wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-04-18 23:27:08 +02:00
Code Issues Projects Releases Wiki Activity
983 commits 5 branches 2 tags 10 MiB
Commit graph

983 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jack Ivanov
61729ac9b5
Update client.conf.j2 (#1580) 2019-09-12 12:52:10 +02:00
Nil Admirari
0c3aada66f Support for scripted Docker deployments (#1582) 2019-09-12 12:51:40 +02:00
Nil Admirari
fc27b439b5 Do not copy existing env to Docker image (#1581) 2019-09-12 12:13:38 +02:00
Nian Wang
71e49eb2c8 Add spacing, list format for readability. (#1560) 2019-09-06 10:56:24 +02:00
Squirrel
1ca8ee5554 Generates a password by native module (#1576) 
* use password module to generate password

* fix variable reference

* reduce character set to meet origin design

*  CA and p12 password chanes

- Move the CA_password generation task to the native lookup plugin
- Get rid of unneeded tasks
 2019-09-06 10:55:57 +02:00
Jack Ivanov
c6f45ead69
Allow OnDemand to be toggled later (#1557) 2019-09-06 09:33:36 +02:00
Jack Ivanov
95eddccfb7
EC2: Enable EBS single step encryption by default (#1556) 
* EC2: EBS single step encryption by default

* return back the encryption variable
 2019-08-26 17:25:29 +02:00
Jack Ivanov
3c30074a7f
Revert "More robust use of our virtualenv (#1412)" (#1559) 
This reverts commit 2909107554.
 2019-08-22 12:54:05 +02:00
Jack Ivanov
fe7755e6a0
Allow to unblock smb and netbios in config.cfg (#1558) 2019-08-21 12:03:10 +02:00
John Wesley
fe19859b00 Docker makefile (#1553) 
* makefile for docker deploys

* update docs for makefile
 2019-08-19 15:07:24 +02:00
Jack Ivanov
655729ef54
Update CHANGELOG.md 2019-08-15 15:24:52 +02:00
Julien Bachmann
3dc08c94cf New cloud provider CloudStack (#1420) 
* clean commits from branch cloud-cloudstack w/ proper committer email/name

* fixed ansible-lint errors

* corrected typo in prompted message

* standalone cloudstack zones module

* added missing environment variables

* remove `_cloudstack_zones` default variable

* Move to Ubuntu 19.04

* Update cloud-cloudstack.md

* Update cloud-cloudstack.md

Markdown doesn't render `<your account>`

* Update prompts.yml

* Update main.yml
 2019-08-15 15:23:10 +02:00
James Polley
2909107554 More robust use of our virtualenv (#1412) 
Prior to this change, the script tests if it's running inside a
virtualenv; and if it is, it assumes that it must be inside its own
virtualenv.

This change switches to testing for the activate binary in the
place we expect; and if it's found, using it directly. This avoids
false positives (running the script inside the wrong virtualenv) and
makes sure that we're running inside the right virtualenv.
 2019-08-15 12:31:29 +02:00
Jack Ivanov
211d1b2cab
Google Cloud: remove sshguard (#1548) 
* Google Cloud: remove sshguard

* Remove whitespace
 2019-08-15 09:27:54 +02:00
Jack Ivanov
561afe18f9
Remove WireGuard pki from tmpfs (#1547) 2019-08-13 17:36:07 +02:00
Jack Ivanov
f8ce1f84a2
Update CHANGELOG.md 2019-07-31 17:47:11 +02:00
Jack Ivanov
e8ae7b2341
Update CHANGELOG.md 2019-07-31 17:42:50 +02:00
Jack Ivanov
38d8a6d0e2 Deprecate IKEv2 for Windows (#1521) 
* Windows to WireGuard

* Add note about WireGuard

* change wireguard faq

* Clarify Windows instructions

* Correct Wireguard description

* Update README.md
 2019-07-31 11:28:33 -04:00
dependabot[bot]
ab0f0c00fe Bump ansible from 2.7.10 to 2.7.12 (#1536) 
* Bump ansible from 2.7.10 to 2.7.12

Bumps [ansible](https://github.com/ansible/community) from 2.7.10 to 2.7.12.
- [Release notes](https://github.com/ansible/community/releases)
- [Commits](https://github.com/ansible/community/commits)

Signed-off-by: dependabot[bot] <support@github.com>

* Parse required ansible version
 2019-07-31 10:24:08 -04:00
Jack Ivanov
545ad480a4
Add tags to EC2 encrypted images (#1530) 2019-07-27 15:47:17 +02:00
David Myers
902fdab3a0 Update local install instructions (#1527) 2019-07-22 11:28:23 +02:00
TC1977
37e4f46673 Update deploy-from-ansible.md (#1518) 
Further clarifies that the usage of `-t` is deprecated (other than `--skip-tags`) and using variables is preferred.
 2019-07-14 10:56:43 +02:00
Jack Ivanov
090a60d48d PKI to tmpfs (#1496) 
* PKI to tmpfs

