From 1a771c5c4cdbfb7aeeba0be28dd64f1937d03b2a Mon Sep 17 00:00:00 2001
From: Miraty <miraty@antopie.org>
Date: Thu, 9 Jun 2022 03:29:41 +0200
Subject: [PATCH] tor-instances for Debian, tor for Arch Linux

---
 mkosi.extra/etc/sudoers.d/niver |  2 +-
 mkosi.postinst                  | 16 ++++++++++++++++
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/mkosi.extra/etc/sudoers.d/niver b/mkosi.extra/etc/sudoers.d/niver
index 6597b81..4471445 100644
--- a/mkosi.extra/etc/sudoers.d/niver
+++ b/mkosi.extra/etc/sudoers.d/niver
@@ -1 +1 @@
-php-niver ALL= NOPASSWD: /usr/bin/systemctl reload nginx,/usr/bin/systemctl reload tor@niver,/usr/bin/chgrp ^sftpgo /srv/ht/[a-z]{1,128}$
+php-niver ALL= NOPASSWD: /usr/bin/systemctl reload nginx,/usr/bin/systemctl reload tor,/usr/bin/systemctl reload tor@niver,/usr/bin/chgrp ^sftpgo /srv/ht/[a-z]{1,128}$,/usr/bin/cat ^/var/lib/tor-instances/niver/keys/[a-z]{1,128}/hostname$
diff --git a/mkosi.postinst b/mkosi.postinst
index f549597..782aa63 100755
--- a/mkosi.postinst
+++ b/mkosi.postinst
@@ -30,8 +30,10 @@ chmod -R u=rwX,g=rwX,o=rX /srv/ht
 
 if [[ $ID = "debian" ]]; then
 	chown -R php-niver:_tor-niver /etc/tor/instances/niver
+	chown -R _tor-niver:_tor-niver /var/lib/tor-instances/niver
 else
 	chown -R php-niver:tor /etc/tor/instances/niver
+	chown -R tor:tor /var/lib/tor-instances/niver
 fi
 chmod -R u=rwX,g=rX,o= /etc/tor/instances/niver
 
@@ -67,8 +69,22 @@ display_errors = On
 extension = pdo_sqlite
 EOF
 
+# Configure Tor properly
+
+if [[ $ID = "debian" ]]; then
+	cat >> /etc/tor/instances/niver/torrc << EOF
+User _tor-niver
+DataDirectory /var/lib/tor-instances/niver
+EOF
+fi
+
 if [[ $ID = "arch" ]]; then
 	ln -s /etc/tor/instances/niver/torrc /etc/tor/torrc
+
+	cat >> /etc/tor/instances/niver/torrc << EOF
+User tor
+DataDirectory /var/lib/tor
+EOF
 fi
 
 # Start SystemD services at startup