From 883dc870d425a95da320affcda2364dc7274e488 Mon Sep 17 00:00:00 2001
From: mg <michael.grote@posteo.de>
Date: Wed, 15 Dec 2021 16:56:54 +0100
Subject: [PATCH] tor-node: IPv6 eingebaut (#280)

Co-authored-by: Michael Grote <michael.grote@posteo.de>
Reviewed-on: https://git.mgrote.net/mg/ansible/pulls/280
Co-authored-by: mg <michael.grote@posteo.de>
Co-committed-by: mg <michael.grote@posteo.de>
---
 group_vars/tor.yml                           | 1 -
 host_vars/tor1.mgrote.net.yml                | 5 +++++
 roles/mgrote.tor-node/defaults/main.yml      | 3 +++
 roles/mgrote.tor-node/templates/bridge_torrc | 6 ++++++
 roles/mgrote.tor-node/templates/relay_torrc  | 5 +++++
 5 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 host_vars/tor1.mgrote.net.yml

diff --git a/group_vars/tor.yml b/group_vars/tor.yml
index 9d2c6522..e76f7c11 100644
--- a/group_vars/tor.yml
+++ b/group_vars/tor.yml
@@ -2,7 +2,6 @@
   ### mgrote.apt_manage_sources
   manage_sources_apt_proxy: ""
   ### mgrote.tor-node
-  tor_relay_name: tor1mgrote
   tor_or_port: 9001
   tor_socks_port: 0
   tor_control_socket: 0
diff --git a/host_vars/tor1.mgrote.net.yml b/host_vars/tor1.mgrote.net.yml
new file mode 100644
index 00000000..5b47e398
--- /dev/null
+++ b/host_vars/tor1.mgrote.net.yml
@@ -0,0 +1,5 @@
+---
+  ### mgrote.tor-node
+  tor_relay_name: tor1mgrote
+  tor_ipv6: false
+  tor_bandwidth_rate: 15 MBytes
diff --git a/roles/mgrote.tor-node/defaults/main.yml b/roles/mgrote.tor-node/defaults/main.yml
index b184f1e8..ebb299b3 100644
--- a/roles/mgrote.tor-node/defaults/main.yml
+++ b/roles/mgrote.tor-node/defaults/main.yml
@@ -13,3 +13,6 @@
   # tor_bandwidth_burst:
   tor_mode: relay # OR bridge
   tor_bridge_port: 5555
+
+  # use IPv6
+  tor_ipv6: false
diff --git a/roles/mgrote.tor-node/templates/bridge_torrc b/roles/mgrote.tor-node/templates/bridge_torrc
index 44039a50..389306d5 100644
--- a/roles/mgrote.tor-node/templates/bridge_torrc
+++ b/roles/mgrote.tor-node/templates/bridge_torrc
@@ -13,6 +13,12 @@ ServerTransportListenAddr obfs4 0.0.0.0:{{ tor_bridge_port }}
 ExitPolicy                reject *:*
 CookieAuthentication      1
 
+{% if tor_ipv6 is sameas true %}
+ORPort                    [{{hostvars[inventory_hostname]['ansible_default_ipv6']['address']}}]:{{ tor_or_port }}
+ServerTransportListenAddr obfs4 [{{hostvars[inventory_hostname]['ansible_default_ipv6']['address']}}]:{{ tor_bridge_port }}
+{% endif %}
+
+
 {% if tor_bandwidth_rate is defined %}
 BandwidthRate             {{ tor_bandwidth_rate }}
 {% endif %}
diff --git a/roles/mgrote.tor-node/templates/relay_torrc b/roles/mgrote.tor-node/templates/relay_torrc
index 7b8b4a70..a42c930e 100644
--- a/roles/mgrote.tor-node/templates/relay_torrc
+++ b/roles/mgrote.tor-node/templates/relay_torrc
@@ -10,6 +10,11 @@ ControlPort             {{ tor_control_port }}
 CookieAuthentication    1
 ExitPolicy              reject *:*
 
+{% if tor_ipv6 is sameas true %}
+ORPort                  [{{hostvars[inventory_hostname]['ansible_default_ipv6']['address']}}]:{{ tor_or_port }}
+ExitPolicy              reject6 *:*
+{% endif %}
+
 {% if tor_bandwidth_rate is defined %}
 BandwidthRate           {{ tor_bandwidth_rate }}
 {% endif %}