I ran into the same issue as #1058, and the solution worked.
This PR generalizes the solution and adds it to the troubleshooting documentation, making it easier to resolve for future users.
<!--- Provide a general summary of your changes in the Title above -->
## Description
Apparmor profile for dnscrypt-proxy didn't work at all
## Motivation and Context
Fixes#1155
## How Has This Been Tested?
Deployed to DigitalOcean, checked that the dnscrypt-proxy binary is in enforce mode
## Types of changes
<!--- What types of changes does your code introduce? Put an `x` in all the boxes that apply: -->
- [x] Bug fix (non-breaking change which fixes an issue)
## Checklist:
<!--- Go over all the following points, and put an `x` in all the boxes that apply. -->
<!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->
- [x] I have read the **CONTRIBUTING** document.
- [x] My code follows the code style of this project.
- [x] All new and existing tests passed.
* Troubleshooting.md updates
Adds solutions to #1067 to the troubleshooting faq. Also moves a couple of answers to correspond to the headers.
* Change to Algo, strongly rec Ubuntu 18.04
Adds "Algo VPN" to the organization in the "Profiles" menu of "General Settings". (The type still shows up as "Unknown" in the "VPN" menu, because that seems to be governed by the "VPNSubType" string, which must be empty according to the [developer reference](https://developer.apple.com/enterprise/documentation/Configuration-Profile-Reference.pdf) Maybe this can help clear the way for #1101.
* Add documentation on how to setup GCE accounts
This commit adds the steps needed to create a credential with the needed access on Google Cloud Platform to be able to successfully create a new algo VPN.
Related to:
- https://github.com/trailofbits/algo/issues/682
- https://github.com/trailofbits/algo/issues/658
* Adds links on main README to GCP
* Adds link to Ansible documentation
* Update cloud-gce.md
* Allow more flexible DNSCrypt configuration
* Correct permissions on files changed in #1120
I'm not sure why using BBEdit over SMB makes every file executable.
* Put the public resolvers cache file in /tmp.
This is to better document the "encryption" flag for those who are interested in full disk encryption on AWS. Recently on running the script, I also found the minimum permissions documented at https://github.com/trailofbits/algo/blob/master/docs/deploy-from-ansible.md weren't enough; "ec2:CopyImage" is also required. Not sure if you'd rather have this documented in the AWS docs instead, and not sure if you want "ec2:CopyImage" added to the default minimum required permissions. I can do either if you'd prefer.
The spacing of several lines in the congrats message has been off. Here's the congrats output with this fix:
```
ok: [54.85.244.8] => {
"msg": [
[
"\"# Congratulations! #\"",
"\"# Your Algo server is running. #\"",
"\"# Config files and certificates are in the ./configs/ directory. #\"",
"\"# Go to https://whoer.net/ after connecting #\"",
"\"# and ensure that all your traffic passes through the VPN. #\"",
"\"# Local DNS resolver 172.16.0.1 #\"",
""
],
" \"# The p12 and SSH keys password for new users is CR2qzRcA #\"\n",
" \"# The CA key password is ed0fd57e7d355af08d12ccdbfd3f5931 #\"\n",
" \"# Shell access: ssh -i configs/algo.pem ubuntu@54.85.244.8 #\"\n"
]
}
```
