## 1.2 [(Unreleased)](https://github.com/trailofbits/algo/tree/HEAD)
### Added
- New provider CloudStack added [\#1420 ](https://github.com/trailofbits/algo/pull/1420 )
- Support for Ubuntu 20.04 [\#1782 ](https://github.com/trailofbits/algo/pull/1782 )
- Allow WireGuard to listen on port 53 [\#1594 ](https://github.com/trailofbits/algo/pull/1594 )
- Introducing Makefile [\#1553 ](https://github.com/trailofbits/algo/pull/1553 )
- Option to unblock SMB and Netbios [\#1558 ](https://github.com/trailofbits/algo/pull/1558 )
- Allow OnDemand to be toggled later [\#1557 ](https://github.com/trailofbits/algo/pull/1557 )
- New provider Hetzner added [\#1549 ](https://github.com/trailofbits/algo/pull/1549 )
- Alternative Ingress IP [\#1605 ](https://github.com/trailofbits/algo/pull/1605 )
### Fixes
- WSL private SSH key permissions [\#1584 ](https://github.com/trailofbits/algo/pull/1584 )
- Scaleway instance creating issue [\#1549 ](https://github.com/trailofbits/algo/pull/1549 )
### Changed
- Discontinue use of the WireGuard PPA [\#1855 ](https://github.com/trailofbits/algo/pull/1855 )
- SSH changes [\#1636 ](https://github.com/trailofbits/algo/pull/1636 )
- Default port is set to `4160` and can be changed in the config
- SSH user for every cloud provider is `algo`
- EC2: enable EBS encryption by default [\#1556 ](https://github.com/trailofbits/algo/pull/1556 )
- Upgrades [\#1549 ](https://github.com/trailofbits/algo/pull/1549 )
- Python 3
- Ansible 2.9 [\#1777 ](https://github.com/trailofbits/algo/pull/1777 )
### Breaking changes
- Python virtual environment moved to .env [\#1549 ](https://github.com/trailofbits/algo/pull/1549 )
## 1.1 [(Jul 31, 2019)](https://github.com/trailofbits/algo/releases/tag/v1.1)
### Removed
- IKEv2 for Windows is now deleted, use Wireguard [\#1493 ](https://github.com/trailofbits/algo/issues/1493 )
### Added
- Tmpfs for key generation [\#145 ](https://github.com/trailofbits/algo/issues/145 )
- Randomly generated pre-shared keys for WireGuard [\#1465 ](https://github.com/trailofbits/algo/pull/1465 ) ([elreydetoda](https://github.com/elreydetoda))
- Support for Ubuntu 19.04 [\#1405 ](https://github.com/trailofbits/algo/pull/1405 ) ([jackivanov](https://github.com/jackivanov))
- AWS support for existing EIP [\#1292 ](https://github.com/trailofbits/algo/pull/1292 ) ([statik](https://github.com/statik))
- Script to support cloud-init and local easy deploy [\#1366 ](https://github.com/trailofbits/algo/pull/1366 ) ([jackivanov](https://github.com/jackivanov))
- Automatically create cloud firewall rules for installs onto Vultr [\#1400 ](https://github.com/trailofbits/algo/pull/1400 ) ([TC1977](https://github.com/TC1977))
- Randomly generated IP address for the local dns resolver [\#1429 ](https://github.com/trailofbits/algo/pull/1429 ) ([jackivanov](https://github.com/jackivanov))
- Update users: add server pick-list [\#1441 ](https://github.com/trailofbits/algo/pull/1441 ) ([TC1977](https://github.com/TC1977))
- Additional testing [\#213 ](https://github.com/trailofbits/algo/issues/213 )
- Add IPv6 support to DNS [\#1425 ](https://github.com/trailofbits/algo/pull/1425 ) ([shapiro125](https://github.com/shapiro125))
- Additional p12 with the CA cert included [\#1403 ](https://github.com/trailofbits/algo/pull/1403 ) ([jackivanov](https://github.com/jackivanov))
### Fixed
- Fixes error in 10-algo-lo100.network [\#1369 ](https://github.com/trailofbits/algo/pull/1369 ) ([adamluk](https://github.com/adamluk))
- Error message is missing for some roles [\#1364 ](https://github.com/trailofbits/algo/issues/1364 )
- DNS leak in Linux/Wireguard when LAN gateway/DNS is 172.16.0.1 [\#1422 ](https://github.com/trailofbits/algo/issues/1422 )
- Installation error after \#1397 [\#1409 ](https://github.com/trailofbits/algo/issues/1409 )
