Archives/algo
2
0
Fork 0
mirror of https://github.com/trailofbits/algo synced 2024-11-16 12:12:55 +00:00
Code Issues Projects Releases Wiki Activity
737 Commits 5 Branches 2 Tags 10 MiB
f585a416df
Commit Graph

737 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matt Behrens
f585a416df skip virtualenv check if already activated (#863) 
This allows the user to choose their virtualenv method, e.g.
[Pipenv](https://docs.pipenv.org/).
 2018-04-23 16:03:24 -07:00
Cat Jones
e78df40468 adds DigitalOcean documentation (#869) 2018-04-23 15:58:40 -07:00
iliyan jeliazkov
a8b4a47a88 Updating the language of the instructions (#880) 2018-04-18 22:10:03 -04:00
Anton T Johansson
7c087aeed9 Fixed path in Network Manager section (#860) 
"configs" directory missing in paths.
 2018-03-29 17:33:18 -04:00
Micah R Ledbetter
a2e051ef00 Add a workaround for disabling DNS filtering to the FAQ (#852) 
* Add a workaround for disabling DNS filtering to the FAQ

* Update faq.md
 2018-03-28 11:24:20 -07:00
Micah R Ledbetter
e944ee993a Embed certs into Windows deployment scripts (#840) 
- Obviate need to copy separate script and certificate files
- Allow execution from any directory, not just the script's parent
  directory (no assumption of any particular working directory)
- Fix docs that neglected to mention copying cacert.pem
- Fix docs that incorrectly referred to the user cert store

As part of this work, rewrite the windows_client.ps1.j2 deployment
script template

- Add comment-based help
- Require admin privileges
- Use a Param() block
- Use parameter sets with -Add and -Remove switches
- Add the -GetInstalledCerts switch, to list any Algo certificates
  installed the machine's cert store
- Add the -SaveCerts switch, to save the embedded certificates to files
- Put Jinja2 variables inside Powershell variables,
- Use native Powershell cmdlets rather than shell out to certutil.exe
- Add a playbook to regenerate the windows_USER.ps1 scripts
 2018-03-28 11:20:43 -07:00
Micah R Ledbetter
a8784bc0f4 Add FAQ entry regarding IPSEC backdoor (#460) (#853) 2018-03-28 11:20:17 -07:00
Micah R Ledbetter
4b0aea8f5a Document iptables rules (#854) 
* Remove firewall rule related to the old proxy role

* Remove proxy conditionals from mobileconfig template

* Add comments explaining firewall rules
 2018-03-28 11:17:56 -07:00
Arun John Kuruvilla
aea9c9a5e2 Removed ssh_public_key variable for AWS. Issue #773 (#817) 2018-03-27 21:53:13 +03:00
Utkan Gezer
32cbec6f5b Multi-line virtualenv setup script (#829) 
Changed the single-line virtualenv setup script into multi-line one. Should be equivalent to what it was before, and now viewable/copy-able without scrolling.
 2018-03-27 21:50:50 +03:00
Jack Ivanov
ac8b092ca5 TravisCI tests 2018-03-27 19:46:10 +03:00
Jack Ivanov
bb094a7b16 More debug for travis 2018-03-27 19:28:48 +03:00
Jack Ivanov
c378eacc00 Warn about local installation 2018-03-27 19:10:59 +03:00
Jack Ivanov
51209a0994 More debug for travis-ci 2018-03-27 19:04:42 +03:00
Rob
1edb95df9c Update client-android.md (#842) 
* Update client-android.md

Changed Installation via profiles sections - Opening the helper html file in Chrome (v65.0.3325.109 on Android 6.0.1) does not work correctly.

* Update client-android.md

* Update client-android.md
 2018-03-22 09:26:50 -04:00
Jack Ivanov
78830d96aa Android: add the CA and set the ciphers explicitly (#837) 2018-03-19 12:05:30 -04:00
Jack Ivanov
4e4440a318 Exclude CA from P12 (#835) 2018-03-17 17:16:22 -04:00
Damian Gerow
62fc22ab59 Creates a Docker container to run algo (#331) 
* Creates a Docker container to run algo

* Simplistic testing of the Docker image

This simply uses the same LXC system that was just tested.
It's functional, but minimal.

* More thorough tests against Docker

This doubles the number of LXC containers in use,
but does provide a more thorough test of the Docker
image.
 2018-03-16 16:38:53 -04:00
Jack Ivanov
0fda81f12d
Update ISSUE_TEMPLATE.md 2018-03-16 21:02:11 +03:00
Jack Ivanov
72026d0ec8
Update ISSUE_TEMPLATE.md 2018-03-16 21:01:26 +03:00
Jack Ivanov
3b19f13082 Enable no-resolv (#816) 2018-03-12 12:00:48 -04:00
adamluk
b30f6db079 Update rules.v6.j2 (#818) 
Updated to use -m conntrack for consistency as per the other IPv6 rules.
 2018-03-12 11:51:34 -04:00
Zac Connelly
3bb6c32abb update troubleshooting doc (#827) 
* update troubleshooting doc

