wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-08-16 17:53:27 +02:00
Code Issues Projects Releases Wiki Activity
1723 commits 3 branches 2 tags 12 MiB
Commit graph

1723 commits

This branch
This branch
All branches
Author SHA1 Message Date
Quentin Moss
f6cf0e6c01 Update documentation link (#1043) 2018-07-30 10:28:14 -04:00
Quentin Moss
e0c317a958 Update documentation link (#1043) 2018-07-30 10:28:14 -04:00
Fabian Foerg
4307d4298e Run dnsmasq as the dnsmasq user (#1029) 
* Run dnsmasq as the dnsmasq user

There is a task that checks whether the dnsmasq user exists.
However, dnsmasq is configured to run as user "nobody" instead.
This change lets dnsmasq run as user "dnsmasq".

* remove dnsmasq user task
 2018-07-30 09:01:49 -04:00
Fabian Foerg
3ddd0ac30f Run dnsmasq as the dnsmasq user (#1029) 
* Run dnsmasq as the dnsmasq user

There is a task that checks whether the dnsmasq user exists.
However, dnsmasq is configured to run as user "nobody" instead.
This change lets dnsmasq run as user "dnsmasq".

* remove dnsmasq user task
 2018-07-30 09:01:49 -04:00
Quentin Moss
609594ab85 Update troubleshooting docs to include iOS reconnection loop (#1042) 
* Update troubleshooting docs to include iOS reconnection loop

* nits
 2018-07-30 09:01:03 -04:00
Quentin Moss
b88f697b28 Update troubleshooting docs to include iOS reconnection loop (#1042) 
* Update troubleshooting docs to include iOS reconnection loop

* nits
 2018-07-30 09:01:03 -04:00
bghost
5df6943e62 Update PPA for dnscrypt-proxy to 'bionic' (#1039) 2018-07-30 08:56:01 +03:00
bghost
60a99faaf8 Update PPA for dnscrypt-proxy to 'bionic' (#1039) 2018-07-30 08:56:01 +03:00
Mike Myers
9ff16336ee Amazon ec2 documentation (#1035) 
* Add link to documentation on Amazon EC2 setup

* Add images to document the AWS EC2 account setup

* Create AWS EC2 setup instructions

* remove line breaks

* remove line breaks

* Add images documenting AWS EC2 policy creation

* Update image showing advised minimum AWS policy

* Add instructions for minimum AWS permission policy

* Delete aws-ec2-attach-policy.png

* Updated image to reflect new AWS policy guidance

* Delete aws-ec2-new-user-confirm.png

* Updated image to reflect new AWS policy guidance
 2018-07-22 17:58:09 -04:00
Mike Myers
c65961a1f3 Amazon ec2 documentation (#1035) 
* Add link to documentation on Amazon EC2 setup

* Add images to document the AWS EC2 account setup

* Create AWS EC2 setup instructions

* remove line breaks

* remove line breaks

* Add images documenting AWS EC2 policy creation

* Update image showing advised minimum AWS policy

* Add instructions for minimum AWS permission policy

* Delete aws-ec2-attach-policy.png

* Updated image to reflect new AWS policy guidance

* Delete aws-ec2-new-user-confirm.png

* Updated image to reflect new AWS policy guidance
 2018-07-22 17:58:09 -04:00
Jack Ivanov
e1d34daa9b Explicitly allow traffic between clients if enabled (#1028) 2018-07-20 10:31:27 -04:00
Jack Ivanov
ca59eeb5c3 Explicitly allow traffic between clients if enabled (#1028) 2018-07-20 10:31:27 -04:00
Jack Ivanov
b537d60277 Revert "Update dnscrypt-proxy.toml.j2 (#1022)" (#1030) 
This reverts commit e6281bc7df.
 2018-07-20 09:48:59 +03:00
Jack Ivanov
952e759af4
Revert "Update dnscrypt-proxy.toml.j2 (#1022)" (#1030) 
This reverts commit e6281bc7df.
 2018-07-20 09:48:59 +03:00
adamluk
260168bf47 Update dnscrypt-proxy.toml.j2 (#1022) 2018-07-12 17:03:36 +03:00
adamluk
e6281bc7df Update dnscrypt-proxy.toml.j2 (#1022) 2018-07-12 17:03:36 +03:00
TC1977
7d51a6c8a2 Update deploy-to-ubuntu.md (#1019) 
* Update deploy-to-ubuntu.md

rewrite of #813

* Update deploy-to-ubuntu.md
 2018-07-03 10:02:54 -04:00
TC1977
facd55c635 Update deploy-to-ubuntu.md (#1019) 
* Update deploy-to-ubuntu.md

rewrite of #813

* Update deploy-to-ubuntu.md
 2018-07-03 10:02:54 -04:00
Jack Ivanov
e797432424 Move max_mss to config.cfg (#1015) 
* Move max_mss to config.cfg

* Add docs about max_mss

* Update troubleshooting.md
 2018-07-03 09:06:45 +03:00
Jack Ivanov
07a6bbe652
Move max_mss to config.cfg (#1015) 
* Move max_mss to config.cfg

* Add docs about max_mss

* Update troubleshooting.md
 2018-07-03 09:06:45 +03:00
Jack Ivanov
481cef4e65 apt_repository fix (#1017) 2018-07-02 16:33:31 +03:00
Jack Ivanov
d1c58f0d28
apt_repository fix (#1017) 2018-07-02 16:33:31 +03:00
Jack Ivanov
6f93cdf278 New default cipher suite (#991) 
* New ciphers enabled

* Update CHANGELOG.md

* Switch ecparam to secp384r1

* Change CertificateType to ECDSA384
 2018-06-27 11:22:45 -04:00
Jack Ivanov
4ca8c03e3c New default cipher suite (#991) 
* New ciphers enabled

