wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-08-17 02:03:03 +02:00
Code Issues Projects Releases Wiki Activity
1730 commits 2 branches 2 tags 12 MiB
Commit graph

1730 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jack Ivanov
e8947f318b Large refactor to support Ansible 2.5 (#976) 
* Refactoring, booleans declaration and update users fix

* Make server_name more FQDN compatible

* Rename variables

* Define the default value for store_cakey

* Skip a prompt about the SSH user if deploying to localhost

* Disable reboot for non-cloud deployments

* Enable EC2 volume encryption by default

* Add default server value (localhost) for the local installation

Delete empty files

* Add default region to aws_region_facts

* Update docs

* EC2 credentials fix

* Warnings fix

* Update deploy-from-ansible.md

* Fix a typo

* Remove lightsail from the docs

* Disable EC2 encryption by default

* rename droplet to server

* Disable dependencies

* Disable tls_cipher_suite

* Convert wifi-exclude to a string. Update-users fix

* SSH access congrats fix

* 16.04 > 18.04

* Dont ask for the credentials if specified in the environment vars

* GCE server name fix
 2018-08-27 10:05:45 -04:00
Josh Dimarsky
e3304c8339 Fixed broken link; clarified example docker command (#1064) 2018-08-24 11:42:59 +03:00
Josh Dimarsky
a57a0adf5e Fixed broken link; clarified example docker command (#1064) 2018-08-24 11:42:59 +03:00
Jack Ivanov
c661c76e54 Split up unattended upgrades (#1041) 2018-08-08 00:25:59 -04:00
Jack Ivanov
53d1113881 Split up unattended upgrades (#1041) 2018-08-08 00:25:59 -04:00
David Myers
15b24f79f8 Prevent DNS rebinding (#1049) 2018-08-08 00:25:33 -04:00
David Myers
b86ebe20d7 Prevent DNS rebinding (#1049) 2018-08-08 00:25:33 -04:00
Quentin Moss
f6cf0e6c01 Update documentation link (#1043) 2018-07-30 10:28:14 -04:00
Quentin Moss
e0c317a958 Update documentation link (#1043) 2018-07-30 10:28:14 -04:00
Fabian Foerg
4307d4298e Run dnsmasq as the dnsmasq user (#1029) 
* Run dnsmasq as the dnsmasq user

There is a task that checks whether the dnsmasq user exists.
However, dnsmasq is configured to run as user "nobody" instead.
This change lets dnsmasq run as user "dnsmasq".

* remove dnsmasq user task
 2018-07-30 09:01:49 -04:00
Fabian Foerg
3ddd0ac30f Run dnsmasq as the dnsmasq user (#1029) 
* Run dnsmasq as the dnsmasq user

There is a task that checks whether the dnsmasq user exists.
However, dnsmasq is configured to run as user "nobody" instead.
This change lets dnsmasq run as user "dnsmasq".

* remove dnsmasq user task
 2018-07-30 09:01:49 -04:00
Quentin Moss
609594ab85 Update troubleshooting docs to include iOS reconnection loop (#1042) 
* Update troubleshooting docs to include iOS reconnection loop

* nits
 2018-07-30 09:01:03 -04:00
Quentin Moss
b88f697b28 Update troubleshooting docs to include iOS reconnection loop (#1042) 
* Update troubleshooting docs to include iOS reconnection loop

* nits
 2018-07-30 09:01:03 -04:00
bghost
5df6943e62 Update PPA for dnscrypt-proxy to 'bionic' (#1039) 2018-07-30 08:56:01 +03:00
bghost
60a99faaf8 Update PPA for dnscrypt-proxy to 'bionic' (#1039) 2018-07-30 08:56:01 +03:00
Mike Myers
9ff16336ee Amazon ec2 documentation (#1035) 
* Add link to documentation on Amazon EC2 setup

* Add images to document the AWS EC2 account setup

* Create AWS EC2 setup instructions

* remove line breaks

* remove line breaks

* Add images documenting AWS EC2 policy creation

* Update image showing advised minimum AWS policy

* Add instructions for minimum AWS permission policy

* Delete aws-ec2-attach-policy.png

* Updated image to reflect new AWS policy guidance

* Delete aws-ec2-new-user-confirm.png

* Updated image to reflect new AWS policy guidance
 2018-07-22 17:58:09 -04:00
Mike Myers
c65961a1f3 Amazon ec2 documentation (#1035) 
* Add link to documentation on Amazon EC2 setup

* Add images to document the AWS EC2 account setup

* Create AWS EC2 setup instructions

* remove line breaks

* remove line breaks

* Add images documenting AWS EC2 policy creation

* Update image showing advised minimum AWS policy

* Add instructions for minimum AWS permission policy

* Delete aws-ec2-attach-policy.png

* Updated image to reflect new AWS policy guidance

* Delete aws-ec2-new-user-confirm.png

* Updated image to reflect new AWS policy guidance
 2018-07-22 17:58:09 -04:00
Jack Ivanov
e1d34daa9b Explicitly allow traffic between clients if enabled (#1028) 2018-07-20 10:31:27 -04:00
Jack Ivanov
ca59eeb5c3 Explicitly allow traffic between clients if enabled (#1028) 2018-07-20 10:31:27 -04:00
Jack Ivanov
b537d60277 Revert "Update dnscrypt-proxy.toml.j2 (#1022)" (#1030) 
This reverts commit e6281bc7df.
 2018-07-20 09:48:59 +03:00
Jack Ivanov
952e759af4
Revert "Update dnscrypt-proxy.toml.j2 (#1022)" (#1030) 
This reverts commit e6281bc7df.
 2018-07-20 09:48:59 +03:00
adamluk
260168bf47 Update dnscrypt-proxy.toml.j2 (#1022) 2018-07-12 17:03:36 +03:00
adamluk
e6281bc7df Update dnscrypt-proxy.toml.j2 (#1022) 2018-07-12 17:03:36 +03:00
TC1977
7d51a6c8a2 Update deploy-to-ubuntu.md (#1019) 
* Update deploy-to-ubuntu.md

rewrite of #813

* Update deploy-to-ubuntu.md
 2018-07-03 10:02:54 -04:00
TC1977
facd55c635 Update deploy-to-ubuntu.md (#1019) 
* Update deploy-to-ubuntu.md

rewrite of #813

* Update deploy-to-ubuntu.md
 2018-07-03 10:02:54 -04:00
Jack Ivanov
e797432424 Move max_mss to config.cfg (#1015) 
* Move max_mss to config.cfg