* remove breakline

* bump issue to the bottom
 2018-03-12 11:49:45 -04:00
Jack Ivanov
13503575c5
Update ISSUE_TEMPLATE.md 2018-03-12 10:29:18 +03:00
Berry Phillips
ea7da89257 Explicitly create the virtualenv with Python2 (#823) 2018-03-08 22:16:40 -05:00
Jack Ivanov
7e07c35474 proper cloudformation template (#815) 2018-03-02 16:13:49 -05:00
Jack Ivanov
02427910de Ansible 2.4, Lightsail, Scaleway, DreamCompute (OpenStack) integration (#804) 
* Move to ansible-2.4.3

* Add Lightsail support #623

* Fixing the EC2 deployment

* Scaleway integration #623

* OpenStack cloud provider (DreamCompute optimised) #623

* Remove the security role

* Enable unattended-upgrades for clouds

* New requirements to make Azure and GCE work
 2018-03-02 07:55:54 -05:00
Jack Ivanov
4da752b603 Ubuntu 17.10 support (#811) 2018-02-24 14:17:34 +01:00
Dan Ackerson
d8f0393dd8 minimum DigitalOcean $5 type now 's-1vcpu-1gb' (#785) 
https://www.digitalocean.com/pricing/
 2018-01-27 12:02:00 -08:00
Micah R Ledbetter
5eed1bbba4 Use dns_servers in dnsmasq.conf (#794) 2018-01-27 12:01:12 -08:00
Achim Staebler
054dc0afcd Instructions for Ubuntu needed compiler install (#791) 
build-essential and python-dev are required when compiling pycrypt. Added the necessary packages to the apt-get install line.
 2018-01-24 09:03:47 -08:00
Douglas Gastonguay-Goddard
7eb4fc5f22 DigitalOcean - Add cleanup step for SSH key (#784) 
* Add cleanup step for SSH key.

* Two space tabs are hard to see.
 2018-01-19 20:06:15 -05:00
Jack Ivanov
d9b1b22fac Place the module digital_ocean_tag with the fix (#782) 
zesty is no longer available

disable ubuntu 17 at all
 2018-01-19 09:19:32 -05:00
Jack Ivanov
a844870b7a Sendmail should not be installed (#738) 2017-11-22 09:15:43 -05:00
Marcelo Elizeche Landó
07a1c70bf4 Update adblock.sh for systemd to fix issue #735 (#736) 
* Update script to restart the dnsmasq service using systemctl(systemd) command instead of service(Upstart)

* Use  instead of legacy  REF: https://github.com/koalaman/shellcheck/wiki/SC2006

* Replace non-standard egrep(deprecated) for grep -E. REF: https://github.com/koalaman/shellcheck/wiki/SC2196
 2017-11-21 00:50:05 -05:00
Brian Harrington
bd4ea1235f GCE correct variable key (#734) 
`server_name` should be `gce_server_name` for Google Compute Engine
 2017-11-21 00:49:54 -05:00
Allan
e01521bbf4 Update to deploy-to-ubuntu.md (#628) 
* Update to deploy-to-ubuntu.md

A fresh install (Off CD / ISO) doesn't include python-pip or python virtualenv module.
The fixes above take care of the additional requirements, as well as updating pip.

* Update deploy-to-ubuntu.md

Fix Typo
 2017-11-12 18:49:58 -05:00
Jurgen Verhasselt
d08e525906 Docs to deploy from, and setup client on, Fedora Workstation (#711) 
* docs/client-linux.md housekeeping

* add fedora-workstation instructions to client-linx.md

* add deploy-from-fedora-workstation doc

* change client-linux.md to internal link

* add deploy-from-fedora-workstation links

* correct markup

* correct typo
 2017-11-12 17:10:19 -05:00
Jack Ivanov
f18c1a0d67 Certificate revocation fix (#719) 2017-11-12 17:09:57 -05:00
Jack Ivanov
b64f682bae remove the dead code. Fixes #671 2017-11-08 18:22:58 +03:00
Jurgen Verhasselt
185c0f51d7 correct configs_prefix vars in client tasks (#712) 2017-11-04 07:16:29 +01:00
Henrik Holmboe
ea3766f02c Correct indentation for 'block' (#704) 2017-11-04 07:15:40 +01:00
Dan Guido
6572c2fb34 Closes #699 2017-10-20 22:16:28 -04:00
Julie Bernosky
dc4dff040e Add StrongSwan log level config option to ipsec.conf template (#700) 2017-10-19 16:06:43 +02:00
Jack Ivanov
3c55cd15a4 GCE. replace underscores (#698) 2017-10-18 16:23:57 -04:00
Jack Ivanov
ee7264f26e Ask users to enter the p12 password manually (#697) 2017-10-18 16:15:39 -04:00
Jack Ivanov
6b803e069f LibreSSL fix #625 (#685) 2017-10-01 16:40:08 -04:00
Jacob Wilder
fee009688e Change the second Canada Central to Canada East for Azure (#676) 2017-10-01 17:25:02 +02:00
Paul.W Harvey
e891d5c43b Generate stronger p12_export_password (#654) (#657) 
This buys us an extra 16bits of password guessing entropy by expanding the characterset from hex to [a-zA-Z0-9_@]
 2017-09-29 16:04:45 +02:00
pguizeline
9582cba128 Add new GCP zones in South America (#680) 2017-09-21 16:13:52 -04:00