1+2 (including template support) are implemented in
https://github.com/nusenu/ansible-relayor
Thanks. I'll take a look.
Yes DirPort does not speak TLS, but since 443 is also best used
for ORPort (because it is often one of the ports that are allowed to pass through firewalls)
- https is not possible on the same IP (when already used by the ORPort).
Well... that's kind of a hack to handle ORPort going through in various hosting scenarios. I would say it should be used as a last resort and not as the default. I don't know what ORPort most relays use (I guess I can get that from onionoo to some degree) but I do want to hope they are not all riding 443 (I know I don't use 443 for my ORPort on both relays).
Eran