mirror of
https://github.com/trailofbits/algo
synced 2024-11-18 09:25:38 +00:00
e8947f318b
* Refactoring, booleans declaration and update users fix * Make server_name more FQDN compatible * Rename variables * Define the default value for store_cakey * Skip a prompt about the SSH user if deploying to localhost * Disable reboot for non-cloud deployments * Enable EC2 volume encryption by default * Add default server value (localhost) for the local installation Delete empty files * Add default region to aws_region_facts * Update docs * EC2 credentials fix * Warnings fix * Update deploy-from-ansible.md * Fix a typo * Remove lightsail from the docs * Disable EC2 encryption by default * rename droplet to server * Disable dependencies * Disable tls_cipher_suite * Convert wifi-exclude to a string. Update-users fix * SSH access congrats fix * 16.04 > 18.04 * Dont ask for the credentials if specified in the environment vars * GCE server name fix
33 lines
648 B
Markdown
33 lines
648 B
Markdown
# FreeBSD / HardenedBSD server setup
|
|
|
|
FreeBSD server support is a work in progress. For now, it is only possible to install Algo on existing FreeBSD 11 systems.
|
|
|
|
## System preparation
|
|
|
|
Ensure that the following kernel options are enabled:
|
|
|
|
```
|
|
# sysctl kern.conftxt | grep -iE "IPSEC|crypto"
|
|
options IPSEC
|
|
options IPSEC_NAT_T
|
|
device crypto
|
|
```
|
|
|
|
## Available roles
|
|
|
|
* vpn
|
|
* ssh_tunneling
|
|
* dns_adblocking
|
|
|
|
## Additional variables
|
|
|
|
* rebuild_kernel - set to `true` if you want to let Algo to rebuild your kernel if needed (takes a lot of time)
|
|
|
|
## Installation
|
|
|
|
```shell
|
|
ansible-playbook main.yml -e "provider=local"
|
|
```
|
|
|
|
And follow the instructions
|