mirror of
https://github.com/trailofbits/algo.git
synced 2025-06-06 15:13:56 +02:00
parent
b526f73881
commit
d6a1fb91bd
4 changed files with 30 additions and 28 deletions
18
input.yml
18
input.yml
|
@ -26,7 +26,7 @@
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- block:
|
- block:
|
||||||
- name: Region prompt
|
- name: Cloud prompt
|
||||||
pause:
|
pause:
|
||||||
prompt: |
|
prompt: |
|
||||||
What provider would you like to use?
|
What provider would you like to use?
|
||||||
|
@ -122,11 +122,11 @@
|
||||||
{{ _server | regex_replace('(?!\.)(\W|_)', '-') }}
|
{{ _server | regex_replace('(?!\.)(\W|_)', '-') }}
|
||||||
algo_ondemand_cellular: >-
|
algo_ondemand_cellular: >-
|
||||||
{% if ondemand_cellular is defined %}{{ ondemand_cellular | bool }}
|
{% if ondemand_cellular is defined %}{{ ondemand_cellular | bool }}
|
||||||
{%- elif _ondemand_cellular.user_input %}{{ booleans_map[_ondemand_cellular.user_input] | default(defaults['ondemand_cellular']) }}
|
{%- elif _ondemand_cellular.user_input is defined %}{{ booleans_map[_ondemand_cellular.user_input] | default(defaults['ondemand_cellular']) }}
|
||||||
{%- else %}false{% endif %}
|
{%- else %}false{% endif %}
|
||||||
algo_ondemand_wifi: >-
|
algo_ondemand_wifi: >-
|
||||||
{% if ondemand_wifi is defined %}{{ ondemand_wifi | bool }}
|
{% if ondemand_wifi is defined %}{{ ondemand_wifi | bool }}
|
||||||
{%- elif _ondemand_wifi.user_input %}{{ booleans_map[_ondemand_wifi.user_input] | default(defaults['ondemand_wifi']) }}
|
{%- elif _ondemand_wifi.user_input is defined %}{{ booleans_map[_ondemand_wifi.user_input] | default(defaults['ondemand_wifi']) }}
|
||||||
{%- else %}false{% endif %}
|
{%- else %}false{% endif %}
|
||||||
algo_ondemand_wifi_exclude: >-
|
algo_ondemand_wifi_exclude: >-
|
||||||
{% if ondemand_wifi_exclude is defined %}{{ ondemand_wifi_exclude | b64encode }}
|
{% if ondemand_wifi_exclude is defined %}{{ ondemand_wifi_exclude | b64encode }}
|
||||||
|
@ -135,19 +135,19 @@
|
||||||
{%- else %}{{ '_null' | b64encode }}{% endif %}
|
{%- else %}{{ '_null' | b64encode }}{% endif %}
|
||||||
algo_local_dns: >-
|
algo_local_dns: >-
|
||||||
{% if local_dns is defined %}{{ local_dns | bool }}
|
{% if local_dns is defined %}{{ local_dns | bool }}
|
||||||
{%- elif _local_dns.user_input %}{{ booleans_map[_local_dns.user_input] | default(defaults['local_dns']) }}
|
{%- elif _local_dns.user_input is defined %}{{ booleans_map[_local_dns.user_input] | default(defaults['local_dns']) }}
|
||||||
{%- else %}false{% endif %}
|
{%- else %}false{% endif %}
|
||||||
algo_ssh_tunneling: >-
|
algo_ssh_tunneling: >-
|
||||||
{% if ssh_tunneling is defined %}{{ ssh_tunneling | bool }}
|
{% if ssh_tunneling is defined %}{{ ssh_tunneling | bool }}
|
||||||
{%- elif _ssh_tunneling.user_input %}{{ booleans_map[_ssh_tunneling.user_input] | default(defaults['ssh_tunneling']) }}
|
{%- elif _ssh_tunneling.user_input is defined %}{{ booleans_map[_ssh_tunneling.user_input] | default(defaults['ssh_tunneling']) }}
|
||||||
{%- else %}false{% endif %}
|
{%- else %}false{% endif %}
|
||||||
algo_windows: >-
|
algo_windows: >-
|
||||||
{% if windows is defined %}{{ windows | bool }}
|
{% if windows is defined %}{{ windows | bool }}
|
||||||
{%- elif _windows.user_input %}{{ booleans_map[_windows.user_input] | default(defaults['windows']) }}
|
{%- elif _windows.user_input is defined %}{{ booleans_map[_windows.user_input] | default(defaults['windows']) }}
|
||||||
{%- else %}false{% endif %}
|
{%- else %}false{% endif %}
|
||||||
algo_store_cakey: >-
|
algo_store_cakey: >-
|
||||||
{% if store_cakey is defined %}{{ store_cakey | bool }}
|
{% if ipsec_enabled %}{%- if store_cakey is defined %}{{ store_cakey | bool }}
|
||||||
{%- elif _store_cakey.user_input %}{{ booleans_map[_store_cakey.user_input] | default(defaults['store_cakey']) }}
