You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

59 lines
3.5 KiB

# Deploy from script or cloud-init
You can use `` to prepare the environment and deploy AlgoVPN on the local Ubuntu server in one shot using cloud-init or run the script directly on the server. The script doesn't configure any parameters in your cloud, so it's on your own to configure related [firewall rules](/docs/, a floating ip address and other resources you may need.
## Cloud init deployment
You can copy-paste the snippet below to the user data (cloud-init or startup script) field when creating a new server. For now it is only possible for [DigitalOcean](, Amazon [EC2]( and [Lightsail](, [Google Cloud]( and [Azure](
curl -s | sudo bash -x
The command will prepare the environment and install AlgoVPN with default parameters. If you want to modify the behaviour you may define additional variables.
## Variables
`METHOD` - which method of the deployment to use. Possible values are local and cloud. Default: cloud. The cloud method is intended to use in cloud-init deployments only. If you are not using cloud-init to deploy the server you have to use the local method
`ONDEMAND_CELLULAR` - "Connect On Demand" when connected to cellular networks. Bollean. Default: false
`ONDEMAND_WIFI` - "Connect On Demand" when connected to Wi-Fi. Default: false
`ONDEMAND_WIFI_EXCLUDE` - List the names of any trusted Wi-Fi networks where macOS/iOS IPsec clients should not use "Connect On Demand". Comma-separated list.
`WINDOWS` - To support Windows 10 or Linux Desktop clients. Default: false
`STORE_CAKEY` - To retain the CA key. (required to add users in the future, but less secure). Default: false
`LOCAL_DNS` - To install an ad blocking DNS resolver. Default: false
`SSH_TUNNELING` - Enable SSH tunneling for each user. Default: false
`ENDPOINT` - The public IP address or domain name of your server: (IMPORTANT! This is used to verify the certificate). It will be gathered automatically for DigitalOcean, AWS, GCE or Azure if the `METHOD` is cloud. Otherwise you need to define this variable according to your public IP address.
`USERS` - list of VPN users. Comma-separated list.
`REPO_SLUG` - Owner and repository that used to get the installation scripts from. Default: trailofbits/algo
`REPO_BRANCH` - Branch for `REPO_SLUG`. Default: master
`EXTRA_VARS` - Additional extra variables.
`ANSIBLE_EXTRA_ARGS` - Any available ansible parameters. ie: `--skip-tags apparmor`
## Examples
##### How to customise a cloud-init deployment by variables
export WINDOWS=true
export SSH_TUNNELING=true
curl -s | sudo bash -x
##### How to deploy locally without using cloud-init
export METHOD=local
curl -s | sudo bash -x
##### How to deploy a server using arguments
The arguments order as per [variables](#variables) above
curl -s | sudo bash -x -s local true false _null true true true true