wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-08-14 08:43:01 +02:00
Code Issues Projects Releases Wiki Activity
868 commits 4 branches 2 tags 12 MiB
Commit graph

868 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jack Ivanov
d50073e73b Test fixes 2018-06-01 17:41:30 +03:00
Jack Ivanov
4ba3d55172 WireGuard: disable SaveConfig, update-users fix (#985) 
- Disables SaveConfig. SaveConfig totally breaks the idea of configuration management and it breaks update-users
- WireGuard update-users fix. Mentioned in https://github.com/trailofbits/algo/issues/980#issuecomment-393720561
 2018-06-01 10:06:03 -04:00
Jack Ivanov
cefbd22b45 TravisCI fixes 2018-05-31 23:08:32 +03:00
Jack Ivanov
e8dcd01513 Update CHANGELOG.md 2018-05-30 17:17:08 +03:00
Jack Ivanov
5c577d86ae Update references to 18.04 2018-05-30 17:11:32 +03:00
Jack Ivanov
5f1a733dcc explicit installation of linux headers (#975) 2018-05-29 21:43:06 -07:00
Jack Ivanov
9a43a089fd Scaleway: enable ipv6 and switch to local boot (#974) 
- Enables IPv6 on Scaleway
- Adds local boot on scaleway
- Fixes #966
 2018-05-28 12:16:06 -07:00
Jack Ivanov
433874924c Extra line and better DNS configuration for WireGuard (#968) 
- Adds an extra line after the if statement. Jinja2 trims such blocks by default in Ansible. Fixes #965
- More appropriate way to configure DNS servers
- Removes `DNS` option from the wireguard server config
- Fixes dnscrypt-proxy restart
 2018-05-25 10:37:13 -07:00
Paul Kehrer
042d6525c5 fix faq entry about cryptography build failure (#967) 2018-05-25 06:02:16 -07:00
Jack Ivanov
d4a50c687e Add WireGuard support for Android (#910) 
* WireGuard Implementation

* Update client-android.md

* Update README.md

* WireGuard unattended upgrades

* Update README.md

* reload-module-on-update and syntax fix

* SaveConfig to true

* Azure firewall. Fixes #962

* Update README.md

* Update client-android.md
 2018-05-24 08:15:27 -07:00
Jack Ivanov
9959eab0db Ubuntu1804 (#925) 
- Fixes #897 #944 #956

Work in progress. Lightsail is not ready for Ubuntu 18.04 yet

- [x] DigitalOcean
~~- [ ] Amazon Lightsail~~
- [x] Amazon EC2
- [x] Microsoft Azure
- [x] Google Compute Engine
- [x] Scaleway
- [x] OpenStack (DreamCompute optimised)
 2018-05-24 07:08:14 -07:00
Evgeny Aleksandrov
0df4314a4f Remove algo_params (#961) 2018-05-24 09:01:26 +03:00
Evgeny Aleksandrov
7ad53dbb13 Fix typo (#960) 2018-05-24 09:00:38 +03:00
Stijn Balk
9cb796ac95 Update GCP regions (#957) 
* Update GCP regions according to https://cloud.google.com/compute/docs/regions-zones/

* Update GCP regions according to https://cloud.google.com/compute/docs/regions-zones/

* set default back to belgium B
 2018-05-23 09:17:10 -07:00
Alexey Bogomolov
93c98d85d4 fix requirements.txt SecretStorage version (#914) 
Related to issue #877. Latest SecretStorage build requires Python '>=3.5' but Algo is running on Python 2
 2018-05-18 12:35:56 +03:00
Jack Ivanov
5c276a77f2 Move to LXD (#935) 2018-05-10 09:03:05 +03:00
TC1977
42e4fe0ff3 Update config.cfg (#936) 
Fix typos - this puzzled me when I was attempting to install algo with dnscrypt last week.
 2018-05-09 13:14:31 -07:00
pguizeline
0244cb3150 Fix line spacing to improve readability (#932) 
Keeping the organized spacing
 2018-05-09 11:25:14 -07:00
pguizeline
f8bd91141a Update README.md (#931) 
- Adds missing providers to the documentation with links.
- Mentions that your own server install needs to be an Ubuntu 16.04 LTS distro
- Emphasize that the p12 certificate password will only be available once
 2018-05-08 13:57:21 -07:00
Jack Ivanov
13e73757c0 IPv6 fixes (#930) 2018-05-08 13:55:17 -07:00
pguizeline
65c3b9bbaa Add new Azure locations (#929) 
Reorganized and added new locations.
https://azure.microsoft.com/en-us/global-infrastructure/locations/
https://azure.microsoft.com/en-us/global-infrastructure/services/
 2018-05-08 13:07:27 -07:00
pguizeline
e10b377b6a Add new EC2 regions (#928) 
Adds new EC2 regions according to:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions
 2018-05-08 13:07:06 -07:00
Jack Ivanov
e32dde1924 Increase SSH retries (#909) 2018-05-03 16:04:39 +03:00
Jack Ivanov
5060b53a23 Typo 2018-04-30 09:29:43 +03:00
Brian Hulette
4685f17651 Don't download minisig dnscrypt release (#905) 2018-04-29 10:32:10 -07:00
adamluk
9a6b43e8b8 Update dnscrypt-proxy.toml.j2 (#899) 
Updated dnscrypt-proxy.tml with new options: cache_neg_min_ttl and cache_neg_max_ttl
 2018-04-27 07:29:29 -07:00
Jack Ivanov
a2fac7409a DNS-crypt changelog 2018-04-27 10:06:51 +03:00
Dan Guido
12d0365b0a monkey patch problematic dnscrypt-proxy cgroup limits (#894) 2018-04-25 15:32:50 -07:00
Jack Ivanov
36f0e30930 DNS-over-HTTPS (#875) 2018-04-25 12:27:58 -07:00
Steven Crossan
3a46aab494 Update DO doc link in README.md (#890) 2018-04-24 19:42:23 -07:00
Jack Ivanov
cc4319e3e7 Add ipv6 address to subjectAltName if supported (#881) 
CHANGELOG

