-
-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refactoring #1334
Refactoring #1334
Conversation
I've run the following tests on DigitalOcean with an iOS client and all have passed: Deploy with IPsec + WG + SSH (OK) Deploy with WG only (OK) The only issue I noticed is that Also I think the dumping of the invocation environment in |
This comment has been minimized.
This comment has been minimized.
1e10b1a
to
29485a8
Compare
This comment has been minimized.
This comment has been minimized.
98a1867
to
e79d280
Compare
e79d280
to
e55de14
Compare
This comment has been minimized.
This comment has been minimized.
* upstream/master: Fix typo in doctl command (trailofbits#1350) skip generation of SSH keypair when deploying locally (trailofbits#1348) Refactoring (trailofbits#1334) Update cloud-pre.yml
<!--- Provide a general summary of your changes in the Title above --> ## Description Renames the vpn role to strongswan, and split up the variables to support 2 separate VPNs. Closes trailofbits#1330 and closes trailofbits#1162 Configures Ansible to use python3 on the server side. Closes trailofbits#1024 Removes unneeded playbooks, reorganises a lot of variables Reorganises the `config` folder. Closes trailofbits#1330 <details><summary>Here is how the config directory looks like now</summary> <p> ``` configs/X.X.X.X/ |-- ipsec | |-- apple | | |-- desktop.mobileconfig | | |-- laptop.mobileconfig | | `-- phone.mobileconfig | |-- manual | | |-- cacert.pem | | |-- desktop.p12 | | |-- desktop.ssh.pem | | |-- ipsec_desktop.conf | | |-- ipsec_desktop.secrets | | |-- ipsec_laptop.conf | | |-- ipsec_laptop.secrets | | |-- ipsec_phone.conf | | |-- ipsec_phone.secrets | | |-- laptop.p12 | | |-- laptop.ssh.pem | | |-- phone.p12 | | `-- phone.ssh.pem | `-- windows | |-- desktop.ps1 | |-- laptop.ps1 | `-- phone.ps1 |-- ssh-tunnel | |-- desktop.pem | |-- desktop.pub | |-- laptop.pem | |-- laptop.pub | |-- phone.pem | |-- phone.pub | `-- ssh_config `-- wireguard |-- desktop.conf |-- desktop.png |-- laptop.conf |-- laptop.png |-- phone.conf `-- phone.png ``` ![finder](https://i.imgur.com/FtOmKO0.png) </p> </details> ## Motivation and Context This refactoring is focused to aim to the 1.0 release ## How Has This Been Tested? Deployed to several cloud providers with various options enabled and disabled ## Types of changes <!--- What types of changes does your code introduce? Put an `x` in all the boxes that apply: --> - [x] Refactoring ## Checklist: <!--- Go over all the following points, and put an `x` in all the boxes that apply. --> <!--- If you're unsure about any of these, don't hesitate to ask. We're here to help! --> - [x] I have read the **CONTRIBUTING** document. - [x] My code follows the code style of this project. - [x] My change requires a change to the documentation. - [x] I have updated the documentation accordingly. - [x] All new and existing tests passed.
Description
Renames the vpn role to strongswan, and split up the variables to support 2 separate VPNs. Closes #1330 and closes #1162
Configures Ansible to use python3 on the server side. Closes #1024
Removes unneeded playbooks, reorganises a lot of variables
Reorganises the
config
folder. Closes #1330Here is how the config directory looks like now
Motivation and Context
This refactoring is focused to aim to the 1.0 release
How Has This Been Tested?
Deployed to several cloud providers with various options enabled and disabled
Types of changes
Checklist: