David Myers
b86ebe20d7
Prevent DNS rebinding ( #1049 )
2018-08-08 00:25:33 -04:00
Quentin Moss
e0c317a958
Update documentation link ( #1043 )
2018-07-30 10:28:14 -04:00
Fabian Foerg
3ddd0ac30f
Run dnsmasq as the dnsmasq user ( #1029 )
...
* Run dnsmasq as the dnsmasq user
There is a task that checks whether the dnsmasq user exists.
However, dnsmasq is configured to run as user "nobody" instead.
This change lets dnsmasq run as user "dnsmasq".
* remove dnsmasq user task
2018-07-30 09:01:49 -04:00
Quentin Moss
b88f697b28
Update troubleshooting docs to include iOS reconnection loop ( #1042 )
...
* Update troubleshooting docs to include iOS reconnection loop
* nits
2018-07-30 09:01:03 -04:00
bghost
60a99faaf8
Update PPA for dnscrypt-proxy to 'bionic' ( #1039 )
2018-07-30 08:56:01 +03:00
Mike Myers
c65961a1f3
Amazon ec2 documentation ( #1035 )
...
* Add link to documentation on Amazon EC2 setup
* Add images to document the AWS EC2 account setup
* Create AWS EC2 setup instructions
* remove line breaks
* remove line breaks
* Add images documenting AWS EC2 policy creation
* Update image showing advised minimum AWS policy
* Add instructions for minimum AWS permission policy
* Delete aws-ec2-attach-policy.png
* Updated image to reflect new AWS policy guidance
* Delete aws-ec2-new-user-confirm.png
* Updated image to reflect new AWS policy guidance
2018-07-22 17:58:09 -04:00
Jack Ivanov
ca59eeb5c3
Explicitly allow traffic between clients if enabled ( #1028 )
2018-07-20 10:31:27 -04:00
Jack Ivanov
952e759af4
Revert "Update dnscrypt-proxy.toml.j2 ( #1022 )" ( #1030 )
...
This reverts commit e6281bc7df
.
2018-07-20 09:48:59 +03:00
adamluk
e6281bc7df
Update dnscrypt-proxy.toml.j2 ( #1022 )
2018-07-12 17:03:36 +03:00
TC1977
facd55c635
Update deploy-to-ubuntu.md ( #1019 )
...
* Update deploy-to-ubuntu.md
rewrite of #813
* Update deploy-to-ubuntu.md
2018-07-03 10:02:54 -04:00
Jack Ivanov
07a6bbe652
Move max_mss to config.cfg ( #1015 )
...
* Move max_mss to config.cfg
* Add docs about max_mss
* Update troubleshooting.md
2018-07-03 09:06:45 +03:00
Jack Ivanov
d1c58f0d28
apt_repository fix ( #1017 )
2018-07-02 16:33:31 +03:00
Jack Ivanov
4ca8c03e3c
New default cipher suite ( #991 )
...
* New ciphers enabled
* Update CHANGELOG.md
* Switch ecparam to secp384r1
* Change CertificateType to ECDSA384
2018-06-27 11:22:45 -04:00
Jack Ivanov
b061df6631
Move DNSCrypt proxy fallback_resolver to systemd resolved ( #1011 )
2018-06-26 13:11:09 +03:00
Mikael Forsgren
2931227db4
New Google Cloud Region ( #1013 )
...
Added the new Google Cloud Region Finland (europe-north1) with 3 zones
2018-06-26 13:01:45 +03:00
Emir Beganović
2f142f6dcc
Remove duplicate dict key (enable_ipv6) ( #999 )
...
Warning in yaml file:
` [WARNING]: While constructing a mapping from /root/algo/roles/cloud-scaleway/tasks/main.yml, line 73, column 11, found a duplicate dict key (enable_ipv6). Using last defined value only.`
2018-06-25 13:40:51 +03:00
TC1977
6faac307af
Update troubleshooting.md ( #992 )
...
Many times people are reaching VPC limits not because they're running other VPCs on AWS, but because they've already deployed several times (AWS allows five VPCs per region). This lets people know they can simply delete their old VPCs instead of contacting AWS support.
2018-06-04 11:09:01 -04:00
Jack Ivanov
030cb9a830
Test fixes
2018-06-01 17:41:30 +03:00
Jack Ivanov
ffb5a1f737
WireGuard: disable SaveConfig, update-users fix ( #985 )
...
- Disables SaveConfig. SaveConfig totally breaks the idea of configuration management and it breaks update-users
- WireGuard update-users fix. Mentioned in https://github.com/trailofbits/algo/issues/980#issuecomment-393720561
2018-06-01 10:06:03 -04:00
Jack Ivanov
d7bce68738
TravisCI fixes
2018-05-31 23:08:32 +03:00
Jack Ivanov
16e78087d1
Update CHANGELOG.md
2018-05-30 17:17:08 +03:00
Jack Ivanov
daca84b640
Update references to 18.04
2018-05-30 17:11:32 +03:00
Jack Ivanov
aee043977f
explicit installation of linux headers ( #975 )
2018-05-29 21:43:06 -07:00
Jack Ivanov
2d9a36d13a
Scaleway: enable ipv6 and switch to local boot ( #974 )
...
- Enables IPv6 on Scaleway
- Adds local boot on scaleway
- Fixes #966
2018-05-28 12:16:06 -07:00
Jack Ivanov
d56f50180b
Extra line and better DNS configuration for WireGuard ( #968 )
...
