Major rework.

defaults/main.yml

@@ -1,22 +1,97 @@
 ---
 
-tor_instance_parent_dir: /etc/tor/instances
-tor_user: debian-tor
-tor_DataDirectory: /var/lib/tor
-tor_PidFile: /var/run/tor/tor.pid
+tor_User: 'debian-tor'
+tor_file_owner: '{{ tor_User }}'
+tor_file_group: '{{ tor_file_owner }}'
+
+## If the PID file path should be written into the torrc file using the PidFile option.
+tor_PidFile_configure: True
+tor_RunAsDaemon_configure: True
+
+## If defined, use this directory for all instances.
+# tor_DataDirectory_instances: '/var/lib/tor'
+
+tor_DataDirectory: '/var/lib/tor'
+tor_PidFile: '/var/run/tor/tor.pid'
 tor_RunAsDaemon: 1
-tor_Log: "notice file /var/log/tor/log"
-tor_hidden_services_parent_dir: /var/lib/tor/services
+
+## If True, also write this configuration option in multiple instance mode.
+tor_Log_instances: False
+tor_Log: 'notice file /var/log/tor/log'
+
+#tor_custom_configuration: |
+#  # More specific torrc configuration can go here (YAML block).
+
+tor_instance_parent_dir: '/etc/tor/instances'
+tor_hidden_services_parent_dir: '/var/lib/tor/services'
+
+## Only generate the configuration without installing anything.
+## Might be useful when you run tor instances in Containers, for example Docker
+## https://github.com/patrickod/docker-tor
+tor_do_not_install_anything: False
+
+## Can be set to yes if you would like this role to wait for the newly created
+## tor hidden services to start. It does so by waiting for the tor hidden
+## service hostname file to appear.
 tor_wait_for_hidden_services: no
 
-tor_obfs4proxy_enabled: False
-tor_obfs4proxy_release: sid
-debian_repo: http://ftp.us.debian.org/debian/
+## Should be set to the desired distribution of
+## the Tor Project's APT repository.
+## See https://deb.torproject.org/torproject.org/dists/
+## The default (the release name of your distribution) should be fine in most cases.
+tor_distribution_release: '{{ ansible_distribution_release }}'
+
+## If true, use apt preferences to ensure that even if other releases e.g.
+## testing of sid are enabled only certain packages are installed from testing or sid.
+## If false, you have to configure that yourself or by using another role like
+## https://github.com/debops/ansible-apt_preferences
+tor_manage_apt_preferences: True
+
+tor_apt_preferences_priority: 910
+
+
+## obfsproxy -------------------------------------
+## Install and enable obfsproxy (written in Python).
+tor_obfsproxy_enable: True
+
+## True: Install virtualenv from source/manually.
+## False (default): Install virtualenv via the means of your distribution.
+tor_install_python_virtualenv_manually: False
+
+## How to install obfsproxy, options:
+## - package_manager: By the means of your distribution.
+## - pip: Install via pip.
+## - pip+virtualenv: Install via pip in virtualenv.
+tor_obfsproxy_install_via: 'package_manager'
+
+## Variable should be set when you choice `tor_obfsproxy_install_via` == 'pip+virtualenv'
+## to specify where to create the virtualenv.
+tor_obfsproxy_home: '/var/lib/tor/pluggable_transports_obfsproxy'
+
+
+## obfs4proxy -------------------------------------
+## Install and enable obfs4proxy (written in Go).
+tor_obfs4proxy_enable: True
+
+## https://packages.debian.org/search?keywords=obfs4proxy
+## Use Codenames like jessie, testing, sid or trusty.
+tor_obfs4proxy_install_from: 'testing'
+
+
+## Debian mirror to use.
+debian_repo: 'http://httpredir.debian.org/debian/'
+
+tor_apt_base_packages:
+  - 'deb.torproject.org-keyring'
+  - 'tor'
+  - 'tor-geoipdb'
 
-tor_obfsproxy_git_url: obfsproxy
-tor_obfsproxy_virtenv: virtenv_obfsproxy
+tor_obfsproxy_git_url: 'obfsproxy'
+tor_obfsproxy_virtenv: 'virtenv_obfsproxy'
 
