Commit Graph

14 Commits

Author SHA1 Message Date
Jack Ivanov
8c560719a5
skip pre tasks in update-users (#1921) 2020-12-08 13:23:24 +03:00
Jack Ivanov
53dfc570eb
Github Actions (#1681) 2020-01-13 17:20:40 +01:00
Jack Ivanov
8bdd99c05d Refactor to support Ansible 2.8 (#1549)
* bump ansible to 2.8.3

* DigitalOcean: move to the latest modules

* Add Hetzner Cloud

* Scaleway and Lightsail fixes

* lint missing roles

* Update roles/cloud-hetzner/tasks/main.yml

Add api_token

Co-Authored-By: phaer <phaer@phaer.org>

* Update roles/cloud-hetzner/tasks/main.yml

Add api_token

Co-Authored-By: phaer <phaer@phaer.org>

* Try to run apt until succeeded

* Scaleway modules upgrade

* GCP: Refactoring, remove deprecated modules

* Doc updates (#1552)

* Update README.md

Adding links and mentions of Exoscale aka CloudStack and Hetzner Cloud.

* Update index.md

Add the Hetzner Cloud to the docs index

* Remove link to Win 10 IPsec instructions

* Delete client-windows.md

Unnecessary since the deprecation of IPsec for Win10.

* Update deploy-from-ansible.md

Added sections and required variables for CloudStack and Hetzner Cloud.

* Update deploy-from-ansible.md

Added sections for CloudStack and Hetzner, added req variables and examples, mentioned environment variables, and added links to the provider role section.

* Update deploy-from-ansible.md

Cosmetic changes to links, fix typo.

* Update GCE variables

* Update deploy-from-script-or-cloud-init-to-localhost.md

Fix a finer point, and make variables list more readable.

* update azure requirements

* Python3 draft

* set LANG=c to the p12 password generation task

* Update README

* Install cloud requirements to the existing venv

* FreeBSD fix

* env->.env fixes

* lightsail_region_facts fix

* yaml syntax fix

* Update README for Python 3 (#1564)

* Update README for Python 3

* Remove tabs and tweak instructions

* Remove cosmetic command indentation

* Update README.md

* Update README for Python 3 (#1565)

* DO fix for "found unpermitted parameters: id"

* Verify Python version

* Remove ubuntu 16.04 from readme

* Revert back DigitalOcean module

* Update deploy-from-script-or-cloud-init-to-localhost.md

* env to .env
2019-09-28 08:10:20 +08:00
Jack Ivanov
5904546a48
Randomly generated IP address for the local dns resolver (#1429)
* generate service IPs dynamically

* update cloud-init tests

* exclude ipsec and wireguard ranges from the random service ip

* Update docs

* @davidemyers: update wireguard docs for linux

* Move to netaddr filter

* AllowedIPs fix

* WireGuard IPs fix
2019-05-17 14:49:29 +02:00
Jack Ivanov
25513cf925 Refactoring, Linting and additional tests (#1397)
* Refactoring, Linting and additional tests

* Vultr: Undefined variable and deprecation notes fix

* Travis-CI enable linters

* Azure: Update python requirements

* Update main.yml

* Update install.sh

* Add missing roles to ansible-lint

* Linting for skipped roles

* add .ansible-lint config
2019-04-26 11:48:28 -04:00
Jack Ivanov
273c7665d3 Refactoring (#1334)
<!--- Provide a general summary of your changes in the Title above -->

