mirror of
https://github.com/trailofbits/algo.git
synced 2025-09-09 05:23:16 +02:00
db02a8f8aa
- Add no_log directives to all cloud provider credential handling - Set privacy-focused defaults (StrongSwan logging disabled, DNSCrypt syslog off) - Implement privacy role with log rotation, history clearing, and log filtering - Add Privacy Considerations section to README - Make all privacy features configurable and enabled by default This update significantly reduces Algo's logging footprint to enhance user privacy while maintaining the ability to enable logging for debugging when needed.
31 lines
898 B
YAML
31 lines
898 B
YAML
---
|
|
- name: Build python virtual environment
|
|
import_tasks: venv.yml
|
|
|
|
- name: Include prompts
|
|
import_tasks: prompts.yml
|
|
|
|
- name: Locate official AMI for region
|
|
ec2_ami_info:
|
|
aws_access_key: "{{ access_key }}"
|
|
aws_secret_key: "{{ secret_key }}"
|
|
owners: "{{ cloud_providers.ec2.image.owner }}"
|
|
region: "{{ algo_region }}"
|
|
filters:
|
|
architecture: "{{ cloud_providers.ec2.image.arch }}"
|
|
name: ubuntu/images/hvm-ssd/{{ cloud_providers.ec2.image.name }}-*64-server-*
|
|
register: ami_search
|
|
no_log: true
|
|
|
|
- name: Set the ami id as a fact
|
|
set_fact:
|
|
ami_image: "{{ (ami_search.images | sort(attribute='creation_date') | last)['image_id'] }}"
|
|
|
|
- name: Deploy the stack
|
|
import_tasks: cloudformation.yml
|
|
|
|
- set_fact:
|
|
cloud_instance_ip: "{{ stack.stack_outputs.ElasticIP }}"
|
|
ansible_ssh_user: algo
|
|
ansible_ssh_port: "{{ ssh_port }}"
|
|
cloudinit: true
|