Archives
/
algo
mirror of https://github.com/trailofbits/algo
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,057 Commits
5 Branches
2 Tags
10 MiB
fix/14704
master
dependabot/pip/ansible-9.4.0
dependabot/github_actions/actions/setup-python-5.1.0
dependabot/pip/jinja2-approx-eq-3.1.3
v1.1
v1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '52f88ad12e'
${ noResults }
Commit Graph

1057 Commits (52f88ad12e46cbe5f182fec6edf87d947c8bafd6)
 

Author SHA1 Message Date
Jack Ivanov 955a986c21
IPv6 forwarding fixes (#1256) 6 years ago
Jack Ivanov a6cd89564d
Fixes #1246 6 years ago
Federico G. Schwindt a4f2c97fd2 Fix ipv4 address missing on reboot (#1245) 6 years ago
David Myers e478d31e50 Update local install instructions (#1148) 
* Update local install instructions

* Update deploy-to-ubuntu.md
 6 years ago
David Myers f3519425c4 Note that WireGuard configs cannot be shared (#1238) 6 years ago
TC1977 4eeaadcfb3 Add info about modifying blacklists (#1236) 
# Algo will use the following lists to block ads. You can add new block lists 
# after deployment by modifying the line starting "BLOCKLIST_URLS=" at:
# /usr/local/sbin/adblock.sh 
# If you load very large blocklists, you may also have to modify resource limits:
# /etc/systemd/system/dnsmasq.service.d/100-CustomLimitations.conf
 6 years ago
William Woodruff 319b630cf4 docs/gce: Fix typos, clarify instructions (#1239) 6 years ago
David Myers 66681521c1 Increase memory limit for dnsmasq (#1228) 
* Increase memory limit for dnsmasq

* Increase memory limit for dnsmasq further
 6 years ago
David Myers 8d23f715d7 Run adblock.sh at a random time (#1227) 6 years ago
jxn 66bbf0e83a fix typo in powershell execution in windows client set up doc (#1224) 6 years ago
Jack Sullivan adb4dfa839 Add "unable to write 'random state'" resolution (#1219) 
I ran into the same issue as #1058, and the solution worked.

This PR generalizes the solution and adds it to the troubleshooting documentation, making it easier to resolve for future users.
 6 years ago
David Myers 22395f5f84 Add p12 password back to mobileconfigs (#1218) 6 years ago
Jack Ivanov a66d8f0069 on-build python venvs (#1199) 6 years ago
Jack Ivanov 9187d8e637 dnscrypt-proxy apparmor fix (#1210) 
<!--- Provide a general summary of your changes in the Title above -->

## Description
Apparmor profile for dnscrypt-proxy didn't work at all

## Motivation and Context
Fixes #1155

## How Has This Been Tested?
Deployed to DigitalOcean, checked that the dnscrypt-proxy binary is in enforce mode

## Types of changes
<!--- What types of changes does your code introduce? Put an `x` in all the boxes that apply: -->
- [x] Bug fix (non-breaking change which fixes an issue)

## Checklist:
<!--- Go over all the following points, and put an `x` in all the boxes that apply. -->
<!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->
- [x] I have read the **CONTRIBUTING** document.
- [x] My code follows the code style of this project.
- [x] All new and existing tests passed.
 6 years ago
Jack Ivanov 45b00ee994
BSD StrongSwan fixes (#1207) 6 years ago
David Myers d8b318b59a Detect when running in Docker (#1204) 6 years ago
Jack Ivanov 1c16554b41
Rename Docker.md to deploy-from-docker.md 6 years ago
jxn affadd401d fix typos in docker documentation and shell-script text (#1202) 6 years ago
Jack Ivanov 66d30e3005
WireGuard update-users fix (#1183) 6 years ago
TC1977 75685e202b Troubleshooting.md updates (#1195) 
* Troubleshooting.md updates

Adds solutions to #1067 to the troubleshooting faq. Also moves a couple of answers to correspond to the headers.

* Change to Algo, strongly rec Ubuntu 18.04
 6 years ago
TC1977 a76642c4d5 Update mobileconfig.j2 (#1197) 
Adds "Algo VPN" to the organization in the "Profiles" menu of "General Settings". (The type still shows up as "Unknown" in the "VPN" menu, because that seems to be governed by the "VPNSubType" string, which must be empty according to the [developer reference](https://developer.apple.com/enterprise/documentation/Configuration-Profile-Reference.pdf) Maybe this can help clear the way for #1101.
 6 years ago
Jack Ivanov a53dec6349
Closes #1189 6 years ago
zuccs 2b2d90a8a9 Fix typo (#1165) 6 years ago
datew0 30446d0363 Set disk size depending on server plan (#1159) 
Scaleway`s START1-XS does not start with a disk size of 50GB.
 6 years ago
Jack Ivanov 399d47233a
add region (#1182) 6 years ago
Aleksander 465cbeb7e0 Update StrongSwan setup docs (#1181) 6 years ago
Bruno Tavares 54a91447bf Add documentation on how to setup GCE accounts (#1164) 
* Add documentation on how to setup GCE accounts

This commit adds the steps needed to create a credential with the needed access on Google Cloud Platform to be able to successfully create a new algo VPN.

