Archives
/
algo
mirror of https://github.com/trailofbits/algo
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
776 Commits
5 Branches
2 Tags
10 MiB
fix/14704
master
dependabot/pip/ansible-9.4.0
dependabot/github_actions/actions/setup-python-5.1.0
dependabot/pip/jinja2-approx-eq-3.1.3
v1.1
v1.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'facd55c635'
${ noResults }
Commit Graph

776 Commits (facd55c6355a50a4e45e9f223da30321c6bf78c4)
 

Author SHA1 Message Date
TC1977 facd55c635 Update deploy-to-ubuntu.md (#1019) 
* Update deploy-to-ubuntu.md

rewrite of #813

* Update deploy-to-ubuntu.md
 6 years ago
Jack Ivanov 07a6bbe652
Move max_mss to config.cfg (#1015) 
* Move max_mss to config.cfg

* Add docs about max_mss

* Update troubleshooting.md
 6 years ago
Jack Ivanov d1c58f0d28
apt_repository fix (#1017) 6 years ago
Jack Ivanov 4ca8c03e3c New default cipher suite (#991) 
* New ciphers enabled

* Update CHANGELOG.md

* Switch ecparam to secp384r1

* Change CertificateType to ECDSA384
 6 years ago
Jack Ivanov b061df6631
Move DNSCrypt proxy fallback_resolver to systemd resolved (#1011) 6 years ago
Mikael Forsgren 2931227db4 New Google Cloud Region (#1013) 
Added the new Google Cloud Region Finland (europe-north1) with 3 zones
 6 years ago
Emir Beganović 2f142f6dcc Remove duplicate dict key (enable_ipv6) (#999) 
Warning in yaml file:
` [WARNING]: While constructing a mapping from /root/algo/roles/cloud-scaleway/tasks/main.yml, line 73, column 11, found a duplicate dict key (enable_ipv6). Using last defined value only.`
 6 years ago
TC1977 6faac307af Update troubleshooting.md (#992) 
Many times people are reaching VPC limits not because they're running other VPCs on AWS, but because they've already deployed several times (AWS allows five VPCs per region). This lets people know they can simply delete their old VPCs instead of contacting AWS support.
 6 years ago
Jack Ivanov 030cb9a830 Test fixes 6 years ago
Jack Ivanov ffb5a1f737 WireGuard: disable SaveConfig, update-users fix (#985) 
- Disables SaveConfig. SaveConfig totally breaks the idea of configuration management and it breaks update-users
- WireGuard update-users fix. Mentioned in https://github.com/trailofbits/algo/issues/980#issuecomment-393720561
 6 years ago
Jack Ivanov d7bce68738 TravisCI fixes 6 years ago
Jack Ivanov 16e78087d1
Update CHANGELOG.md 6 years ago
Jack Ivanov daca84b640 Update references to 18.04 6 years ago
Jack Ivanov aee043977f explicit installation of linux headers (#975) 6 years ago
Jack Ivanov 2d9a36d13a Scaleway: enable ipv6 and switch to local boot (#974) 
- Enables IPv6 on Scaleway
- Adds local boot on scaleway
- Fixes #966
 6 years ago
Jack Ivanov d56f50180b Extra line and better DNS configuration for WireGuard (#968) 
- Adds an extra line after the if statement. Jinja2 trims such blocks by default in Ansible. Fixes #965
- More appropriate way to configure DNS servers
- Removes `DNS` option from the wireguard server config
- Fixes dnscrypt-proxy restart
 6 years ago
Paul Kehrer b928e4ff06 fix faq entry about cryptography build failure (#967) 6 years ago
Jack Ivanov 3488e660ad Add WireGuard support for Android (#910) 
* WireGuard Implementation

* Update client-android.md

* Update README.md

* WireGuard unattended upgrades

* Update README.md

* reload-module-on-update and syntax fix

* SaveConfig to true

* Azure firewall. Fixes #962

* Update README.md

* Update client-android.md
 6 years ago
Jack Ivanov d27b849f24 Ubuntu1804 (#925) 
- Fixes #897 #944 #956

Work in progress. Lightsail is not ready for Ubuntu 18.04 yet

- [x] DigitalOcean
~~- [ ] Amazon Lightsail~~
- [x] Amazon EC2
- [x] Microsoft Azure
- [x] Google Compute Engine
- [x] Scaleway
- [x] OpenStack (DreamCompute optimised)
 6 years ago
Evgeny Aleksandrov d9dc68164f Remove algo_params (#961) 6 years ago
Evgeny Aleksandrov 87836e0358 Fix typo (#960) 6 years ago
Stijn Balk 9fdbfb0977 Update GCP regions (#957) 
* Update GCP regions according to https://cloud.google.com/compute/docs/regions-zones/

* Update GCP regions according to https://cloud.google.com/compute/docs/regions-zones/