 # keep these up to date!
-tor_obfsproxy_virtenv_version: virtualenv-1.11.4
-tor_virtenv_tarball_url: https://pypi.python.org/packages/source/v/virtualenv/virtualenv-1.11.4.tar.gz
-tor_virtenv_tarball: virtualenv-1.11.4.tar.gz
+# https://pypi.python.org/pypi/virtualenv
+# https://github.com/pypa/virtualenv/releases
+tor_obfsproxy_virtenv_version: 'virtualenv-13.1.0'
+tor_virtenv_tarball: '{{ tor_obfsproxy_virtenv_version }}.tar.gz'
+tor_virtenv_tarball_url: 'https://pypi.python.org/packages/source/v/virtualenv/{{ tor_obfsproxy_virtenv_version }}.tar.gz'

meta/main.yml

@@ -7,6 +7,8 @@ galaxy_info:
   - name: Debian
     versions:
     - all
+    - wheezy
+    - jessie
   - name: Ubuntu
     versions:
     - all

tasks/configure_multiple_tor_instances.yml

@@ -0,0 +1,53 @@
+---
+
+- name: Ensure tor instance parent dir exists
+  file:
+    path: '{{ tor_instance_parent_dir }}'
+    state: 'directory'
+    owner: '{{ tor_file_owner | default(omit) }}'
+    group: '{{ tor_file_group | default(omit) }}'
+
+- name: Ensure tor instances data dir exist
+  file:
+    path: '{{ tor_instance_parent_dir }}/{{ item.name }}/data'
+    state: 'directory'
+    owner: '{{ tor_file_owner | default(omit) }}'
+    group: '{{ tor_file_group | default(omit) }}'
+  with_items: tor_instances
+
+- name: Ensure tor instances log file exist
+  file:
+    path: '{{ tor_instance_parent_dir }}/{{ item.name }}/log'
+    state: 'touch'
+    owner: '{{ tor_file_owner | default(omit) }}'
+    group: '{{ tor_file_group | default(omit) }}'
+  with_items: tor_instances
+
+- name: Ensure tor instances pid file exist
+  file:
+    path: '{{ tor_instance_parent_dir }}/{{ item.name }}/tor.pid'
+    state: 'touch'
+    owner: '{{ tor_file_owner | default(omit) }}'
+    group: '{{ tor_file_group | default(omit) }}'
+  with_items: tor_instances
+
+- name: Ensure instances template torrc
+  template:
+    src: 'torrc.j2'
+    dest: '{{ tor_instance_parent_dir }}/{{ item.name }}/torrc'
+    owner: '{{ tor_file_owner | default(omit) }}'
+    group: '{{ tor_file_group | default(omit) }}'
+    mode: 0644
+  with_items: tor_instances
+  register: instances_status
+
+- name: Ensure tor instances are reloaded if its torrc changed
+  shell: "kill -HUP `cat {{ tor_instance_parent_dir }}/{{ item.item.name }}/tor.pid`"
+  ignore_errors: yes
+  with_items: instances_status.results
+  when: item.changed == True and not tor_do_not_install_anything
+
+- name: Write tor configuration for instance
+  shell: "kill -0 `cat {{ tor_instance_parent_dir }}/{{ item.name }}/tor.pid` || tor -f {{ tor_instance_parent_dir }}/{{ item.name }}/torrc"
+  with_items: tor_instances
+  when: not tor_do_not_install_anything

tasks/configure_single_tor_instance.yml

@@ -0,0 +1,25 @@
+---
+
+- name: Write tor configuration
+  template:
+    src: 'torrc.j2'
+    dest: '/etc/tor/torrc'
+    owner: 'root'
+    group: 'root'
+    mode: 0644
+  notify:
+  - restart tor
+
+- meta: flush_handlers
+
+- name: Ensure tor is running
+  service:
+    name: 'tor'
+    state: 'running'
+
+- name: Get Tor fingerprint
+  command: 'cut --fields=2 --delimiter=" " {{ tor_DataDirectory }}/fingerprint'
+  register: tor_instance_fingerprint
+  when: tor_DataDirectory is string
+  failed_when: False
+  changed_when: False

tasks/hidden_services.yml

@@ -1,12 +1,17 @@
 ---
 
-- name: create tor hidden services parent directory
-  file: >
-    path={{ tor_hidden_services_parent_dir }}
-    state=directory
-    owner={{ tor_user }}
+- name: Create tor hidden services parent directory
+  file:
+    path: '{{ tor_hidden_services_parent_dir }}'
+    state: 'directory'
+    owner: '{{ tor_file_owner | default(omit) }}'
+    group: '{{ tor_file_group | default(omit) }}'
+    mode: 0750
 
