Archives
/
algo
mirror of https://github.com/trailofbits/algo
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
845 Commits
5 Branches
2 Tags
11 MiB
master
dependabot/pip/ansible-9.4.0
dependabot/github_actions/actions/setup-python-5.1.0
fix/14704
dependabot/pip/jinja2-approx-eq-3.1.3
v1.1
v1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a66d8f0069'
${ noResults }
Commit Graph

845 Commits (a66d8f00697029d95f7c35b0b33c827cd8d9cca0)
 

Author SHA1 Message Date
Jack Ivanov a66d8f0069 on-build python venvs (#1199) 6 years ago
Jack Ivanov 9187d8e637 dnscrypt-proxy apparmor fix (#1210) 
<!--- Provide a general summary of your changes in the Title above -->

## Description
Apparmor profile for dnscrypt-proxy didn't work at all

## Motivation and Context
Fixes #1155

## How Has This Been Tested?
Deployed to DigitalOcean, checked that the dnscrypt-proxy binary is in enforce mode

## Types of changes
<!--- What types of changes does your code introduce? Put an `x` in all the boxes that apply: -->
- [x] Bug fix (non-breaking change which fixes an issue)

## Checklist:
<!--- Go over all the following points, and put an `x` in all the boxes that apply. -->
<!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! -->
- [x] I have read the **CONTRIBUTING** document.
- [x] My code follows the code style of this project.
- [x] All new and existing tests passed.
 6 years ago
Jack Ivanov 45b00ee994
BSD StrongSwan fixes (#1207) 6 years ago
David Myers d8b318b59a Detect when running in Docker (#1204) 6 years ago
Jack Ivanov 1c16554b41
Rename Docker.md to deploy-from-docker.md 6 years ago
jxn affadd401d fix typos in docker documentation and shell-script text (#1202) 6 years ago
Jack Ivanov 66d30e3005
WireGuard update-users fix (#1183) 6 years ago
TC1977 75685e202b Troubleshooting.md updates (#1195) 
* Troubleshooting.md updates

Adds solutions to #1067 to the troubleshooting faq. Also moves a couple of answers to correspond to the headers.

* Change to Algo, strongly rec Ubuntu 18.04
 6 years ago
TC1977 a76642c4d5 Update mobileconfig.j2 (#1197) 
Adds "Algo VPN" to the organization in the "Profiles" menu of "General Settings". (The type still shows up as "Unknown" in the "VPN" menu, because that seems to be governed by the "VPNSubType" string, which must be empty according to the [developer reference](https://developer.apple.com/enterprise/documentation/Configuration-Profile-Reference.pdf) Maybe this can help clear the way for #1101.
 6 years ago
Jack Ivanov a53dec6349
Closes #1189 6 years ago
zuccs 2b2d90a8a9 Fix typo (#1165) 6 years ago
datew0 30446d0363 Set disk size depending on server plan (#1159) 
Scaleway`s START1-XS does not start with a disk size of 50GB.
 6 years ago
Jack Ivanov 399d47233a
add region (#1182) 6 years ago
Aleksander 465cbeb7e0 Update StrongSwan setup docs (#1181) 6 years ago
Bruno Tavares 54a91447bf Add documentation on how to setup GCE accounts (#1164) 
* Add documentation on how to setup GCE accounts

This commit adds the steps needed to create a credential with the needed access on Google Cloud Platform to be able to successfully create a new algo VPN.

Related to:
- https://github.com/trailofbits/algo/issues/682
- https://github.com/trailofbits/algo/issues/658

* Adds links on main README to GCP

* Adds link to Ansible documentation

* Update cloud-gce.md
 6 years ago
Jack Ivanov 3468d27e61 Lightsail back (#1157) 6 years ago
Jack Ivanov fbc7b29456 WireGuard update-users fix (#1154) 6 years ago
Jack Ivanov efc8dc7620
add tags for the wireguard qr code task. variables fix (#1147) 6 years ago
Jack Ivanov bcba905547 ssh tunneling fixes (#1127) 6 years ago
David Myers cd3fbe5e47 Add WireGuard port to FAQ (#1141) 6 years ago
David Myers d90ba3d11a Allow more flexible DNSCrypt configuration (#1120) 
* Allow more flexible DNSCrypt configuration

* Correct permissions on files changed in #1120

I'm not sure why using BBEdit over SMB makes every file executable.