- Adds an extra line after the if statement. Jinja2 trims such blocks by default in Ansible. Fixes #965
- More appropriate way to configure DNS servers
- Removes `DNS` option from the wireguard server config
- Fixes dnscrypt-proxy restart
2018-05-25 10:37:13 -07:00
Paul Kehrer
b928e4ff06
fix faq entry about cryptography build failure ( #967 )
2018-05-25 06:02:16 -07:00
Jack Ivanov
3488e660ad
Add WireGuard support for Android ( #910 )
...
* WireGuard Implementation
* Update client-android.md
* Update README.md
* WireGuard unattended upgrades
* Update README.md
* reload-module-on-update and syntax fix
* SaveConfig to true
* Azure firewall. Fixes #962
* Update README.md
* Update client-android.md
2018-05-24 08:15:27 -07:00
Jack Ivanov
d27b849f24
Ubuntu1804 ( #925 )
...
- Fixes #897 #944 #956
Work in progress. Lightsail is not ready for Ubuntu 18.04 yet
- [x] DigitalOcean
~~- [ ] Amazon Lightsail~~
- [x] Amazon EC2
- [x] Microsoft Azure
- [x] Google Compute Engine
- [x] Scaleway
- [x] OpenStack (DreamCompute optimised)
2018-05-24 07:08:14 -07:00
Evgeny Aleksandrov
d9dc68164f
Remove algo_params ( #961 )
2018-05-24 09:01:26 +03:00
Evgeny Aleksandrov
87836e0358
Fix typo ( #960 )
2018-05-24 09:00:38 +03:00
Stijn Balk
9fdbfb0977
Update GCP regions ( #957 )
...
* Update GCP regions according to https://cloud.google.com/compute/docs/regions-zones/
* Update GCP regions according to https://cloud.google.com/compute/docs/regions-zones/
* set default back to belgium B
2018-05-23 09:17:10 -07:00
Alexey Bogomolov
0de0952cf0
fix requirements.txt SecretStorage version ( #914 )
...
Related to issue #877 . Latest SecretStorage build requires Python '>=3.5' but Algo is running on Python 2
2018-05-18 12:35:56 +03:00
Jack Ivanov
6f3ec658fe
Move to LXD ( #935 )
2018-05-10 09:03:05 +03:00
TC1977
e905220f61
Update config.cfg ( #936 )
...
Fix typos - this puzzled me when I was attempting to install algo with dnscrypt last week.
2018-05-09 13:14:31 -07:00
pguizeline
e95ae829e3
Fix line spacing to improve readability ( #932 )
...
Keeping the organized spacing
2018-05-09 11:25:14 -07:00
pguizeline
daf609ea03
Update README.md ( #931 )
...
- Adds missing providers to the documentation with links.
- Mentions that your own server install needs to be an Ubuntu 16.04 LTS distro
- Emphasize that the p12 certificate password will only be available once
2018-05-08 13:57:21 -07:00
Jack Ivanov
35e526a5a3
IPv6 fixes ( #930 )
2018-05-08 13:55:17 -07:00
pguizeline
499c195129
Add new Azure locations ( #929 )
...
Reorganized and added new locations.
https://azure.microsoft.com/en-us/global-infrastructure/locations/
https://azure.microsoft.com/en-us/global-infrastructure/services/
2018-05-08 13:07:27 -07:00
pguizeline
616b849b98
Add new EC2 regions ( #928 )
...
Adds new EC2 regions according to:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions
2018-05-08 13:07:06 -07:00
Jack Ivanov
53ef2fcaa7
Increase SSH retries ( #909 )
2018-05-03 16:04:39 +03:00
Jack Ivanov
3945a0e286
Typo
2018-04-30 09:29:43 +03:00
Brian Hulette
e01e82b1c3
Don't download minisig dnscrypt release ( #905 )
2018-04-29 10:32:10 -07:00
adamluk
3d9fa7f8c8
Update dnscrypt-proxy.toml.j2 ( #899 )
...
Updated dnscrypt-proxy.tml with new options: cache_neg_min_ttl and cache_neg_max_ttl
2018-04-27 07:29:29 -07:00
Jack Ivanov
cfc985c776
DNS-crypt changelog
2018-04-27 10:06:51 +03:00
Dan Guido
c276f971b7
monkey patch problematic dnscrypt-proxy cgroup limits ( #894 )
2018-04-25 15:32:50 -07:00
Jack Ivanov
c82bd8c5ff
DNS-over-HTTPS ( #875 )
2018-04-25 12:27:58 -07:00
Steven Crossan
4bd59bebf4
Update DO doc link in README.md ( #890 )
2018-04-24 19:42:23 -07:00
Jack Ivanov
ed6e2d998d
Add ipv6 address to subjectAltName if supported ( #881 )
...
CHANGELOG
Some changes
Some changes
2018-04-23 16:06:34 -07:00
Matt Behrens
f585a416df
skip virtualenv check if already activated ( #863 )
...
This allows the user to choose their virtualenv method, e.g.
[Pipenv](https://docs.pipenv.org/ ).
2018-04-23 16:03:24 -07:00
Cat Jones
e78df40468
adds DigitalOcean documentation ( #869 )
2018-04-23 15:58:40 -07:00