = tor_obfs4_state.bridge.iat_mode } # Outputs for verification output "rsa_fingerprint_sha1" { description = "RSA identity fingerprint (SHA1)" value = tor_relay_identity_rsa.bridge.public_key_fingerprint_sha1 } output "rsa_fingerprint_sha256" { description = "RSA identity fingerprint (SHA256)" value = tor_relay_identity_rsa.bridge.public_key_fingerprint_sha256 } output "ed25519_fingerprint_sha256" { description = "Ed25519 identity fingerprint (SHA256)" value = tor_relay_identity_ed25519.bridge.public_key_fingerprint_sha256 } output "obfs4_certificate" { description = "obfs4 certificate for bridge line" value = tor_obfs4_state.bridge.certificate } output "obfs4_iat_mode" { description = "obfs4 IAT mode" value = tor_obfs4_state.bridge.iat_mode } output "bridge_line" { description = "Complete bridge line for clients" value = data.tor_obfs4_bridge_line.bridge.bridge_line } output "family_id" { description = "Family ID for the bridge" value = tor_family_identity.bridge.id }