|
{%- elif _store_cakey.user_input is defined %}{{ booleans_map[_store_cakey.user_input] | default(defaults['store_cakey']) }}
|
||||||
{%- else %}false{% endif %}
|
{%- else %}false{% endif %}{% endif %}
|
||||||
rescue:
|
rescue:
|
||||||
- include_tasks: playbooks/rescue.yml
|
- include_tasks: playbooks/rescue.yml
|
||||||
|
|
|
@ -4,12 +4,14 @@
|
||||||
shell: >
|
shell: >
|
||||||
./algo-showenv.sh \
|
./algo-showenv.sh \
|
||||||
'algo_provider "{{ algo_provider }}"' \
|
'algo_provider "{{ algo_provider }}"' \
|
||||||
|
{% if ipsec_enabled %}
|
||||||
'algo_ondemand_cellular "{{ algo_ondemand_cellular }}"' \
|
'algo_ondemand_cellular "{{ algo_ondemand_cellular }}"' \
|
||||||
'algo_ondemand_wifi "{{ algo_ondemand_wifi }}"' \
|
'algo_ondemand_wifi "{{ algo_ondemand_wifi }}"' \
|
||||||
'algo_ondemand_wifi_exclude "{{ algo_ondemand_wifi_exclude }}"' \
|
'algo_ondemand_wifi_exclude "{{ algo_ondemand_wifi_exclude }}"' \
|
||||||
|
'algo_windows "{{ algo_windows }}"' \
|
||||||
|
{% endif %}
|
||||||
'algo_local_dns "{{ algo_local_dns }}"' \
|
'algo_local_dns "{{ algo_local_dns }}"' \
|
||||||
'algo_ssh_tunneling "{{ algo_ssh_tunneling }}"' \
|
'algo_ssh_tunneling "{{ algo_ssh_tunneling }}"' \
|
||||||
'algo_windows "{{ algo_windows }}"' \
|
|
||||||
'wireguard_enabled "{{ wireguard_enabled }}"' \
|
'wireguard_enabled "{{ wireguard_enabled }}"' \
|
||||||
'dns_encryption "{{ dns_encryption }}"' \
|
'dns_encryption "{{ dns_encryption }}"' \
|
||||||
> /dev/tty
|
> /dev/tty
|
||||||
|
|
|
@ -13,21 +13,21 @@
|
||||||
{%- elif _algo_server.user_input %}{{ _algo_server.user_input }}
|
{%- elif _algo_server.user_input %}{{ _algo_server.user_input }}
|
||||||
{%- else %}localhost{% endif %}
|
{%- else %}localhost{% endif %}
|
||||||
|
|
||||||
- pause:
|
- block:
|
||||||
prompt: |
|
- pause:
|
||||||
What user should we use to login on the server? (note: passwordless login required, or ignore if you're deploying to localhost)
|
prompt: |
|
||||||
[root]
|
What user should we use to login on the server? (note: passwordless login required, or ignore if you're deploying to localhost)
|
||||||
register: _algo_ssh_user
|
[root]
|
||||||
when:
|
register: _algo_ssh_user
|
||||||
- ssh_user is undefined
|
when: ssh_user is undefined
|
||||||
- cloud_instance_ip != "localhost"
|
|
||||||
|
|
||||||
- name: Set the facts
|
- name: Set the facts
|
||||||
set_fact:
|
set_fact:
|
||||||
ansible_ssh_user: >-
|
ansible_ssh_user: >-
|
||||||
{% if ssh_user is defined %}{{ ssh_user }}
|
{% if ssh_user is defined %}{{ ssh_user }}
|
||||||
{%- elif _algo_ssh_user.user_input %}{{ _algo_ssh_user.user_input }}
|
{%- elif _algo_ssh_user.user_input %}{{ _algo_ssh_user.user_input }}
|
||||||
{%- else %}root{% endif %}
|
{%- else %}root{% endif %}
|
||||||
|
when: cloud_instance_ip != "localhost"
|
||||||
|
|
||||||
- pause:
|
- pause:
|
||||||
prompt: |
|
prompt: |
|
||||||
|
|
|
@ -40,6 +40,10 @@
|
||||||
{%- elif _ca_password.user_input %}{{ _ca_password.user_input }}
|
{%- elif _ca_password.user_input %}{{ _ca_password.user_input }}
|
||||||
{%- else %}omit{% endif %}
|
{%- else %}omit{% endif %}
|
||||||
|
|
||||||
|
- name: Local pre-tasks
|
||||||
|
import_tasks: playbooks/cloud-pre.yml
|
||||||
|
become: false
|
||||||
|
|
||||||
- name: Add the server to the vpn-host group
|
- name: Add the server to the vpn-host group
|
||||||
add_host:
|
add_host:
|
||||||
name: "{{ algo_server }}"
|
name: "{{ algo_server }}"
|
||||||
|
@ -61,10 +65,6 @@
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- block:
|
- block:
|
||||||
- name: Local pre-tasks
|
|
||||||
import_tasks: playbooks/cloud-pre.yml
|
|
||||||
become: false
|
|
||||||
|
|
||||||
- import_role:
|
- import_role:
|
||||||
name: common
|
name: common
|
||||||
|
|
||||||
|
|
Loading…
Add table
Reference in a new issue