Skip to content

Instantly share code, notes, and snippets.

@jamezrin

jamezrin/gist:d836c93cd5ba1651ddf112a2c1e82b8b

Created January 15, 2019 22:52
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jamezrin/d836c93cd5ba1651ddf112a2c1e82b8b to your computer and use it in GitHub Desktop.
Save jamezrin/d836c93cd5ba1651ddf112a2c1e82b8b to your computer and use it in GitHub Desktop.
Download ZIP
Raw
gistfile1.txt
(env) pi@raspberrypi:~/algo-master $ ./algo
PLAY [Ask user for the input] *****************************************************************************************************************************************************************
TASK [Gathering Facts] ************************************************************************************************************************************************************************
ok: [localhost]
[pause]
What provider would you like to use?
1. DigitalOcean
2. Amazon Lightsail
3. Amazon EC2
4. Vultr
5. Microsoft Azure
6. Google Compute Engine
7. Scaleway
8. OpenStack (DreamCompute optimised)
9. Install to existing Ubuntu 18.04 server (Advanced)
Enter the number of your desired provider
:
9
TASK [pause] **********************************************************************************************************************************************************************************
ok: [localhost]
TASK [Set facts based on the input] ***********************************************************************************************************************************************************
ok: [localhost]
[pause]
Do you want macOS/iOS clients to enable "VPN On Demand" when connected to cellular networks?
[y/N]
:
y
TASK [pause] **********************************************************************************************************************************************************************************
ok: [localhost]
y[pause]
Do you want macOS/iOS clients to enable "VPN On Demand" when connected to Wi-Fi?
[y/N]
:
y
TASK [pause] **********************************************************************************************************************************************************************************
ok: [localhost]
[pause]
List the names of trusted Wi-Fi networks (if any) that macOS/iOS clients exclude from using the VPN
(e.g., your home network. Comma-separated value, e.g., HomeNet,OfficeWifi,AlgoWiFi)
:
TASK [pause] **********************************************************************************************************************************************************************************
ok: [localhost]
[pause]
Do you want to install a DNS resolver on this VPN server, to block ads while surfing?
[y/N]
:
n
TASK [pause] **********************************************************************************************************************************************************************************
ok: [localhost]
[pause]
Do you want each user to have their own account for SSH tunneling?
[y/N]
:
y
TASK [pause] **********************************************************************************************************************************************************************************
ok: [localhost]
[pause]
Do you want the VPN to support Windows 10 or Linux Desktop clients? (enables compatible ciphers and key exchange, less secure)
[y/N]
:
y
TASK [pause] **********************************************************************************************************************************************************************************
ok: [localhost]
[pause]
Do you want to retain the CA key? (required to add users in the future, but less secure)
[y/N]
:
y
TASK [pause] **********************************************************************************************************************************************************************************
ok: [localhost]
TASK [Set facts based on the input] ***********************************************************************************************************************************************************
ok: [localhost]
PLAY [Provision the server] *******************************************************************************************************************************************************************
TASK [Gathering Facts] ************************************************************************************************************************************************************************
ok: [localhost]
--> Please include the following block of text when reporting issues:
Algo running on: Raspbian GNU/Linux 9 (stretch)
ZIP file created: 2019-01-15 03:23:48.000000000 +0000
Python 2.7.13
Runtime variables:
algo_provider "local"
algo_ondemand_cellular "True"
algo_ondemand_wifi "True"
algo_ondemand_wifi_exclude "_null"
algo_local_dns "False"
algo_ssh_tunneling "True"
algo_windows "True"
wireguard_enabled "True"
dns_encryption "True"
TASK [Display the invocation environment] *****************************************************************************************************************************************************
changed: [localhost -> localhost]
TASK [Install the requirements] ***************************************************************************************************************************************************************
ok: [localhost -> localhost]
TASK [Generate the SSH private key] ***********************************************************************************************************************************************************
ok: [localhost]
TASK [Generate the SSH public key] ************************************************************************************************************************************************************
ok: [localhost]
[local : pause]
Enter the IP address of your server: (or use localhost for local installation):
[localhost]
:
TASK [local : pause] **************************************************************************************************************************************************************************
ok: [localhost]
TASK [local : Set the facts] ******************************************************************************************************************************************************************
ok: [localhost]
TASK [local : Set the facts] ******************************************************************************************************************************************************************
ok: [localhost]
[local : pause]
Enter the public IP address of your server: (IMPORTANT! This IP is used to verify the certificate)
[localhost]
:
jmrdns.x443.pw
TASK [local : pause] **************************************************************************************************************************************************************************
ok: [localhost]
TASK [local : Set the facts] ******************************************************************************************************************************************************************
ok: [localhost]
TASK [Set subjectAltName as afact] ************************************************************************************************************************************************************
ok: [localhost]
TASK [Add the server to an inventory group] ***************************************************************************************************************************************************
changed: [localhost]
TASK [debug] **********************************************************************************************************************************************************************************
