Commit Graph

885 Commits

Author SHA1 Message Date
David Myers
b86ebe20d7 Prevent DNS rebinding (#1049) 2018-08-08 00:25:33 -04:00
Quentin Moss
e0c317a958 Update documentation link (#1043) 2018-07-30 10:28:14 -04:00
Fabian Foerg
3ddd0ac30f Run dnsmasq as the dnsmasq user (#1029)
* Run dnsmasq as the dnsmasq user

There is a task that checks whether the dnsmasq user exists.
However, dnsmasq is configured to run as user "nobody" instead.
This change lets dnsmasq run as user "dnsmasq".

* remove dnsmasq user task
2018-07-30 09:01:49 -04:00
Quentin Moss
b88f697b28 Update troubleshooting docs to include iOS reconnection loop (#1042)
* Update troubleshooting docs to include iOS reconnection loop

* nits
2018-07-30 09:01:03 -04:00
bghost
60a99faaf8 Update PPA for dnscrypt-proxy to 'bionic' (#1039) 2018-07-30 08:56:01 +03:00
Mike Myers
c65961a1f3 Amazon ec2 documentation (#1035)
* Add link to documentation on Amazon EC2 setup

* Add images to document the AWS EC2 account setup

* Create AWS EC2 setup instructions

* remove line breaks

* remove line breaks

* Add images documenting AWS EC2 policy creation

* Update image showing advised minimum AWS policy

* Add instructions for minimum AWS permission policy

* Delete aws-ec2-attach-policy.png

* Updated image to reflect new AWS policy guidance

* Delete aws-ec2-new-user-confirm.png

* Updated image to reflect new AWS policy guidance
2018-07-22 17:58:09 -04:00
Jack Ivanov
ca59eeb5c3 Explicitly allow traffic between clients if enabled (#1028) 2018-07-20 10:31:27 -04:00
Jack Ivanov
952e759af4
Revert "Update dnscrypt-proxy.toml.j2 (#1022)" (#1030)
This reverts commit e6281bc7df.
2018-07-20 09:48:59 +03:00
adamluk
e6281bc7df Update dnscrypt-proxy.toml.j2 (#1022) 2018-07-12 17:03:36 +03:00
TC1977
facd55c635 Update deploy-to-ubuntu.md (#1019)
* Update deploy-to-ubuntu.md

rewrite of #813

* Update deploy-to-ubuntu.md
2018-07-03 10:02:54 -04:00
Jack Ivanov
07a6bbe652
Move max_mss to config.cfg (#1015)
* Move max_mss to config.cfg

* Add docs about max_mss

* Update troubleshooting.md
2018-07-03 09:06:45 +03:00
Jack Ivanov
d1c58f0d28
apt_repository fix (#1017) 2018-07-02 16:33:31 +03:00
Jack Ivanov
4ca8c03e3c New default cipher suite (#991)
* New ciphers enabled

* Update CHANGELOG.md

* Switch ecparam to secp384r1

* Change CertificateType to ECDSA384
2018-06-27 11:22:45 -04:00
Jack Ivanov
b061df6631
Move DNSCrypt proxy fallback_resolver to systemd resolved (#1011) 2018-06-26 13:11:09 +03:00
Mikael Forsgren
2931227db4 New Google Cloud Region (#1013)
Added the new Google Cloud Region Finland (europe-north1) with 3 zones
2018-06-26 13:01:45 +03:00
Emir Beganović
2f142f6dcc Remove duplicate dict key (enable_ipv6) (#999)
Warning in yaml file:
` [WARNING]: While constructing a mapping from /root/algo/roles/cloud-scaleway/tasks/main.yml, line 73, column 11, found a duplicate dict key (enable_ipv6). Using last defined value only.`
2018-06-25 13:40:51 +03:00
TC1977
6faac307af Update troubleshooting.md (#992)
Many times people are reaching VPC limits not because they're running other VPCs on AWS, but because they've already deployed several times (AWS allows five VPCs per region). This lets people know they can simply delete their old VPCs instead of contacting AWS support.
2018-06-04 11:09:01 -04:00
Jack Ivanov
030cb9a830 Test fixes 2018-06-01 17:41:30 +03:00
Jack Ivanov
ffb5a1f737 WireGuard: disable SaveConfig, update-users fix (#985)
- Disables SaveConfig. SaveConfig totally breaks the idea of configuration management and it breaks update-users
- WireGuard update-users fix. Mentioned in https://github.com/trailofbits/algo/issues/980#issuecomment-393720561
2018-06-01 10:06:03 -04:00
Jack Ivanov
d7bce68738 TravisCI fixes 2018-05-31 23:08:32 +03:00
Jack Ivanov
16e78087d1
Update CHANGELOG.md 2018-05-30 17:17:08 +03:00
Jack Ivanov
daca84b640 Update references to 18.04 2018-05-30 17:11:32 +03:00
Jack Ivanov
aee043977f explicit installation of linux headers (#975) 2018-05-29 21:43:06 -07:00
Jack Ivanov
2d9a36d13a Scaleway: enable ipv6 and switch to local boot (#974)
- Enables IPv6 on Scaleway
- Adds local boot on scaleway
- Fixes #966
2018-05-28 12:16:06 -07:00
Jack Ivanov
d56f50180b Extra line and better DNS configuration for WireGuard (#968)
- Adds an extra line after the if statement. Jinja2 trims such blocks by default in Ansible. Fixes #965
- More appropriate way to configure DNS servers
- Removes `DNS` option from the wireguard server config
- Fixes dnscrypt-proxy restart
2018-05-25 10:37:13 -07:00
Paul Kehrer
b928e4ff06 fix faq entry about cryptography build failure (#967) 2018-05-25 06:02:16 -07:00
Jack Ivanov
3488e660ad Add WireGuard support for Android (#910)
* WireGuard Implementation