* set default back to belgium B
 6 years ago
Alexey Bogomolov 0de0952cf0 fix requirements.txt SecretStorage version (#914) 
Related to issue #877. Latest SecretStorage build requires Python '>=3.5' but Algo is running on Python 2
 6 years ago
Jack Ivanov 6f3ec658fe
Move to LXD (#935) 6 years ago
TC1977 e905220f61 Update config.cfg (#936) 
Fix typos - this puzzled me when I was attempting to install algo with dnscrypt last week.
 6 years ago
pguizeline e95ae829e3 Fix line spacing to improve readability (#932) 
Keeping the organized spacing
 6 years ago
pguizeline daf609ea03 Update README.md (#931) 
- Adds missing providers to the documentation with links.
- Mentions that your own server install needs to be an Ubuntu 16.04 LTS distro
- Emphasize that the p12 certificate password will only be available once
 6 years ago
Jack Ivanov 35e526a5a3 IPv6 fixes (#930) 6 years ago
pguizeline 499c195129 Add new Azure locations (#929) 
Reorganized and added new locations.
https://azure.microsoft.com/en-us/global-infrastructure/locations/
https://azure.microsoft.com/en-us/global-infrastructure/services/
 6 years ago
pguizeline 616b849b98 Add new EC2 regions (#928) 
Adds new EC2 regions according to:
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions
 6 years ago
Jack Ivanov 53ef2fcaa7
Increase SSH retries (#909) 6 years ago
Jack Ivanov 3945a0e286 Typo 6 years ago
Brian Hulette e01e82b1c3 Don't download minisig dnscrypt release (#905) 6 years ago
adamluk 3d9fa7f8c8 Update dnscrypt-proxy.toml.j2 (#899) 
Updated dnscrypt-proxy.tml with new options: cache_neg_min_ttl and cache_neg_max_ttl
 6 years ago
Jack Ivanov cfc985c776 DNS-crypt changelog 6 years ago
Dan Guido c276f971b7
monkey patch problematic dnscrypt-proxy cgroup limits (#894) 6 years ago
Jack Ivanov c82bd8c5ff DNS-over-HTTPS (#875) 6 years ago
Steven Crossan 4bd59bebf4 Update DO doc link in README.md (#890) 6 years ago
Jack Ivanov ed6e2d998d Add ipv6 address to subjectAltName if supported (#881) 
CHANGELOG

Some changes

Some changes
 6 years ago
Matt Behrens f585a416df skip virtualenv check if already activated (#863) 
This allows the user to choose their virtualenv method, e.g.
[Pipenv](https://docs.pipenv.org/).
 6 years ago
Cat Jones e78df40468 adds DigitalOcean documentation (#869) 6 years ago
iliyan jeliazkov a8b4a47a88 Updating the language of the instructions (#880) 6 years ago
Anton T Johansson 7c087aeed9 Fixed path in Network Manager section (#860) 
"configs" directory missing in paths.
 6 years ago
Micah R Ledbetter a2e051ef00 Add a workaround for disabling DNS filtering to the FAQ (#852) 
* Add a workaround for disabling DNS filtering to the FAQ

* Update faq.md
 6 years ago
Micah R Ledbetter e944ee993a Embed certs into Windows deployment scripts (#840) 
- Obviate need to copy separate script and certificate files
- Allow execution from any directory, not just the script's parent
  directory (no assumption of any particular working directory)
- Fix docs that neglected to mention copying cacert.pem
- Fix docs that incorrectly referred to the user cert store

As part of this work, rewrite the windows_client.ps1.j2 deployment
script template

- Add comment-based help
- Require admin privileges
- Use a Param() block
- Use parameter sets with -Add and -Remove switches
- Add the -GetInstalledCerts switch, to list any Algo certificates
  installed the machine's cert store
- Add the -SaveCerts switch, to save the embedded certificates to files
- Put Jinja2 variables inside Powershell variables,
- Use native Powershell cmdlets rather than shell out to certutil.exe
- Add a playbook to regenerate the windows_USER.ps1 scripts
 6 years ago
Micah R Ledbetter a8784bc0f4 Add FAQ entry regarding IPSEC backdoor (#460) (#853) 6 years ago
Micah R Ledbetter 4b0aea8f5a Document iptables rules (#854) 
* Remove firewall rule related to the old proxy role

* Remove proxy conditionals from mobileconfig template

* Add comments explaining firewall rules
 6 years ago
Arun John Kuruvilla aea9c9a5e2 Removed ssh_public_key variable for AWS. Issue #773 (#817) 6 years ago
Utkan Gezer 32cbec6f5b Multi-line virtualenv setup script (#829) 
Changed the single-line virtualenv setup script into multi-line one. Should be equivalent to what it was before, and now viewable/copy-able without scrolling.
 6 years ago
Jack Ivanov ac8b092ca5 TravisCI tests 6 years ago