* Add docs about max_mss

* Update troubleshooting.md
 2018-07-03 09:06:45 +03:00
Jack Ivanov
07a6bbe652
Move max_mss to config.cfg (#1015) 
* Move max_mss to config.cfg

* Add docs about max_mss

* Update troubleshooting.md
 2018-07-03 09:06:45 +03:00
Jack Ivanov
481cef4e65 apt_repository fix (#1017) 2018-07-02 16:33:31 +03:00
Jack Ivanov
d1c58f0d28
apt_repository fix (#1017) 2018-07-02 16:33:31 +03:00
Jack Ivanov
6f93cdf278 New default cipher suite (#991) 
* New ciphers enabled

* Update CHANGELOG.md

* Switch ecparam to secp384r1

* Change CertificateType to ECDSA384
 2018-06-27 11:22:45 -04:00
Jack Ivanov
4ca8c03e3c New default cipher suite (#991) 
* New ciphers enabled

* Update CHANGELOG.md

* Switch ecparam to secp384r1

* Change CertificateType to ECDSA384
 2018-06-27 11:22:45 -04:00
Jack Ivanov
43be479f55 Move DNSCrypt proxy fallback_resolver to systemd resolved (#1011) 2018-06-26 13:11:09 +03:00
Jack Ivanov
b061df6631
Move DNSCrypt proxy fallback_resolver to systemd resolved (#1011) 2018-06-26 13:11:09 +03:00
Mikael Forsgren
9676e0e38f New Google Cloud Region (#1013) 
Added the new Google Cloud Region Finland (europe-north1) with 3 zones
 2018-06-26 13:01:45 +03:00
Mikael Forsgren
2931227db4 New Google Cloud Region (#1013) 
Added the new Google Cloud Region Finland (europe-north1) with 3 zones
 2018-06-26 13:01:45 +03:00
Emir Beganović
2b84bd3ee6 Remove duplicate dict key (enable_ipv6) (#999) 
Warning in yaml file:
` [WARNING]: While constructing a mapping from /root/algo/roles/cloud-scaleway/tasks/main.yml, line 73, column 11, found a duplicate dict key (enable_ipv6). Using last defined value only.`
 2018-06-25 13:40:51 +03:00
Emir Beganović
2f142f6dcc Remove duplicate dict key (enable_ipv6) (#999) 
Warning in yaml file:
` [WARNING]: While constructing a mapping from /root/algo/roles/cloud-scaleway/tasks/main.yml, line 73, column 11, found a duplicate dict key (enable_ipv6). Using last defined value only.`
 2018-06-25 13:40:51 +03:00
TC1977
12d5c7ce0f Update troubleshooting.md (#992) 
Many times people are reaching VPC limits not because they're running other VPCs on AWS, but because they've already deployed several times (AWS allows five VPCs per region). This lets people know they can simply delete their old VPCs instead of contacting AWS support.
 2018-06-04 11:09:01 -04:00
TC1977
6faac307af Update troubleshooting.md (#992) 
Many times people are reaching VPC limits not because they're running other VPCs on AWS, but because they've already deployed several times (AWS allows five VPCs per region). This lets people know they can simply delete their old VPCs instead of contacting AWS support.
 2018-06-04 11:09:01 -04:00
Jack Ivanov
d50073e73b Test fixes 2018-06-01 17:41:30 +03:00
Jack Ivanov
030cb9a830 Test fixes 2018-06-01 17:41:30 +03:00
Jack Ivanov
4ba3d55172 WireGuard: disable SaveConfig, update-users fix (#985) 
- Disables SaveConfig. SaveConfig totally breaks the idea of configuration management and it breaks update-users
- WireGuard update-users fix. Mentioned in https://github.com/trailofbits/algo/issues/980#issuecomment-393720561
 2018-06-01 10:06:03 -04:00
Jack Ivanov
ffb5a1f737 WireGuard: disable SaveConfig, update-users fix (#985) 
- Disables SaveConfig. SaveConfig totally breaks the idea of configuration management and it breaks update-users
- WireGuard update-users fix. Mentioned in https://github.com/trailofbits/algo/issues/980#issuecomment-393720561
 2018-06-01 10:06:03 -04:00
Jack Ivanov
cefbd22b45 TravisCI fixes 2018-05-31 23:08:32 +03:00
Jack Ivanov
d7bce68738 TravisCI fixes 2018-05-31 23:08:32 +03:00
Jack Ivanov
e8dcd01513 Update CHANGELOG.md 2018-05-30 17:17:08 +03:00
Jack Ivanov
16e78087d1
Update CHANGELOG.md 2018-05-30 17:17:08 +03:00
Jack Ivanov
5c577d86ae Update references to 18.04 2018-05-30 17:11:32 +03:00
Jack Ivanov
daca84b640 Update references to 18.04 2018-05-30 17:11:32 +03:00
Jack Ivanov
5f1a733dcc explicit installation of linux headers (#975) 2018-05-29 21:43:06 -07:00