wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-06-06 23:24:01 +02:00
Code Issues Projects Releases Wiki Activity

README fixes

Browse source
This commit is contained in:
Jack Ivanov 2016-09-19 20:02:25 +03:00
parent 6441f2186b
commit 69e7f1e5dc
2 changed files with 83 additions and 75 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

81
ADVANCED.md Normal file
View file

@ -0,0 +1,81 @@
### Cloud Providers
**digitalocean**
*Requirement variables:*
- do_access_token
- do_ssh_name
- do_server_name
- do_region
*Possible regions:*
- ams2
- ams3
- fra1
- lon1
- nyc1
- nyc2
- nyc3
- sfo1
- sfo2
- sgp1
- tor1
- blr1
**gce**
*Requirement variables:*
- credentials_file
- server_name
- ssh_public_key
- zone
*Possible zones:*
- us-central1-a
- us-central1-b
- us-central1-c
- us-central1-f
- us-east1-b
- us-east1-c
- us-east1-d
- europe-west1-b
- europe-west1-c
- europe-west1-d
- asia-east1-a
- asia-east1-b
- asia-east1-c
**ec2**
*Requirement variables:*
- aws_access_key
- aws_secret_key
- aws_server_name
- ssh_public_key
- region
*Possible regions:*
- us-east-1
- us-west-1
- us-west-2
- ap-south-1
- ap-northeast-2
- ap-southeast-1
- ap-southeast-2
- ap-northeast-1
- eu-central-1
- eu-west-1
- sa-east-1
**local installation**
*Requirement variables:*
- server_ip
- server_user
- IP_subject
### Deployment
Start the deploy with extra variables and tags that you need.
Example for DigitalOcean:
```
ansible-playbook deploy.yml -t digitalocean,vpn -e 'do_access_token=secret_token_abc do_ssh_name=my_ssh_key do_server_name=algo.local do_region=ams2'
```

77
README.md
View file

@ -87,78 +87,6 @@ Ansible scripts are organized into roles. The roles used by Algo are described i
- role: security, tags: security
- role: ssh_tunneling, tags: ssh_tunneling
### Cloud Providers
**digitalocean**
*Requirement variables:*
- do_access_token
- do_ssh_name
- do_server_name
- do_region
*Possible regions:*
- ams2
- ams3
- fra1
- lon1
- nyc1
- nyc2
- nyc3
- sfo1
- sfo2
- sgp1
- tor1
- blr1
**gce**
*Requirement variables:*
- credentials_file
- server_name
- ssh_public_key
- zone
*Possible zones:*
- us-central1-a
- us-central1-b
- us-central1-c
- us-central1-f
- us-east1-b
- us-east1-c
- us-east1-d
- europe-west1-b
- europe-west1-c
- europe-west1-d
- asia-east1-a
- asia-east1-b
- asia-east1-c
**ec2**
*Requirement variables:*
- aws_access_key
- aws_secret_key
- aws_server_name
- ssh_public_key
- region
*Possible regions:*
- us-east-1
- us-west-1
- us-west-2
- ap-south-1
- ap-northeast-2
- ap-southeast-1
- ap-southeast-2
- ap-northeast-1
- eu-central-1
- eu-west-1
- sa-east-1
**local installation**
*Requirement variables:*
- server_ip
- server_user
- IP_subject
### Cloud Deployment
To install the dependencies on OS X or Linux:
@ -170,11 +98,10 @@ sudo pip install -r requirements.txt
Open the file `config.cfg` in your favorite text editor. Specify the users you wish to create in the `users` list.
Start the deploy with extra variables and tags that you need.
Example for DigitalOcean:
Start the deploy and follow the instructions:
```
ansible-playbook deploy.yml -t digitalocean,vpn -e 'do_access_token=secret_token do_ssh_name=my_ssh_key do_server_name=algo.local do_region=ams2'
./algo
```
When the process is done, you can find `.mobileconfig` files and certificates in the `configs` directory. Send the `.mobileconfig` profile to users with Apple devices. Note that profile installation is supported over AirDrop. Do not send the mobileconfig file over plaintext (e.g., e-mail) since it contains the keys to access the VPN. For those using other clients, like Windows or Android, securely send them the X.509 certificates for the server and their user.