- EC2 encrypted images bug [\#1528 ](https://github.com/trailofbits/algo/issues/1528 )
### Changed
- Upgrade Ansible to 2.7.12 [\#1536 ](https://github.com/trailofbits/algo/pull/1536 )
- DNSmasq removed, and the DNS adblocking functionality has been moved to the dnscrypt-proxy
- Azure: moved to the Standard_B1S image size
- Refactoring, Linting and additional tests [\#1397 ](https://github.com/trailofbits/algo/pull/1397 ) ([jackivanov](https://github.com/jackivanov))
- Scaleway modules [\#1410 ](https://github.com/trailofbits/algo/pull/1410 ) ([jackivanov](https://github.com/jackivanov))
- Use VULTR_API_CONFIG variable if set [\#1374 ](https://github.com/trailofbits/algo/pull/1374 ) ([davidemyers](https://github.com/davidemyers))
- Simplify Apple Profile Configuration Template [\#1033 ](https://github.com/trailofbits/algo/pull/1033 ) ([faf0](https://github.com/faf0))
- Include roles as separate tasks [\#1365 ](https://github.com/trailofbits/algo/pull/1365 ) ([jackivanov](https://github.com/jackivanov))
## 1.0 [(Mar 19, 2019)](https://github.com/trailofbits/algo/releases/tag/v1.0)
### Added
- Tagged releases and changelog [\#724 ](https://github.com/trailofbits/algo/issues/724 )
- Add support for custom domain names [\#759 ](https://github.com/trailofbits/algo/issues/759 )
### Fixed
- Set the name shown to the user \(client\) to be the server name specified in the install script [\#491 ](https://github.com/trailofbits/algo/issues/491 )
- AGPLv3 change [\#1351 ](https://github.com/trailofbits/algo/pull/1351 )
- Migrate to python3 [\#1024 ](https://github.com/trailofbits/algo/issues/1024 )
- Reorganize the project around ipsec + wireguard [\#1330 ](https://github.com/trailofbits/algo/issues/1330 )
- Configuration folder reorganization [\#1330 ](https://github.com/trailofbits/algo/issues/1330 )
- Remove WireGuard KeepAlive and include as an option in config [\#1251 ](https://github.com/trailofbits/algo/issues/1251 )
- Dnscrypt-proxy no longer works after reboot [\#1356 ](https://github.com/trailofbits/algo/issues/1356 )
## 20 Oct 2018
### Added
- AWS Lightsail
## 7 Sep 2018
### Changed
- Azure: Deployment via Azure Resource Manager
## 27 Aug 2018
### Changed
- Large refactor to support Ansible 2.5. [Details ](https://github.com/trailofbits/algo/pull/976 )
- Add a new cloud provider - Vultr
### Upgrade notes
- If any problems encountered follow the [instructions ](https://github.com/trailofbits/algo#deploy-the-algo-server ) from scratch
- You can't update users on your old servers with the new code. Use the old code before this release or rebuild the server from scratch
- Update AWS IAM permissions for your user as per [issue ](https://github.com/trailofbits/algo/issues/1079#issuecomment-416577599 )
## 04 Jun 2018
### Changed
- Switched to [new cipher suite ](https://github.com/trailofbits/algo/issues/981 )
## 24 May 2018
### Changed
- Switched to Ubuntu 18.04
### Removed
- Lightsail support until they have Ubuntu 18.04
### Fixed
- Scaleway API paginagion
## 30 Apr 2018
### Added
- WireGuard support
### Removed
- Android StrongSwan profiles
### Release notes
- StrongSwan profiles for Android are deprecated now. Use WireGuard
## 25 Apr 2018
### Added
- DNScrypt-proxy added
- Switched to CloudFlare DNS-over-HTTPS by default
## 19 Apr 2018
### Added
- IPv6 in subjectAltName of the certificates. This allows connecting to the Algo instance via the main IPv6 address
### Fixed
- IPv6 DNS addresses were not passing to the client
### Release notes
- In order to use the IPv6 address as the connection endpoint you need to [reinit ](https://github.com/trailofbits/algo/blob/master/config.cfg#L14 ) the PKI and [reconfigure ](https://github.com/trailofbits/algo#configure-the-vpn-clients ) your devices with new certificates.