* Add documentation on how to setup GCE accounts
This commit adds the steps needed to create a credential with the needed access on Google Cloud Platform to be able to successfully create a new algo VPN.
Related to:
- https://github.com/trailofbits/algo/issues/682
- https://github.com/trailofbits/algo/issues/658
* Adds links on main README to GCP
* Adds link to Ansible documentation
* Update cloud-gce.md
* Add documentation on how to setup GCE accounts
This commit adds the steps needed to create a credential with the needed access on Google Cloud Platform to be able to successfully create a new algo VPN.
Related to:
- https://github.com/trailofbits/algo/issues/682
- https://github.com/trailofbits/algo/issues/658
* Adds links on main README to GCP
* Adds link to Ansible documentation
* Update cloud-gce.md
* Allow more flexible DNSCrypt configuration
* Correct permissions on files changed in #1120
I'm not sure why using BBEdit over SMB makes every file executable.
* Put the public resolvers cache file in /tmp.
* Allow more flexible DNSCrypt configuration
* Correct permissions on files changed in #1120
I'm not sure why using BBEdit over SMB makes every file executable.
* Put the public resolvers cache file in /tmp.
This is to better document the "encryption" flag for those who are interested in full disk encryption on AWS. Recently on running the script, I also found the minimum permissions documented at https://github.com/trailofbits/algo/blob/master/docs/deploy-from-ansible.md weren't enough; "ec2:CopyImage" is also required. Not sure if you'd rather have this documented in the AWS docs instead, and not sure if you want "ec2:CopyImage" added to the default minimum required permissions. I can do either if you'd prefer.
This is to better document the "encryption" flag for those who are interested in full disk encryption on AWS. Recently on running the script, I also found the minimum permissions documented at https://github.com/trailofbits/algo/blob/master/docs/deploy-from-ansible.md weren't enough; "ec2:CopyImage" is also required. Not sure if you'd rather have this documented in the AWS docs instead, and not sure if you want "ec2:CopyImage" added to the default minimum required permissions. I can do either if you'd prefer.
The spacing of several lines in the congrats message has been off. Here's the congrats output with this fix:
```
ok: [54.85.244.8] => {
"msg": [
[
"\"# Congratulations! #\"",
"\"# Your Algo server is running. #\"",
"\"# Config files and certificates are in the ./configs/ directory. #\"",
"\"# Go to https://whoer.net/ after connecting #\"",
"\"# and ensure that all your traffic passes through the VPN. #\"",
"\"# Local DNS resolver 172.16.0.1 #\"",
""
],
" \"# The p12 and SSH keys password for new users is CR2qzRcA #\"\n",
" \"# The CA key password is ed0fd57e7d355af08d12ccdbfd3f5931 #\"\n",
" \"# Shell access: ssh -i configs/algo.pem ubuntu@54.85.244.8 #\"\n"
]
}
```
The spacing of several lines in the congrats message has been off. Here's the congrats output with this fix:
```
ok: [54.85.244.8] => {
"msg": [
[
"\"# Congratulations! #\"",
"\"# Your Algo server is running. #\"",
"\"# Config files and certificates are in the ./configs/ directory. #\"",
"\"# Go to https://whoer.net/ after connecting #\"",
"\"# and ensure that all your traffic passes through the VPN. #\"",
"\"# Local DNS resolver 172.16.0.1 #\"",
""
],
" \"# The p12 and SSH keys password for new users is CR2qzRcA #\"\n",
" \"# The CA key password is ed0fd57e7d355af08d12ccdbfd3f5931 #\"\n",
" \"# Shell access: ssh -i configs/algo.pem ubuntu@54.85.244.8 #\"\n"
]
}
```
