basic tor implementation

hosts

@@ -40,6 +40,7 @@ electrs_version=0.10.2
 rtl_version=0.15.0
 rtl_password=n0xb0x
 lnbits_version=0.12.1
+tor_version=1.0
 zerotier_network=
 #Update wariness - 1 = very reluctant to update, 0 = eager to update
 #timezone - which timezone update schedule is in

roles/apps/tasks/tor.yml

@@ -0,0 +1,53 @@
+---
+# tasks file for tor
+#
+
+- name: tor - Create ~/vol/tor
+  ansible.builtin.file:
+    path: ~/vol/tor/
+    state: directory
+  tags: [apps,tor]
+
+- name: tor - Make dir for tor Containers
+  ansible.builtin.file:
+    path: ~/containers/tor
+    state: directory
+  tags: [apps,tor]
+
+- name: tor - Copy Containerfile Template
+  ansible.builtin.template:
+    src: tor/Containerfile.j2
+    dest: ~/containers/tor/Containerfile
+  notify: rebuild_tor
+  tags: [apps,tor]
+
+- name: tor - Copy build script
+  ansible.builtin.template:
+    src: tor/build.sh.j2
+    dest: ~/containers/tor/build.sh
+    mode: '0700'
+  notify: rebuild_tor
+  tags: [apps,tor]
+
+- name: tor - Copy tor.repo
+  ansible.builtin.template:
+    src: tor/tor.repo.j2
+    dest: ~/containers/tor/tor.sh
+    mode: '0700'
+  notify: rebuild_tor
+  tags: [apps,tor]
+
+- name: tor - Copy tor-node.container file
+  ansible.builtin.template:
+    src: tor/tor-node.container.j2
+    dest: ~/containers/tor/tor-node.container
+  notify: reload_systemctl
+  tags: [apps,tor]
+
+- name: tor - Link tor-node.container to systemd location
+  ansible.builtin.file:
+    src: ~/containers/tor/tor-node.container
+    dest: ~/.config/containers/systemd/tor-node.container
+    state: link
+    force: true
+  tags: [apps,tor]

roles/apps/templates/tor/Containerfile.j2

@@ -0,0 +1,18 @@
+FROM docker.io/almalinux/9-init:latest
+
+COPY tor.repo /etc/yum.repos.d/tor.repo
+
+RUN dnf update -y \
+	&& dnf install -y epel-release \
+	&& dnf update -y \
+	&& dnf install -y tor privoxy \
+	&& systemctl enable tor \
+	&& systemctl enable privoxy \
+	&& echo "forward-socks5 / 127.0.0.1:9050 ." >> /etc/privoxy/config \
+	&& dnf clean all -y \
+	&& rm -fr /var/cache/* /tmp/*
+
+
+
+
+

roles/apps/templates/tor/build.sh.j2

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+buildah bud -f Containerfile -t tor:{{tor_version}}

roles/apps/templates/tor/tor-node.container.j2

@@ -0,0 +1,19 @@
+[Unit]
+Description=Tor Node
+Before=bitcoin-node
+
+[Container]
+Image={{ registry_url }}/tor:{{tor_version}}
+PodmanArgs=--pod bitcoin-pod
+
+[Service]
+# Restart service when sleep finishes
+Restart=always
+# Extend Timeout to allow time to pull the image
+TimeoutStartSec=900
+# ExecStartPre flag and other systemd commands can go here, see systemd.unit(5) man page.
+# ExecStartPre=/usr/share/mincontainer/setup.sh
+
+[Install]
+# Start by default on boot
+WantedBy=multi-user.target default.target

roles/apps/templates/tor/tor.repo.j2

@@ -0,0 +1,7 @@
+[tor]
+name=Tor for Enterprise Linux $releasever - $basearch
+baseurl=https://rpm.torproject.org/centos/$releasever/$basearch
+enabled=1
+gpgcheck=1
+gpgkey=https://rpm.torproject.org/centos/public_gpg.key
+cost=100