## Description
Renames the vpn role to strongswan, and split up the variables to support 2 separate VPNs. Closes #1330 and closes #1162
Configures Ansible to use python3 on the server side. Closes #1024 
Removes unneeded playbooks, reorganises a lot of variables
Reorganises the `config` folder. Closes #1330
<details><summary>Here is how the config directory looks like now</summary>
<p>

```
configs/X.X.X.X/
|-- ipsec
|   |-- apple
|   |   |-- desktop.mobileconfig
|   |   |-- laptop.mobileconfig
|   |   `-- phone.mobileconfig
|   |-- manual
|   |   |-- cacert.pem
|   |   |-- desktop.p12
|   |   |-- desktop.ssh.pem
|   |   |-- ipsec_desktop.conf
|   |   |-- ipsec_desktop.secrets
|   |   |-- ipsec_laptop.conf
|   |   |-- ipsec_laptop.secrets
|   |   |-- ipsec_phone.conf
|   |   |-- ipsec_phone.secrets
|   |   |-- laptop.p12
|   |   |-- laptop.ssh.pem
|   |   |-- phone.p12
|   |   `-- phone.ssh.pem
|   `-- windows
|       |-- desktop.ps1
|       |-- laptop.ps1
|       `-- phone.ps1
|-- ssh-tunnel
|   |-- desktop.pem
|   |-- desktop.pub
|   |-- laptop.pem
|   |-- laptop.pub
|   |-- phone.pem
|   |-- phone.pub
|   `-- ssh_config
`-- wireguard
    |-- desktop.conf
    |-- desktop.png
    |-- laptop.conf
    |-- laptop.png
    |-- phone.conf
    `-- phone.png
```

![finder](https://i.imgur.com/FtOmKO0.png)

</p>
</details>

## Motivation and Context
This refactoring is focused to aim to the 1.0 release

## How Has This Been Tested?
Deployed to several cloud providers with various options enabled and disabled

## Types of changes
<!--- What types of changes does your code introduce? Put an `x` in all the boxes that apply: -->
- [x] Refactoring

## Checklist:
<!--- Go over all the following points, and put an `x` in all the boxes that apply. -->
<!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->
- [x] I have read the **CONTRIBUTING** document.
- [x] My code follows the code style of this project.
- [x] My change requires a change to the documentation.
- [x] I have updated the documentation accordingly.
- [x] All new and existing tests passed.
2019-03-10 13:16:34 -04:00
David Myers
df3d547fb3 Document using WireGuard app on macOS (#1327)
* Document using WireGuard app on macOS

* Update README.md

* Make WireGuard the default for Apple devices

* clarify user list

* fix tests

* connect on demand
2019-02-17 18:38:19 -05:00
Jack Ivanov
e8947f318b Large refactor to support Ansible 2.5 (#976)
* Refactoring, booleans declaration and update users fix

* Make server_name more FQDN compatible

* Rename variables

* Define the default value for store_cakey

* Skip a prompt about the SSH user if deploying to localhost

* Disable reboot for non-cloud deployments

* Enable EC2 volume encryption by default

* Add default server value (localhost) for the local installation

Delete empty files

* Add default region to aws_region_facts

* Update docs

* EC2 credentials fix

* Warnings fix

* Update deploy-from-ansible.md

* Fix a typo

* Remove lightsail from the docs

* Disable EC2 encryption by default

* rename droplet to server

* Disable dependencies

* Disable tls_cipher_suite

* Convert wifi-exclude to a string. Update-users fix

* SSH access congrats fix

* 16.04 > 18.04

* Dont ask for the credentials if specified in the environment vars

* GCE server name fix
2018-08-27 10:05:45 -04:00
Jack Ivanov
d7bce68738 TravisCI fixes 2018-05-31 23:08:32 +03:00
Jack Ivanov
6f3ec658fe
Move to LXD (#935) 2018-05-10 09:03:05 +03:00
Damian Gerow
62fc22ab59 Creates a Docker container to run algo (#331)
* Creates a Docker container to run algo

* Simplistic testing of the Docker image

This simply uses the same LXC system that was just tested.
It's functional, but minimal.

* More thorough tests against Docker

This doubles the number of LXC containers in use,
but does provide a more thorough test of the Docker
image.
2018-03-16 16:38:53 -04:00
Jack Ivanov
a9a6933c76 a typo 2017-05-23 18:26:48 +02:00
Jack Ivanov
f52eca39c3 add some debug to the tests 2017-05-23 18:26:01 +02:00
Jack Ivanov
35faf4bca7 Local openssl tasks (#169)
* Draft

works with ECDSA

RSA support for Windows

* update-users with local_openssl_tasks

* move prompts to the algo script

* additional directory for SSH keys

* move easyrsa_p12_export_password to pre_tasks

* update-users testing

* Fix hardcoded vars

* Delete the CA key

* Hardcoded IP. Fixes #219

* Some fixes
2017-02-03 14:24:02 -05:00