mirror of
https://github.com/trailofbits/algo.git
synced 2025-04-26 11:12:48 +02:00
019d729fe6
* Closes #443 * Remove numbers * context * split up local and scripted * Closes #458 * . * better layout * Closes #451 * do this later * grammar * typo
30 lines
728 B
Markdown
30 lines
728 B
Markdown
# FreeBSD / HardenedBSD server setup
|
|
|
|
FreeBSD server support is a work in progress. For now, it is only possible to install Algo on existing FreeBSD 11 systems.
|
|
|
|
## System preparation
|
|
|
|
Ensure that the following kernel options are enabled:
|
|
|
|
```
|
|
# sysctl kern.conftxt | grep -iE "IPSEC|crypto"
|
|
options IPSEC
|
|
options IPSEC_NAT_T
|
|
device crypto
|
|
```
|
|
|
|
## Available roles
|
|
|
|
* vpn
|
|
* ssh_tunneling
|
|
* dns_adblocking
|
|
|
|
## Additional variables
|
|
|
|
* rebuild_kernel - set to `true` if you want to let Algo to rebuild your kernel if needed (takes a lot of time)
|
|
|
|
## Installation
|
|
|
|
```shell
|
|
ansible-playbook deploy.yml -t local,vpn -e "server_ip=$server_ip server_user=$server_user IP_subject_alt_name=$server_ip Store_CAKEY=N" --skip-tags cloud
|
|
```
|