`file` and `lookup` are part of the ubuntu most of the time but in some cases it was missing therefore ansible fails.
Co-authored-by: Jack Ivanov <17044561+jackivanov@users.noreply.github.com>
* Updated Python dependency from 3.8 to 3.10 to support version issues with Ansible
* Changed install recommendations to use pyenv instead of downloading from ppa
* Bump ansible-core from 2.11.3 to 2.12.1
Bumps [ansible-core](https://github.com/ansible/ansible) from 2.11.3 to 2.12.1.
- [Release notes](https://github.com/ansible/ansible/releases)
- [Commits](https://github.com/ansible/ansible/compare/v2.11.3...v2.12.1)
---
updated-dependencies:
- dependency-name: ansible-core
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* Update requirements.txt
* python and cache for actions
* switch to python 3.8
* wait for lxc network
* no point to support 18.04 in tests
* cipher fix for openssl_privatekey
* cipher fix for openssl_privatekey
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jack Ivanov <17044561+jackivanov@users.noreply.github.com>
* adding ubuntu 20.04.1 rpi server deps to readme
* Update README.md per code review
Co-authored-by: David Myers <dem@myersnet.net>
Co-authored-by: David Myers <dem@myersnet.net>
* add linode as one of cloud providers
* add Linode into cloud provider list
* fix code style
* install requirements of ansible linode module
* Update prompts.yml
- Make the regions list more readable
- Assign us-east as the default region
* remove prompt of asking root password
* roles/common: Add sshd tasks
* cloud-linode/tasks: Fix LINODE_API_TOKEN env lookup
* docs: Add Linode to Ansible deploy docs
* docs: Add cloud-linode
* config: Use Ubuntu 20.04 on Linode
* README: syntax
* Linode stackscript support
* Linode stackscript fix
* linting
Co-authored-by: Jack Ivanov <17044561+jackivanov@users.noreply.github.com>
Co-authored-by: William Woodruff <william@yossarian.net>
Co-authored-by: William Woodruff <william.woodruff@trailofbits.com>
Co-authored-by: Jack Ivanov <e601809@gmail.com>
* update variable name to store_pki
* Document BetweenClients_DROP
* Update README.md
* Update faq.md
* VPN On Demand is for Apple IPSEC clients only
* How to update users from cloud-init
* How to monitor user activity
* Fix typo
* Update FAQ about WireGuard, fix typos
* Correct locations of install log and user configs
* Update-users from cloud-init
* Update features list
* More "IPsec" and "WireGuard" changes
* fixed broken link/absent link in FAQ
* Python version README fix for #1622
* road warrior instructions
* Update index.md
* Reorganize config.cfg
As per @davidemyers suggestions
* Further config changes
As per feedback, also better explanation of keys_clean_all
* Add road warrior instructions to FAQ
* Remove specific ports from RW instructions
* Update README.md
As noted in #1599 we don't have any instructions for CentOS 7. Closes#1599
* Update README.md
Co-Authored-By: David Myers <dem@myersnet.net>
* Point additional docs to index.md
* Update index.md
Moves existing links from readme.md over to update this separate (previously out-of-date, redundant) page.
* Update documented Ansible roles
* Fix broken links in index.md
* Complete index.md
As a general rule all docs should be linked to from the index file. No?
* Update SSH access instructions
* Clarify SSH access instructions
* Delete setup-roles.md
* Update deploy-from-ansible.md
Change header, insert text from setup-roles.md
* Remove link to setup-roles from index.md
* Fix typos
* Update deploy-from-ansible.md
Document other `--skip-tags` options, as well as examples for Vultr and Scaleway variables.
* Update deploy-from-ansible.md
Added region examples for AWS and Lightsail. Happy to add other examples if people have experience with other providers.
* Update cloud-vultr.md
More fleshed-out instructions for generating an API key and saving the file. Also notes the default ansible behavior of looking for the file in `~/.vultr.ini`.
* Update README.md
<!--- Provide a general summary of your changes in the Title above -->
## Description
Renames the vpn role to strongswan, and split up the variables to support 2 separate VPNs. Closes#1330 and closes#1162
Configures Ansible to use python3 on the server side. Closes#1024
Removes unneeded playbooks, reorganises a lot of variables
Reorganises the `config` folder. Closes#1330
<details><summary>Here is how the config directory looks like now</summary>
<p>
```
configs/X.X.X.X/
|-- ipsec
| |-- apple
| | |-- desktop.mobileconfig
| | |-- laptop.mobileconfig
| | `-- phone.mobileconfig
| |-- manual
| | |-- cacert.pem
| | |-- desktop.p12
| | |-- desktop.ssh.pem
| | |-- ipsec_desktop.conf
| | |-- ipsec_desktop.secrets
| | |-- ipsec_laptop.conf
| | |-- ipsec_laptop.secrets
| | |-- ipsec_phone.conf
| | |-- ipsec_phone.secrets
| | |-- laptop.p12
| | |-- laptop.ssh.pem
| | |-- phone.p12
| | `-- phone.ssh.pem
| `-- windows
| |-- desktop.ps1
| |-- laptop.ps1
| `-- phone.ps1
|-- ssh-tunnel
| |-- desktop.pem
| |-- desktop.pub
| |-- laptop.pem
| |-- laptop.pub
| |-- phone.pem
| |-- phone.pub
| `-- ssh_config
`-- wireguard
|-- desktop.conf
|-- desktop.png
|-- laptop.conf
|-- laptop.png
|-- phone.conf
`-- phone.png
```
</p>
</details>
## Motivation and Context
This refactoring is focused to aim to the 1.0 release
## How Has This Been Tested?
Deployed to several cloud providers with various options enabled and disabled
## Types of changes
<!--- What types of changes does your code introduce? Put an `x` in all the boxes that apply: -->
- [x] Refactoring
## Checklist:
<!--- Go over all the following points, and put an `x` in all the boxes that apply. -->
<!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->
- [x] I have read the **CONTRIBUTING** document.
- [x] My code follows the code style of this project.
- [x] My change requires a change to the documentation.
- [x] I have updated the documentation accordingly.
- [x] All new and existing tests passed.
* Document using WireGuard app on macOS
* Update README.md
* Make WireGuard the default for Apple devices
* clarify user list
* fix tests
* connect on demand
* Add documentation on how to setup GCE accounts
This commit adds the steps needed to create a credential with the needed access on Google Cloud Platform to be able to successfully create a new algo VPN.
Related to:
- https://github.com/trailofbits/algo/issues/682
- https://github.com/trailofbits/algo/issues/658
* Adds links on main README to GCP
* Adds link to Ansible documentation
* Update cloud-gce.md
