]> git.somenet.org - root/pub/somesible.git/blob - roles/base/tor/tasks/configure-hidserv.yml
roles/server/nginx/vhost-unified
[root/pub/somesible.git] / roles / base / tor / tasks / configure-hidserv.yml
1 #####################################
2 ### someone's ansible provisioner ###
3 #####################################
4 # Part of: https://git.somenet.org/root/pub/somesible.git
5 # 2017-2024 by someone <someone@somenet.org>
6 #
7 ---
8 - name: create service-dir for hidden service {{hs}}
9   file:
10     path: "/var/lib/tor/hidden_{{hs}}"
11     state: directory
12     recurse: yes
13     mode: "u=rwX,go-rwx"
14     owner: "debian-tor"
15     group: "debian-tor"
16
17
18 - name: copy hidden service {{hs}} private key
19   copy:
20     src: "{{item}}"
21     dest: "/var/lib/tor/hidden_{{hs}}/hs_ed25519_secret_key"
22     mode: 0600
23     owner: "debian-tor"
24     group: "debian-tor"
25   with_first_found:
26     - "{{lookup('env','PWD')}}/host_files/{{inventory_hostname}}/{{role_name}}/hs_ed25519_secret_key_{{hs}}"
27     - "{{lookup('env','PWD')}}/group_files/{{group_files_group}}/{{role_name}}/hs_ed25519_secret_key_{{hs}}"
28     - "{{lookup('env','PWD')}}/group_files/all/{{role_name}}/hs_ed25519_secret_key_{{hs}}"
29     - "default/hs_ed25519_secret_key_{{hs}}"
30   notify: restart tor.service
31   ignore_errors: yes