* Update CHANGELOG.md

* Switch ecparam to secp384r1

* Change CertificateType to ECDSA384
 2018-06-27 11:22:45 -04:00
Jack Ivanov
43be479f55 Move DNSCrypt proxy fallback_resolver to systemd resolved (#1011) 2018-06-26 13:11:09 +03:00
Jack Ivanov
b061df6631
Move DNSCrypt proxy fallback_resolver to systemd resolved (#1011) 2018-06-26 13:11:09 +03:00
Mikael Forsgren
9676e0e38f New Google Cloud Region (#1013) 
Added the new Google Cloud Region Finland (europe-north1) with 3 zones
 2018-06-26 13:01:45 +03:00
Mikael Forsgren
2931227db4 New Google Cloud Region (#1013) 
Added the new Google Cloud Region Finland (europe-north1) with 3 zones
 2018-06-26 13:01:45 +03:00
Emir Beganović
2b84bd3ee6 Remove duplicate dict key (enable_ipv6) (#999) 
Warning in yaml file:
` [WARNING]: While constructing a mapping from /root/algo/roles/cloud-scaleway/tasks/main.yml, line 73, column 11, found a duplicate dict key (enable_ipv6). Using last defined value only.`
 2018-06-25 13:40:51 +03:00
Emir Beganović
2f142f6dcc Remove duplicate dict key (enable_ipv6) (#999) 
Warning in yaml file:
` [WARNING]: While constructing a mapping from /root/algo/roles/cloud-scaleway/tasks/main.yml, line 73, column 11, found a duplicate dict key (enable_ipv6). Using last defined value only.`
 2018-06-25 13:40:51 +03:00
TC1977
12d5c7ce0f Update troubleshooting.md (#992) 
Many times people are reaching VPC limits not because they're running other VPCs on AWS, but because they've already deployed several times (AWS allows five VPCs per region). This lets people know they can simply delete their old VPCs instead of contacting AWS support.
 2018-06-04 11:09:01 -04:00
TC1977
6faac307af Update troubleshooting.md (#992) 
Many times people are reaching VPC limits not because they're running other VPCs on AWS, but because they've already deployed several times (AWS allows five VPCs per region). This lets people know they can simply delete their old VPCs instead of contacting AWS support.
 2018-06-04 11:09:01 -04:00
Jack Ivanov
d50073e73b Test fixes 2018-06-01 17:41:30 +03:00
Jack Ivanov
030cb9a830 Test fixes 2018-06-01 17:41:30 +03:00
Jack Ivanov
4ba3d55172 WireGuard: disable SaveConfig, update-users fix (#985) 
- Disables SaveConfig. SaveConfig totally breaks the idea of configuration management and it breaks update-users
- WireGuard update-users fix. Mentioned in https://github.com/trailofbits/algo/issues/980#issuecomment-393720561
 2018-06-01 10:06:03 -04:00
Jack Ivanov
ffb5a1f737 WireGuard: disable SaveConfig, update-users fix (#985) 
- Disables SaveConfig. SaveConfig totally breaks the idea of configuration management and it breaks update-users
- WireGuard update-users fix. Mentioned in https://github.com/trailofbits/algo/issues/980#issuecomment-393720561
 2018-06-01 10:06:03 -04:00
Jack Ivanov
cefbd22b45 TravisCI fixes 2018-05-31 23:08:32 +03:00
Jack Ivanov
d7bce68738 TravisCI fixes 2018-05-31 23:08:32 +03:00
Jack Ivanov
e8dcd01513 Update CHANGELOG.md 2018-05-30 17:17:08 +03:00
Jack Ivanov
16e78087d1
Update CHANGELOG.md 2018-05-30 17:17:08 +03:00
Jack Ivanov
5c577d86ae Update references to 18.04 2018-05-30 17:11:32 +03:00
Jack Ivanov
daca84b640 Update references to 18.04 2018-05-30 17:11:32 +03:00
Jack Ivanov
5f1a733dcc explicit installation of linux headers (#975) 2018-05-29 21:43:06 -07:00
Jack Ivanov
aee043977f explicit installation of linux headers (#975) 2018-05-29 21:43:06 -07:00
Jack Ivanov
9a43a089fd Scaleway: enable ipv6 and switch to local boot (#974) 
- Enables IPv6 on Scaleway
- Adds local boot on scaleway
- Fixes #966
 2018-05-28 12:16:06 -07:00
Jack Ivanov
2d9a36d13a Scaleway: enable ipv6 and switch to local boot (#974) 
- Enables IPv6 on Scaleway
- Adds local boot on scaleway
- Fixes #966
 2018-05-28 12:16:06 -07:00
Jack Ivanov
433874924c Extra line and better DNS configuration for WireGuard (#968) 
- Adds an extra line after the if statement. Jinja2 trims such blocks by default in Ansible. Fixes #965
- More appropriate way to configure DNS servers
- Removes `DNS` option from the wireguard server config
- Fixes dnscrypt-proxy restart
 2018-05-25 10:37:13 -07:00
Jack Ivanov
d56f50180b Extra line and better DNS configuration for WireGuard (#968) 
- Adds an extra line after the if statement. Jinja2 trims such blocks by default in Ansible. Fixes #965
- More appropriate way to configure DNS servers
- Removes `DNS` option from the wireguard server config
- Fixes dnscrypt-proxy restart
 2018-05-25 10:37:13 -07:00
Paul Kehrer
042d6525c5 fix faq entry about cryptography build failure (#967) 2018-05-25 06:02:16 -07:00
Paul Kehrer
b928e4ff06 fix faq entry about cryptography build failure (#967) 2018-05-25 06:02:16 -07:00