wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-06-05 22:54:01 +02:00
Code Issues Projects Releases Wiki Activity

Support for scripted Docker deployments (#1582)

Browse source
This commit is contained in:
Nil Admirari 2019-09-12 10:51:40 +00:00 committed by Jack Ivanov
parent fc27b439b5
commit 0c3aada66f
2 changed files with 24 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
algo-docker.sh
View file

@ -37,7 +37,7 @@ fi
tr -d '\r' < "${DATA_DIR}"/config.cfg > "${ALGO_DIR}"/config.cfg
test -d "${DATA_DIR}"/configs && rsync -qLktr --delete "${DATA_DIR}"/configs "${ALGO_DIR}"/
"${ALGO_DIR}"/algo ${ALGO_ARGS}
"${ALGO_DIR}"/algo "${ALGO_ARGS}"
retcode=${?}
rsync -qLktr --delete "${ALGO_DIR}"/configs "${DATA_DIR}"/

27
docs/deploy-from-docker.md
View file

@ -4,9 +4,8 @@ While it is not possible to run your Algo server from within a Docker container,
## Limitations
1. [Advanced](deploy-from-ansible.md) installations are not currently supported; you must use the interactive `algo` script.
2. This has not yet been tested with user namespacing enabled.
3. If you're running this on Windows, take care when editing files under `configs/` to ensure that line endings are set appropriately for Unix systems.
1. This has not yet been tested with user namespacing enabled.
2. If you're running this on Windows, take care when editing files under `configs/` to ensure that line endings are set appropriately for Unix systems.
## Deploying an Algo Server with Docker
@ -29,11 +28,31 @@ While it is not possible to run your Algo server from within a Docker container,
5. When it exits, you'll be left with a fully populated `configs` directory, containing all appropriate configuration data for your clients, and for future server management
### Providing Additional Files
f
If you need to provide additional files -- like authorization files for Google Cloud Project -- you can simply specify an additional `-v` parameter, and provide the appropriate path when prompted by `algo`.
For example, you can specify `-v C:\Users\trailofbits\Documents\VPNs\gce_auth.json:/algo/gce_auth.json`, making the local path to your credentials JSON file `/algo/gce_auth.json`.
### Scripted deployment
Ansible variables (see [Deployment from Ansible](deploy-from-ansible.md)) can be passed via `ALGO_ARGS` environment variable.
_The leading `-e` (or `--extra-vars`) is required_, e.g.
```bash
$ ALGO_ARGS="-e
provider=digitalocean
server_name=algo
ondemand_cellular=false
ondemand_wifi=false
dns_adblocking=true
ssh_tunneling=true
store_pki=true
region=ams3
do_token=token"
$ docker run --cap-drop=all -it \
-e "ALGO_ARGS=$ALGO_ARGS" \
-v /home/trailofbits/Documents/VPNs:/data \
trailofbits/algo:latest
```
## Managing an Algo Server with Docker
Even though the container itself is transient, because you've persisted the configuration data, you can use the same Docker image to manage your Algo server. This is done by setting the environment variable `ALGO_ARGS`.