Some changes

Some changes
 2018-04-23 16:06:34 -07:00
Matt Behrens
a8b64af7f9 skip virtualenv check if already activated (#863) 
This allows the user to choose their virtualenv method, e.g.
[Pipenv](https://docs.pipenv.org/).
 2018-04-23 16:03:24 -07:00
Cat Jones
1a5837023c adds DigitalOcean documentation (#869) 2018-04-23 15:58:40 -07:00
iliyan jeliazkov
fdca5a6d9a Updating the language of the instructions (#880) 2018-04-18 22:10:03 -04:00
Anton T Johansson
12e917ed3a Fixed path in Network Manager section (#860) 
"configs" directory missing in paths.
 2018-03-29 17:33:18 -04:00
Micah R Ledbetter
a0a2346077 Add a workaround for disabling DNS filtering to the FAQ (#852) 
* Add a workaround for disabling DNS filtering to the FAQ

* Update faq.md
 2018-03-28 11:24:20 -07:00
Micah R Ledbetter
0e1cfa301f Embed certs into Windows deployment scripts (#840) 
- Obviate need to copy separate script and certificate files
- Allow execution from any directory, not just the script's parent
  directory (no assumption of any particular working directory)
- Fix docs that neglected to mention copying cacert.pem
- Fix docs that incorrectly referred to the user cert store

As part of this work, rewrite the windows_client.ps1.j2 deployment
script template

- Add comment-based help
- Require admin privileges
- Use a Param() block
- Use parameter sets with -Add and -Remove switches
- Add the -GetInstalledCerts switch, to list any Algo certificates
  installed the machine's cert store
- Add the -SaveCerts switch, to save the embedded certificates to files
- Put Jinja2 variables inside Powershell variables,
- Use native Powershell cmdlets rather than shell out to certutil.exe
- Add a playbook to regenerate the windows_USER.ps1 scripts
 2018-03-28 11:20:43 -07:00
Micah R Ledbetter
f7be150f3b Add FAQ entry regarding IPSEC backdoor (#460) (#853) 2018-03-28 11:20:17 -07:00
Micah R Ledbetter
a34401525a Document iptables rules (#854) 
* Remove firewall rule related to the old proxy role

* Remove proxy conditionals from mobileconfig template

* Add comments explaining firewall rules
 2018-03-28 11:17:56 -07:00
Arun John Kuruvilla
88b419e12b Removed ssh_public_key variable for AWS. Issue #773 (#817) 2018-03-27 21:53:13 +03:00
Utkan Gezer
541e14389e Multi-line virtualenv setup script (#829) 
Changed the single-line virtualenv setup script into multi-line one. Should be equivalent to what it was before, and now viewable/copy-able without scrolling.
 2018-03-27 21:50:50 +03:00
Jack Ivanov
32e8a2dde0 TravisCI tests 2018-03-27 19:46:10 +03:00
Jack Ivanov
6917bf73fe More debug for travis 2018-03-27 19:28:48 +03:00
Jack Ivanov
4a5f01075f Warn about local installation 2018-03-27 19:10:59 +03:00
Jack Ivanov
285ce55da1 More debug for travis-ci 2018-03-27 19:04:42 +03:00
Rob
7fef83f2e9 Update client-android.md (#842) 
* Update client-android.md

Changed Installation via profiles sections - Opening the helper html file in Chrome (v65.0.3325.109 on Android 6.0.1) does not work correctly.

* Update client-android.md

* Update client-android.md
 2018-03-22 09:26:50 -04:00
Jack Ivanov
cefd42d0ae Android: add the CA and set the ciphers explicitly (#837) 2018-03-19 12:05:30 -04:00
Jack Ivanov
8a578cbd00 Exclude CA from P12 (#835) 2018-03-17 17:16:22 -04:00
Damian Gerow
390de05e7f Creates a Docker container to run algo (#331) 
* Creates a Docker container to run algo

* Simplistic testing of the Docker image

This simply uses the same LXC system that was just tested.
It's functional, but minimal.

* More thorough tests against Docker

This doubles the number of LXC containers in use,
but does provide a more thorough test of the Docker
image.
 2018-03-16 16:38:53 -04:00
Jack Ivanov
85b67df7fb Update ISSUE_TEMPLATE.md 2018-03-16 21:02:11 +03:00