wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-06-06 15:13:56 +02:00
Code Issues Projects Releases Wiki Activity

Add lightweight ad-blocking to the proxy #14

Browse source
This commit is contained in:
jack 2016-07-30 22:58:24 +03:00
parent 45b9bba5e1
commit 2648ccdc18
4 changed files with 45 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
common.yml
View file

@ -73,6 +73,8 @@
- rsyslog - rsyslog
- sendmail - sendmail
- unattended-upgrades - unattended-upgrades
- privoxy
- iptables-persistent
- name: Unattended-upgrades configured - name: Unattended-upgrades configured
template: src=50unattended-upgrades.j2 dest=/etc/apt/apt.conf.d/50unattended-upgrades owner=root group=root mode=644 template: src=50unattended-upgrades.j2 dest=/etc/apt/apt.conf.d/50unattended-upgrades owner=root group=root mode=644

4
config.cfg
View file

@ -13,10 +13,6 @@ easyrsa_reinit_existent: False
server_name: example.com server_name: example.com
server_ip: "{{ ansible_ssh_host }}" server_ip: "{{ ansible_ssh_host }}"
# specify users that you need
server_name: www.ivlis.me
server_ip: "{{ ansible_ssh_host }}"
users: users:
- mr.smith - mr.smith
- mrs.smith - mrs.smith

33
features.yml Normal file
View file

@ -0,0 +1,33 @@
---
- name: Other features
hosts: vpn-host
gather_facts: false
remote_user: root
vars_files:
- config.cfg
tasks:
- name: Loopback for services configured
template: src=10-loopback-services.cfg.j2 dest=/etc/network/interfaces.d/10-loopback-services.cfg
- name: Loopback included into the network config
lineinfile: dest=/etc/network/interfaces line='source /etc/network/interfaces.d/10-loopback-services.cfg' state=present
- name: Loopback is running
shell: ifdown lo:100 && ifup lo:100
# Privoxy
- name: Privoxy configured
template: src=privoxy_config.j2 dest=/etc/privoxy/config
notify:
- restart privoxy
- name: Privoxy enabled and started
service: name=privoxy state=started enabled=yes
handlers:
- name: restart privoxy
service: name=privoxy state=restarted

6
vpn.yml
View file

@ -25,9 +25,12 @@
with_items: with_items:
- apparmor - apparmor
- strongswan - strongswan
- netfilter-persistent
- name: Configure iptables so IPSec traffic can traverse the tunnel - name: Configure iptables so IPSec traffic can traverse the tunnel
iptables: table=nat chain=POSTROUTING source=10.0.0.0/24 jump=MASQUERADE iptables: table=nat chain=POSTROUTING source=10.0.0.0/24 jump=MASQUERADE
notify:
- save iptables
- name: Setup the ipsec.conf file from our template - name: Setup the ipsec.conf file from our template
template: src=ipsec.conf.j2 dest=/etc/ipsec.conf owner=root group=root mode=644 template: src=ipsec.conf.j2 dest=/etc/ipsec.conf owner=root group=root mode=644
@ -148,3 +151,6 @@
- name: restart apparmor - name: restart apparmor
service: name=apparmor state=restarted service: name=apparmor state=restarted
- name: save iptables
command: service netfilter-persistent save