* Fixes
- diskutil to full path
- unmount and eject fixes

* Umount fix

* run diskutil info only on Darwin kernels

* fix shell tasks
 2019-07-10 12:31:25 -04:00
Jack Ivanov
f986811d64
remove pycrypto from the gce role (#1489) 
pycrypto is dead
 2019-07-04 18:00:15 +02:00
Jack Ivanov
0e6554943f
Add default IPv6 routes to the windows powershell script (#1501) 2019-06-24 20:32:08 +02:00
Daniel Néri
14ee323eca Fix outdated task name in DNS role (#1499) 2019-06-24 14:10:20 +02:00
David Myers
f152d3a746 Troubleshooting IPsec NAT issues (#1498) 2019-06-24 10:24:05 +02:00
TC1977
8462f0fb6c Unattended upgrade fixes (#1485) 
* Keep custom dnscrypt-proxy conffile when upgrading

* Unattended upgrade tuning
- Upgrade the 50unattended-upgrades file with latest options
- Keep the common unattended upgrade options in one file
- Enable removing of unused kernels and dependencies to save some space
 2019-06-24 10:23:34 +02:00
Jack Ivanov
6f58093a06
Update azure regions 
Closes #1492
 2019-06-21 16:01:41 +02:00
TC1977
c4cc59998a Update deploy-from-ansible.md (#1487) 
Updated role names and explanations to reflect the removal of Dnsmasq and replacement with dnscrypt-proxy for adblocking.
 2019-06-20 07:06:32 +02:00
Jack Ivanov
22cd8ad814
Update CHANGELOG.md 2019-06-19 18:17:40 +02:00
Jack Ivanov
8602a697cc
dnscrypt-proxy as a dns adblocker (#1480) 
* Move DNS adblocking to dnscrypt-proxy

* Update docs

* remove unneeded variable dnscrypt_proxy_version

* Update to the latest dnscrypt-proxy version

* install.sh fix

* spelling
 2019-06-19 17:31:43 +02:00
rodeodomino
fa5b86961c Adding ipv6 localhost to the listen addresses (#1476) 2019-06-10 18:13:01 +02:00
im-batman
53755d57e3 Update config.cfg default Azure instance (#1474) 2019-06-06 18:06:20 +02:00
Bill Nottingham
4064bc281a Update the Fedora related docs. (#1470) 
* Update the Fedora related docs.

- update for new generated config file locations
- remove reference to no-longer-needed copr
- update package names for further py2 changes in Fedora

* switch back to the default ciphers
 2019-06-06 17:58:31 +02:00
TC1977
baa6efc666 Clarify: CA key must be saved to be able to update users (#1460) 
* Update README.md

* certificate -> key
 2019-06-06 09:45:42 +02:00
Dan Guido
09d70f9934
Create FUNDING.yml 2019-06-05 22:27:00 -04:00
Jack Ivanov
89e2dbde64
Update CHANGELOG.md 2019-06-05 08:33:09 +02:00
elreydetoda
146cbc71ce Adding preshared key support (#1465) 
* adding preshared key generation

* adding preshared folder

* Update client.conf.j2

adding preshared key options

* adding preshared keys to server template

* making sure private preshared is right

* making sure preshared keygen working for main.yml

* changing private to preshared for name

* changing to preshared dir instead of public
 2019-06-05 08:31:16 +02:00
TC1977
ac6b543134 Update deploy-to-unsupported-cloud.md (#1467) 
Future-proofs the "unsupported cloud providers" list.
 2019-06-04 18:03:10 +02:00
TC1977
6b2defe470 Update deploy-from-ansible.md (#1464) 
Merged redundant and contradictory "Local install" instructions.
 2019-06-03 20:08:53 +02:00
Jack Ivanov
fb00d66747
Update Dockerfile (#1466) 2019-06-03 20:08:06 +02:00
Jack Ivanov
498cf46391 Block link-local networks. Block traffic from SSH tunnels to VPN clients (#1458) 2019-06-02 19:01:08 -04:00
Jack Ivanov
2d04f65284
Update CHANGELOG.md 2019-05-30 21:43:12 +02:00
Jack Ivanov
d03eaed7a6
Update CHANGELOG.md 2019-05-30 21:41:31 +02:00
Jack Ivanov
a2fdc509e1
Support for Ubuntu 19.04 (#1405) 
* Ubuntu 19.04

* Azure to 19.04
 2019-05-30 20:57:47 +02:00
TC1977
71c9c16ffe Update EC2 instructions (#1457) 
* Update cloud-amazon-ec2.md

* Add files via upload
 2019-05-30 16:14:45 +02:00
Jack Ivanov
c27aed708a
EC2 eip facts authentication fix (#1454) 
* EC2 eip facts authentication fix

* add region to ec2_eip_facts
 2019-05-30 16:13:48 +02:00
David Myers
98f89adeba Add reference to Fedora docs in README (#1456) 2019-05-30 14:07:22 +02:00
Jack Ivanov
634c609626
Don't set CA facts if IPsec is disabled (#1446) 
* Don't set CA facts if ipsec is disabled

* localhost update-users fix
 2019-05-30 07:20:45 +02:00