Archives/algo - algo - blob42 source forge

Commit Graph

Author	SHA1	Message	Date
Jack Ivanov	fbc7b29456	WireGuard update-users fix (#1154 )	6 years ago
Jack Ivanov	efc8dc7620	add tags for the wireguard qr code task. variables fix (#1147 )	6 years ago
Jack Ivanov	bcba905547	ssh tunneling fixes (#1127 )	6 years ago
David Myers	cd3fbe5e47	Add WireGuard port to FAQ (#1141 )	6 years ago
David Myers	d90ba3d11a	Allow more flexible DNSCrypt configuration (#1120 ) * Allow more flexible DNSCrypt configuration * Correct permissions on files changed in #1120 I'm not sure why using BBEdit over SMB makes every file executable. * Put the public resolvers cache file in /tmp.	6 years ago
Jack Ivanov	d7dcaeb575	Update troubleshooting.md Fixes #1118	6 years ago
Jack Ivanov	1442586682	WireGuard: Generate QR codes (#1129 ) * WireGuard: Generate QR codes * Update client-android.md	6 years ago
Jack Ivanov	dbd68aa97d	WireGuard BSD (#1083 ) * WireGuard BSD * Remove unneeded config option * Enable PersistentKeepalive for NAT and Firewall Traversal Persistence * Install dnscrypt-proxy from repositories	6 years ago
Jack Ivanov	6c0753e3b8	GCE: Static external ip (optional) (#1125 )	6 years ago
Gio d'Amelio	810358f1cc	Update algo-showenv.sh to use `/usr/bin/env` in it's hashbang (#1126 ) Should allow better cross platform compatibility	6 years ago
Jack Ivanov	aa318bff18	Update PULL_REQUEST_TEMPLATE.md	6 years ago
Jack Ivanov	eb2224cde1	install generic linux headers (#1124 )	6 years ago
Mike Myers	8f090a36f8	Fix minor typos in Amazon EC2 setup documentation. (#1116 )	6 years ago
James	14234344eb	Use gateway ip address for wireguard interface (#1115 )	6 years ago
Jack Ivanov	4a42fbea35	Move to the ARM deployment schema (#1107 )	6 years ago
Jack Ivanov	4e5103986c	Create PULL_REQUEST_TEMPLATE.md	6 years ago
Jack Ivanov	5e7f134005	Update issue templates (#1114 ) * Update issue templates * Delete ISSUE_TEMPLATE.md	6 years ago
TC1977	df4b3f6202	Update Win10 client docs for non-admin accounts (#1093 ) * Update client-windows.md Allows non-admin accounts to use the VPN as per #983 and #994. Fix was also documented here https://www.bountysource.com/issues/49259904-windows-10-powershell-and-priv-nonpriv-account-issues * Update client-windows.md	6 years ago
ctrlaltreboot	57fb2ec347	Update client-windows.md (#1099 ) Correct command would be ```powershell -ExecutionPolicy ByPass -File C:\path\to\windows_USER.ps1 Add```	6 years ago
David Myers	65b0239625	Display the invocation environment to aid debugging (#1108 )	6 years ago
TC1977	76a8fe35db	Document AWS disk encryption flag in config.cfg (#1102 ) This is to better document the "encryption" flag for those who are interested in full disk encryption on AWS. Recently on running the script, I also found the minimum permissions documented at https://github.com/trailofbits/algo/blob/master/docs/deploy-from-ansible.md weren't enough; "ec2:CopyImage" is also required. Not sure if you'd rather have this documented in the AWS docs instead, and not sure if you want "ec2:CopyImage" added to the default minimum required permissions. I can do either if you'd prefer.	6 years ago
TC1977	4c70b71df5	Fix spacing in congrats message (#1104 ) The spacing of several lines in the congrats message has been off. Here's the congrats output with this fix: ``` ok: [54.85.244.8] => { "msg": [ [ "\"# Congratulations! #\"", "\"# Your Algo server is running. #\"", "\"# Config files and certificates are in the ./configs/ directory. #\"", "\"# Go to https://whoer.net/ after connecting #\"", "\"# and ensure that all your traffic passes through the VPN. #\"", "\"# Local DNS resolver 172.16.0.1 #\"", "" ], " \"# The p12 and SSH keys password for new users is CR2qzRcA #\"\n", " \"# The CA key password is ed0fd57e7d355af08d12ccdbfd3f5931 #\"\n", " \"# Shell access: ssh -i configs/algo.pem ubuntu@54.85.244.8 #\"\n" ] } ```	6 years ago
David Myers	d95df710a5	Add an unattended reboot option (#1082 )	6 years ago
in-in	244a698531	improve readability (#1085 )	6 years ago