Related to:
- https://github.com/trailofbits/algo/issues/682
- https://github.com/trailofbits/algo/issues/658

* Adds links on main README to GCP

* Adds link to Ansible documentation

* Update cloud-gce.md
 6 years ago
Jack Ivanov 3468d27e61 Lightsail back (#1157) 6 years ago
Jack Ivanov fbc7b29456 WireGuard update-users fix (#1154) 6 years ago
Jack Ivanov efc8dc7620
add tags for the wireguard qr code task. variables fix (#1147) 6 years ago
Jack Ivanov bcba905547 ssh tunneling fixes (#1127) 6 years ago
David Myers cd3fbe5e47 Add WireGuard port to FAQ (#1141) 6 years ago
David Myers d90ba3d11a Allow more flexible DNSCrypt configuration (#1120) 
* Allow more flexible DNSCrypt configuration

* Correct permissions on files changed in #1120

I'm not sure why using BBEdit over SMB makes every file executable.

* Put the public resolvers cache file in /tmp.
 6 years ago
Jack Ivanov d7dcaeb575
Update troubleshooting.md 
Fixes #1118
 6 years ago
Jack Ivanov 1442586682 WireGuard: Generate QR codes (#1129) 
* WireGuard: Generate QR codes

* Update client-android.md
 6 years ago
Jack Ivanov dbd68aa97d WireGuard BSD (#1083) 
* WireGuard BSD

* Remove unneeded config option

* Enable PersistentKeepalive for NAT and Firewall Traversal Persistence

* Install dnscrypt-proxy from repositories
 6 years ago
Jack Ivanov 6c0753e3b8 GCE: Static external ip (optional) (#1125) 6 years ago
Gio d'Amelio 810358f1cc Update algo-showenv.sh to use `/usr/bin/env` in it's hashbang (#1126) 
Should allow better cross platform compatibility
 6 years ago
Jack Ivanov aa318bff18
Update PULL_REQUEST_TEMPLATE.md 6 years ago
Jack Ivanov eb2224cde1
install generic linux headers (#1124) 6 years ago
Mike Myers 8f090a36f8 Fix minor typos in Amazon EC2 setup documentation. (#1116) 6 years ago
James 14234344eb Use gateway ip address for wireguard interface (#1115) 6 years ago
Jack Ivanov 4a42fbea35 Move to the ARM deployment schema (#1107) 6 years ago
Jack Ivanov 4e5103986c
Create PULL_REQUEST_TEMPLATE.md 6 years ago
Jack Ivanov 5e7f134005
Update issue templates (#1114) 
* Update issue templates

* Delete ISSUE_TEMPLATE.md
 6 years ago
TC1977 df4b3f6202 Update Win10 client docs for non-admin accounts (#1093) 
* Update client-windows.md

Allows non-admin accounts to use the VPN as per #983 and #994. Fix was also documented here https://www.bountysource.com/issues/49259904-windows-10-powershell-and-priv-nonpriv-account-issues

* Update client-windows.md
 6 years ago
ctrlaltreboot 57fb2ec347 Update client-windows.md (#1099) 
Correct command would be ```powershell -ExecutionPolicy ByPass -File C:\path\to\windows_USER.ps1 Add```
 6 years ago
David Myers 65b0239625 Display the invocation environment to aid debugging (#1108) 6 years ago
TC1977 76a8fe35db Document AWS disk encryption flag in config.cfg (#1102) 
This is to better document the "encryption" flag for those who are interested in full disk encryption on AWS. Recently on running the script, I also found the minimum permissions documented at https://github.com/trailofbits/algo/blob/master/docs/deploy-from-ansible.md weren't enough; "ec2:CopyImage" is also required. Not sure if you'd rather have this documented in the AWS docs instead, and not sure if you want "ec2:CopyImage" added to the default minimum required permissions. I can do either if you'd prefer.
 6 years ago
TC1977 4c70b71df5 Fix spacing in congrats message (#1104) 
The spacing of several lines in the congrats message has been off. Here's the congrats output with this fix:
```
ok: [54.85.244.8] => {
    "msg": [
        [
            "\"#                          Congratulations!                            #\"", 
            "\"#                     Your Algo server is running.                     #\"", 
            "\"#    Config files and certificates are in the ./configs/ directory.    #\"", 
            "\"#              Go to https://whoer.net/ after connecting               #\"", 
            "\"#        and ensure that all your traffic passes through the VPN.      #\"", 
            "\"#                     Local DNS resolver 172.16.0.1                    #\"", 
            ""
        ], 
        "    \"#        The p12 and SSH keys password for new users is CR2qzRcA       #\"\n", 
        "    \"#        The CA key password is ed0fd57e7d355af08d12ccdbfd3f5931       #\"\n", 
        "    \"#     Shell access: ssh -i configs/algo.pem ubuntu@54.85.244.8        #\"\n"
    ]
}
```
 6 years ago