* Update client-android.md

* Update README.md

* WireGuard unattended upgrades

* Update README.md

* reload-module-on-update and syntax fix

* SaveConfig to true

* Azure firewall. Fixes #962

* Update README.md

* Update client-android.md
2018-05-24 08:15:27 -07:00
Jack Ivanov
d27b849f24 Ubuntu1804 (#925)
- Fixes #897 #944 #956

Work in progress. Lightsail is not ready for Ubuntu 18.04 yet

- [x] DigitalOcean
~~- [ ] Amazon Lightsail~~
- [x] Amazon EC2
- [x] Microsoft Azure
- [x] Google Compute Engine
- [x] Scaleway
- [x] OpenStack (DreamCompute optimised)
2018-05-24 07:08:14 -07:00
Evgeny Aleksandrov
d9dc68164f Remove algo_params (#961) 2018-05-24 09:01:26 +03:00
Evgeny Aleksandrov
87836e0358 Fix typo (#960) 2018-05-24 09:00:38 +03:00
Stijn Balk
9fdbfb0977 Update GCP regions (#957)
* Update GCP regions according to https://cloud.google.com/compute/docs/regions-zones/

* Update GCP regions according to https://cloud.google.com/compute/docs/regions-zones/

* set default back to belgium B
2018-05-23 09:17:10 -07:00
Alexey Bogomolov
0de0952cf0 fix requirements.txt SecretStorage version (#914)
Related to issue #877. Latest SecretStorage build requires Python '>=3.5' but Algo is running on Python 2
2018-05-18 12:35:56 +03:00
Jack Ivanov
6f3ec658fe
Move to LXD (#935) 2018-05-10 09:03:05 +03:00
TC1977
e905220f61 Update config.cfg (#936)
Fix typos - this puzzled me when I was attempting to install algo with dnscrypt last week.
2018-05-09 13:14:31 -07:00
pguizeline
e95ae829e3 Fix line spacing to improve readability (#932)
Keeping the organized spacing
2018-05-09 11:25:14 -07:00
pguizeline
daf609ea03 Update README.md (#931)
- Adds missing providers to the documentation with links.
- Mentions that your own server install needs to be an Ubuntu 16.04 LTS distro
- Emphasize that the p12 certificate password will only be available once
2018-05-08 13:57:21 -07:00
Jack Ivanov
35e526a5a3 IPv6 fixes (#930) 2018-05-08 13:55:17 -07:00
pguizeline
499c195129 Add new Azure locations (#929)
Reorganized and added new locations.
https://azure.microsoft.com/en-us/global-infrastructure/locations/
https://azure.microsoft.com/en-us/global-infrastructure/services/
2018-05-08 13:07:27 -07:00
pguizeline
616b849b98 Add new EC2 regions (#928)
Adds new EC2 regions according to:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions
2018-05-08 13:07:06 -07:00
Jack Ivanov
53ef2fcaa7
Increase SSH retries (#909) 2018-05-03 16:04:39 +03:00
Jack Ivanov
3945a0e286 Typo 2018-04-30 09:29:43 +03:00
Brian Hulette
e01e82b1c3 Don't download minisig dnscrypt release (#905) 2018-04-29 10:32:10 -07:00
adamluk
3d9fa7f8c8 Update dnscrypt-proxy.toml.j2 (#899)
Updated dnscrypt-proxy.tml with new options: cache_neg_min_ttl and cache_neg_max_ttl
2018-04-27 07:29:29 -07:00
Jack Ivanov
cfc985c776 DNS-crypt changelog 2018-04-27 10:06:51 +03:00
Dan Guido
c276f971b7
monkey patch problematic dnscrypt-proxy cgroup limits (#894) 2018-04-25 15:32:50 -07:00
Jack Ivanov
c82bd8c5ff DNS-over-HTTPS (#875) 2018-04-25 12:27:58 -07:00
Steven Crossan
4bd59bebf4 Update DO doc link in README.md (#890) 2018-04-24 19:42:23 -07:00
Jack Ivanov
ed6e2d998d Add ipv6 address to subjectAltName if supported (#881)
CHANGELOG

Some changes

Some changes
2018-04-23 16:06:34 -07:00
Matt Behrens
f585a416df skip virtualenv check if already activated (#863)
This allows the user to choose their virtualenv method, e.g.
[Pipenv](https://docs.pipenv.org/).
2018-04-23 16:03:24 -07:00
Cat Jones
e78df40468 adds DigitalOcean documentation (#869) 2018-04-23 15:58:40 -07:00