-- name: create tor hidden services directories
-  file: path={{ tor_hidden_services_parent_dir }}/{{ item.dir }}
-   state=directory owner={{ tor_user }}
+- name: Create tor hidden services directories
+  file:
+    path: '{{ tor_hidden_services_parent_dir }}/{{ item.dir }}'
+    state: 'directory'
+    owner: '{{ tor_file_owner | default(omit) }}'
+    group: '{{ tor_file_group | default(omit) }}'
   with_items: tor_hidden_services

tasks/install_obfs4proxy.yml

@@ -0,0 +1,16 @@
+---
+
+- name: Ensure apt repository for installing obfs4proxy exists
+  apt_repository:
+    repo: 'deb {{ debian_repo }} {{ tor_obfs4proxy_install_from }} main'
+    state: 'present'
+    update_cache: yes
+  when: tor_obfs4proxy_install_from is string and ansible_distribution in ['Debian']
+
+- name: Ensure obfs4proxy packages are installed
+  apt:
+    pkg: '{{ item }}'
+    state: latest
+  with_items:
+  - 'obfs4proxy'
+  when: (ansible_pkg_mgr == 'apt' and tor_obfs4proxy_enable)

tasks/install_obfsproxy.yml

@@ -0,0 +1,27 @@
+---
+
+- name: Ensure virtualenv is installed
+  apt:
+    pkg: '{{ item }}'
+    state: latest
+  with_items:
+    - 'python-virtualenv'
+  when: (ansible_pkg_mgr == 'apt' and
+         not tor_install_python_virtualenv_manually)
+
+- include: install_python_virtualenv_manually.yml
+  when: (tor_obfsproxy_install_via == 'pip+virtualenv' and
+         tor_install_python_virtualenv_manually)
+
+
+- name: Ensure obfsproxy is installed
+  apt:
+    pkg: '{{ item }}'
+    state: latest
+  with_items:
+  - 'obfsproxy'
+  when: (ansible_pkg_mgr == 'apt' and
+         tor_obfsproxy_install_via == 'package_manager')
+
+- include: install_obfsproxy_via_pip.yml
+  when: tor_obfsproxy_install_via in ['pip', 'pip+virtualenv']

tasks/install_obfsproxy_via_pip.yml

@@ -0,0 +1,26 @@
+---
+
+- name: Ensure that Python virtualenv directory exists
+  file:
+    path: '{{ tor_obfsproxy_home }}'
+    state: 'directory'
+
+- name: Ensure obfsproxy is pip installed in our python virtual env
+  pip:
+    name: '{{ tor_obfsproxy_git_url }}#egg=obfsproxy'
+    virtualenv: '{{ tor_obfsproxy_home }}/{{ tor_obfsproxy_virtenv }}'
+    executable: '{{ tor_obfsproxy_home }}/{{ tor_obfsproxy_virtenv }}/bin/pip'
+    virtualenv_command: '{{ tor_obfsproxy_home }}/{{ tor_obfsproxy_virtenv_version }}/virtualenv.py'
+    state: 'latest'
+  environment:
+    PIP_DOWNLOAD_CACHE: '{{ tor_obfsproxy_home }}/.pip_download_cache'
+  when: tor_install_python_virtualenv_manually
+
+- name: Ensure obfsproxy is pip installed in our python virtual env
+  pip:
+    name: '{{ tor_obfsproxy_git_url }}#egg=obfsproxy'
+    virtualenv: '{{ tor_obfsproxy_home }}/{{ tor_obfsproxy_virtenv }}'
+    state: 'latest'
+  environment:
+    PIP_DOWNLOAD_CACHE: '{{ tor_obfsproxy_home }}/.pip_download_cache'
+  when: not tor_install_python_virtualenv_manually