* Put the public resolvers cache file in /tmp.
 6 years ago
Jack Ivanov d7dcaeb575
Update troubleshooting.md 
Fixes #1118
 6 years ago
Jack Ivanov 1442586682 WireGuard: Generate QR codes (#1129) 
* WireGuard: Generate QR codes

* Update client-android.md
 6 years ago
Jack Ivanov dbd68aa97d WireGuard BSD (#1083) 
* WireGuard BSD

* Remove unneeded config option

* Enable PersistentKeepalive for NAT and Firewall Traversal Persistence

* Install dnscrypt-proxy from repositories
 6 years ago
Jack Ivanov 6c0753e3b8 GCE: Static external ip (optional) (#1125) 6 years ago
Gio d'Amelio 810358f1cc Update algo-showenv.sh to use `/usr/bin/env` in it's hashbang (#1126) 
Should allow better cross platform compatibility
 6 years ago
Jack Ivanov aa318bff18
Update PULL_REQUEST_TEMPLATE.md 6 years ago
Jack Ivanov eb2224cde1
install generic linux headers (#1124) 6 years ago
Mike Myers 8f090a36f8 Fix minor typos in Amazon EC2 setup documentation. (#1116) 6 years ago
James 14234344eb Use gateway ip address for wireguard interface (#1115) 6 years ago
Jack Ivanov 4a42fbea35 Move to the ARM deployment schema (#1107) 6 years ago
Jack Ivanov 4e5103986c
Create PULL_REQUEST_TEMPLATE.md 6 years ago
Jack Ivanov 5e7f134005
Update issue templates (#1114) 
* Update issue templates

* Delete ISSUE_TEMPLATE.md
 6 years ago
TC1977 df4b3f6202 Update Win10 client docs for non-admin accounts (#1093) 
* Update client-windows.md

Allows non-admin accounts to use the VPN as per #983 and #994. Fix was also documented here https://www.bountysource.com/issues/49259904-windows-10-powershell-and-priv-nonpriv-account-issues

* Update client-windows.md
 6 years ago
ctrlaltreboot 57fb2ec347 Update client-windows.md (#1099) 
Correct command would be ```powershell -ExecutionPolicy ByPass -File C:\path\to\windows_USER.ps1 Add```
 6 years ago
David Myers 65b0239625 Display the invocation environment to aid debugging (#1108) 6 years ago
TC1977 76a8fe35db Document AWS disk encryption flag in config.cfg (#1102) 
This is to better document the "encryption" flag for those who are interested in full disk encryption on AWS. Recently on running the script, I also found the minimum permissions documented at https://github.com/trailofbits/algo/blob/master/docs/deploy-from-ansible.md weren't enough; "ec2:CopyImage" is also required. Not sure if you'd rather have this documented in the AWS docs instead, and not sure if you want "ec2:CopyImage" added to the default minimum required permissions. I can do either if you'd prefer.
 6 years ago
TC1977 4c70b71df5 Fix spacing in congrats message (#1104) 
The spacing of several lines in the congrats message has been off. Here's the congrats output with this fix:
```
ok: [54.85.244.8] => {
    "msg": [
        [
            "\"#                          Congratulations!                            #\"", 
            "\"#                     Your Algo server is running.                     #\"", 
            "\"#    Config files and certificates are in the ./configs/ directory.    #\"", 
            "\"#              Go to https://whoer.net/ after connecting               #\"", 
            "\"#        and ensure that all your traffic passes through the VPN.      #\"", 
            "\"#                     Local DNS resolver 172.16.0.1                    #\"", 
            ""
        ], 
        "    \"#        The p12 and SSH keys password for new users is CR2qzRcA       #\"\n", 
        "    \"#        The CA key password is ed0fd57e7d355af08d12ccdbfd3f5931       #\"\n", 
        "    \"#     Shell access: ssh -i configs/algo.pem ubuntu@54.85.244.8        #\"\n"
    ]
}
```
 6 years ago
David Myers d95df710a5 Add an unattended reboot option (#1082) 6 years ago
in-in 244a698531 improve readability (#1085) 6 years ago
Jack Ivanov cbe57991db Update docs (#1089) 6 years ago
Jack Ivanov 91a9dfd983 invoke dns encryption from main playbook instead of meta-dependencies (#1097) 6 years ago
Mike Myers d9634eca8a Update screenshot of AWS EC2 minimum permissions with ec2:DescribeRegions (#1095) 6 years ago
Jack Ivanov 002c4ef198
Update ISSUE_TEMPLATE.md 6 years ago
Jack Ivanov 0188b2ff64
Update deploy-to-ubuntu.md 6 years ago
Jack Ivanov 687bab9e54
Update troubleshooting.md 
Fixes #744
 6 years ago
Jack Ivanov fb1c0f6a5e
Create a symlink if deploying to localhost (#1078) 6 years ago
Jack Ivanov e860b78d80
Scaleway authentication fix (#1088) 6 years ago
David Myers ee3cb979f7 Document how to use WireGuard on Ubuntu clients (#1071) 6 years ago
Jack Ivanov f63bc1ef97
Update CHANGELOG.md 6 years ago