wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-07-23 14:03:01 +02:00
Code Issues Projects Releases Wiki Activity
algo/docs/deploy-to-ubuntu.md
TC1977 45aa0065cd Documentation updates (#1607) 
* update variable name to store_pki

* Document BetweenClients_DROP

* Update README.md

* Update faq.md

* VPN On Demand is for Apple IPSEC clients only

* How to update users from cloud-init

* How to monitor user activity

* Fix typo

* Update FAQ about WireGuard, fix typos

* Correct locations of install log and user configs

* Update-users from cloud-init

* Update features list

* More "IPsec" and "WireGuard" changes

* fixed broken link/absent link in FAQ

* Python version README fix for #1622

* road warrior instructions

* Update index.md

* Reorganize config.cfg

As per @davidemyers suggestions

* Further config changes

As per feedback, also better explanation of keys_clean_all

* Add road warrior instructions to FAQ

* Remove specific ports from RW instructions
2019-12-10 19:23:18 +01:00

1.9 KiB
Raw Blame History

Local Installation

You can use Algo to configure a pre-existing server as an AlgoVPN rather than using it to create and configure a new server on a supported cloud provider. This is referred to as a local installation rather than a cloud deployment.

Install the Algo scripts following the normal installation instructions, then choose:

Install to existing Ubuntu 18.04, 19.04, or 19.10 server (Advanced)

Make sure your target server is running an unmodified copy of the operating system version specified. The target can be the same system where you've installed the Algo scripts, or a remote system that you are able to access as root via SSH without needing to enter the SSH key passphrase (such as when using ssh-agent).

Road Warrior setup

Some may find it useful to set up an Algo server on an Ubuntu box on your home LAN, with the intention of being able to securely access your LAN and any resources on it when you're traveling elsewhere (the "road warrior" setup). A few tips if you're doing so:

  • Make sure you forward any relevant incoming ports to the Algo server from your router;
  • Change BetweenClients_DROP in config.cfg to false, and also consider changing block_smb and block_netbios to false;
  • If you want to use a DNS server on your LAN to resolve local domain names properly (e.g. a Pi-hole), set the dns_encryption flag in config.cfg to false, and change dns_servers to the local DNS server IP (i.e. 192.168.1.2).

PLEASE NOTE: Algo is intended for use to create a dedicated VPN server. No uninstallation option is provided. If you install Algo on an existing server any existing services might break. In particular, the firewall rules will be overwritten. See AlgoVPN and Firewalls for more information.