* Bump ansible-core from 2.11.3 to 2.12.1
Bumps [ansible-core](https://github.com/ansible/ansible) from 2.11.3 to 2.12.1.
- [Release notes](https://github.com/ansible/ansible/releases)
- [Commits](https://github.com/ansible/ansible/compare/v2.11.3...v2.12.1)
---
updated-dependencies:
- dependency-name: ansible-core
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* Update requirements.txt
* python and cache for actions
* switch to python 3.8
* wait for lxc network
* no point to support 18.04 in tests
* cipher fix for openssl_privatekey
* cipher fix for openssl_privatekey
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jack Ivanov <17044561+jackivanov@users.noreply.github.com>
* X.509 Name Constraints
* nameConstraints to a random generated uuid
* Second level domain
* nameConstraints fixes
* critical in nameConstraints lost after last refactoring
* generate service IPs dynamically
* update cloud-init tests
* exclude ipsec and wireguard ranges from the random service ip
* Update docs
* @davidemyers: update wireguard docs for linux
* Move to netaddr filter
* AllowedIPs fix
* WireGuard IPs fix
* add the install script to support cloud-init and local one-shot deployments
* update travis-ci tests
* update docs
* enable no_log again
* update docs
<!--- Provide a general summary of your changes in the Title above -->
## Description
Renames the vpn role to strongswan, and split up the variables to support 2 separate VPNs. Closes#1330 and closes#1162
Configures Ansible to use python3 on the server side. Closes#1024
Removes unneeded playbooks, reorganises a lot of variables
Reorganises the `config` folder. Closes#1330
<details><summary>Here is how the config directory looks like now</summary>
<p>
```
configs/X.X.X.X/
|-- ipsec
| |-- apple
| | |-- desktop.mobileconfig
| | |-- laptop.mobileconfig
| | `-- phone.mobileconfig
| |-- manual
| | |-- cacert.pem
| | |-- desktop.p12
| | |-- desktop.ssh.pem
| | |-- ipsec_desktop.conf
| | |-- ipsec_desktop.secrets
| | |-- ipsec_laptop.conf
| | |-- ipsec_laptop.secrets
| | |-- ipsec_phone.conf
| | |-- ipsec_phone.secrets
| | |-- laptop.p12
| | |-- laptop.ssh.pem
| | |-- phone.p12
| | `-- phone.ssh.pem
| `-- windows
| |-- desktop.ps1
| |-- laptop.ps1
| `-- phone.ps1
|-- ssh-tunnel
| |-- desktop.pem
| |-- desktop.pub
| |-- laptop.pem
| |-- laptop.pub
| |-- phone.pem
| |-- phone.pub
| `-- ssh_config
`-- wireguard
|-- desktop.conf
|-- desktop.png
|-- laptop.conf
|-- laptop.png
|-- phone.conf
`-- phone.png
```
</p>
</details>
## Motivation and Context
This refactoring is focused to aim to the 1.0 release
## How Has This Been Tested?
Deployed to several cloud providers with various options enabled and disabled
## Types of changes
<!--- What types of changes does your code introduce? Put an `x` in all the boxes that apply: -->
- [x] Refactoring
## Checklist:
<!--- Go over all the following points, and put an `x` in all the boxes that apply. -->
<!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->
- [x] I have read the **CONTRIBUTING** document.
- [x] My code follows the code style of this project.
- [x] My change requires a change to the documentation.
- [x] I have updated the documentation accordingly.
- [x] All new and existing tests passed.
* Document using WireGuard app on macOS
* Update README.md
* Make WireGuard the default for Apple devices
* clarify user list
* fix tests
* connect on demand
* Refactoring, booleans declaration and update users fix
* Make server_name more FQDN compatible
* Rename variables
* Define the default value for store_cakey
* Skip a prompt about the SSH user if deploying to localhost
* Disable reboot for non-cloud deployments
* Enable EC2 volume encryption by default
* Add default server value (localhost) for the local installation
Delete empty files
* Add default region to aws_region_facts
* Update docs
* EC2 credentials fix
* Warnings fix
* Update deploy-from-ansible.md
* Fix a typo
* Remove lightsail from the docs
* Disable EC2 encryption by default
* rename droplet to server
* Disable dependencies
* Disable tls_cipher_suite
* Convert wifi-exclude to a string. Update-users fix
* SSH access congrats fix
* 16.04 > 18.04
* Dont ask for the credentials if specified in the environment vars
* GCE server name fix
* Creates a Docker container to run algo
* Simplistic testing of the Docker image
This simply uses the same LXC system that was just tested.
It's functional, but minimal.
* More thorough tests against Docker
This doubles the number of LXC containers in use,
but does provide a more thorough test of the Docker
image.
* Draft
works with ECDSA
RSA support for Windows
* update-users with local_openssl_tasks
* move prompts to the algo script
* additional directory for SSH keys
* move easyrsa_p12_export_password to pre_tasks
* update-users testing
* Fix hardcoded vars
* Delete the CA key
* Hardcoded IP. Fixes#219
* Some fixes
Jack Ivanov
dependabot[bot]
David Myers
Saravanan Palanisamy
Jack Ivanov
Damian Gerow
Jack Ivanov