Jack Ivanov	cbe57991db	Update docs (#1089 )	6 years ago
Jack Ivanov	91a9dfd983	invoke dns encryption from main playbook instead of meta-dependencies (#1097 )	6 years ago
Mike Myers	d9634eca8a	Update screenshot of AWS EC2 minimum permissions with ec2:DescribeRegions (#1095 )	6 years ago
Jack Ivanov	002c4ef198	Update ISSUE_TEMPLATE.md	6 years ago
Jack Ivanov	0188b2ff64	Update deploy-to-ubuntu.md	6 years ago
Jack Ivanov	687bab9e54	Update troubleshooting.md Fixes #744	6 years ago
Jack Ivanov	fb1c0f6a5e	Create a symlink if deploying to localhost (#1078 )	6 years ago
Jack Ivanov	e860b78d80	Scaleway authentication fix (#1088 )	6 years ago
David Myers	ee3cb979f7	Document how to use WireGuard on Ubuntu clients (#1071 )	6 years ago
Jack Ivanov	f63bc1ef97	Update CHANGELOG.md	6 years ago
TC1977	3144458ac7	Update cloud-amazon-ec2.md (#1081 )	6 years ago
TC1977	6d3bb1cf2b	Update minimum required IAM changes for deployment (#1080 ) Ansible2.5 allows Algo to directly ask AWS for the region list, rather than have it hardcoded and updated manually. Updated the documented minimum required permissions to include "DescribeRegions".	6 years ago
Jack Ivanov	635e7ff1af	Update README.md	6 years ago
Jack Ivanov	5f9a3d5eb5	Update CHANGELOG.md	6 years ago
Jack Ivanov	511086db8e	Update CHANGELOG.md	6 years ago
Jack Ivanov	701995ebb7	Update CHANGELOG.md	6 years ago
Jack Ivanov	36c871c4f1	Update CHANGELOG.md	6 years ago
Jack Ivanov	e8947f318b	Large refactor to support Ansible 2.5 (#976 ) * Refactoring, booleans declaration and update users fix * Make server_name more FQDN compatible * Rename variables * Define the default value for store_cakey * Skip a prompt about the SSH user if deploying to localhost * Disable reboot for non-cloud deployments * Enable EC2 volume encryption by default * Add default server value (localhost) for the local installation Delete empty files * Add default region to aws_region_facts * Update docs * EC2 credentials fix * Warnings fix * Update deploy-from-ansible.md * Fix a typo * Remove lightsail from the docs * Disable EC2 encryption by default * rename droplet to server * Disable dependencies * Disable tls_cipher_suite * Convert wifi-exclude to a string. Update-users fix * SSH access congrats fix * 16.04 > 18.04 * Dont ask for the credentials if specified in the environment vars * GCE server name fix	6 years ago
Josh Dimarsky	a57a0adf5e	Fixed broken link; clarified example docker command (#1064 )	6 years ago
Jack Ivanov	53d1113881	Split up unattended upgrades (#1041 )	6 years ago
David Myers	b86ebe20d7	Prevent DNS rebinding (#1049 )	6 years ago
Quentin Moss	e0c317a958	Update documentation link (#1043 )	6 years ago
Fabian Foerg	3ddd0ac30f	Run dnsmasq as the dnsmasq user (#1029 ) * Run dnsmasq as the dnsmasq user There is a task that checks whether the dnsmasq user exists. However, dnsmasq is configured to run as user "nobody" instead. This change lets dnsmasq run as user "dnsmasq". * remove dnsmasq user task	6 years ago
Quentin Moss	b88f697b28	Update troubleshooting docs to include iOS reconnection loop (#1042 ) * Update troubleshooting docs to include iOS reconnection loop * nits	6 years ago
bghost	60a99faaf8	Update PPA for dnscrypt-proxy to 'bionic' (#1039 )	6 years ago
Mike Myers	c65961a1f3	Amazon ec2 documentation (#1035 ) * Add link to documentation on Amazon EC2 setup * Add images to document the AWS EC2 account setup * Create AWS EC2 setup instructions * remove line breaks * remove line breaks * Add images documenting AWS EC2 policy creation * Update image showing advised minimum AWS policy * Add instructions for minimum AWS permission policy * Delete aws-ec2-attach-policy.png * Updated image to reflect new AWS policy guidance * Delete aws-ec2-new-user-confirm.png * Updated image to reflect new AWS policy guidance	6 years ago

1 2 3 4 5 ...

879 Commits (40b42c4f337b5c89b9ce8122c54ce2f8cfee706b) All Branches Search

879 Commits (40b42c4f337b5c89b9ce8122c54ce2f8cfee706b)

All Branches