ok: [localhost] => {
"IP_subject_alt_name": "jmrdns.x443.pw"
}
Pausing for 20 seconds
(ctrl+C then 'C' = continue early, ctrl+C then 'A' = abort)
TASK [A short pause, in order to be sure the instance is ready] *******************************************************************************************************************************
ok: [localhost]
PLAY [Configure the server and install required software] *************************************************************************************************************************************
TASK [common : Check the system] **************************************************************************************************************************************************************
changed: [localhost]
TASK [common : include_tasks] *****************************************************************************************************************************************************************
included: /home/pi/algo-master/roles/common/tasks/ubuntu.yml for localhost
ok: [localhost] => (item=[u'python2.7', u'sudo'])
TASK [common : Ubuntu | Install prerequisites] ************************************************************************************************************************************************
TASK [common : Ubuntu | Configure defaults] ***************************************************************************************************************************************************
ok: [localhost]
TASK [common : Gather facts] ******************************************************************************************************************************************************************
ok: [localhost]
TASK [common : Install unattended-upgrades] ***************************************************************************************************************************************************
ok: [localhost]
TASK [common : Configure unattended-upgrades] *************************************************************************************************************************************************
ok: [localhost]
TASK [common : Periodic upgrades configured] **************************************************************************************************************************************************
ok: [localhost]
TASK [common : Unattended reboots configured] *************************************************************************************************************************************************
ok: [localhost]
ok: [localhost] => (item={u'regexp': u'^session.*optional.*pam_motd.so.*', u'line': u'# MOTD DISABLED', u'file': u'/etc/pam.d/login'})
ok: [localhost] => (item={u'regexp': u'^session.*optional.*pam_motd.so.*', u'line': u'# MOTD DISABLED', u'file': u'/etc/pam.d/sshd'})
TASK [common : Disable MOTD on login and SSHD] ************************************************************************************************************************************************
TASK [common : Loopback for services configured] **********************************************************************************************************************************************
ok: [localhost]
ok: [localhost] => (item=systemd-networkd)
ok: [localhost] => (item=systemd-resolved)
TASK [common : systemd services enabled and started] ******************************************************************************************************************************************
TASK [common : Check apparmor support] ********************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": true, "cmd": "apparmor_status", "delta": "0:00:00.508023", "end": "2019-01-15 22:47:47.905316", "msg": "non-zero return code", "rc": 1, "start": "2019-01-15 22:47:47.397293", "stderr": "apparmor module is not loaded.", "stderr_lines": ["apparmor module is not loaded."], "stdout": "", "stdout_lines": []}
...ignoring
TASK [common : set_fact] **********************************************************************************************************************************************************************
ok: [localhost]
ok: [localhost] => (item=git)
ok: [localhost] => (item=screen)
ok: [localhost] => (item=apparmor-utils)
ok: [localhost] => (item=uuid-runtime)
ok: [localhost] => (item=coreutils)
ok: [localhost] => (item=iptables-persistent)
ok: [localhost] => (item=cgroup-tools)
ok: [localhost] => (item=openssl)
TASK [common : Install tools] *****************************************************************************************************************************************************************
failed: [localhost] (item=[u'linux-headers-generic', u'linux-headers-4.14.79-v7+']) => {"changed": false, "item": ["linux-headers-generic", "linux-headers-4.14.79-v7+"], "msg": "No package matching 'linux-headers-generic' is available"}
TASK [common : Install headers] ***************************************************************************************************************************************************************
TASK [common : debug] *************************************************************************************************************************************************************************
ok: [localhost] => {
"fail_hint": [
"Sorry, but something went wrong!",
"Please check the troubleshooting guide.",
"https://trailofbits.github.io/algo/troubleshooting.html"
]
}
TASK [common : fail] **************************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed as requested from task"}
PLAY RECAP ************************************************************************************************************************************************************************************
localhost : ok=41 changed=4 unreachable=0 failed=2
(env) pi@raspberrypi:~/algo-master $ (env) pi@raspberrypi:~/algo-master $ ./algo
PLAY [Ask user for the input] *****************************************************************************************************************************************************************
TASK [Gathering Facts] ************************************************************************************************************************************************************************
ok: [localhost]
[pause]
What provider would you like to use?
1. DigitalOcean
2. Amazon Lightsail
3. Amazon EC2
4. Vultr
5. Microsoft Azure
6. Google Compute Engine
7. Scaleway
8. OpenStack (DreamCompute optimised)
9. Install to existing Ubuntu 18.04 server (Advanced)
Enter the number of your desired provider
:
9
TASK [pause] **********************************************************************************************************************************************************************************
ok: [localhost]
TASK [Set facts based on the input] ***********************************************************************************************************************************************************
ok: [localhost]
[pause]
Do you want macOS/iOS clients to enable "VPN On Demand" when connected to cellular networks?
[y/N]
:
y
TASK [pause] **********************************************************************************************************************************************************************************
ok: [localhost]
y[pause]
Do you want macOS/iOS clients to enable "VPN On Demand" when connected to Wi-Fi?
[y/N]
:
y
TASK [pause] **********************************************************************************************************************************************************************************
ok: [localhost]
[pause]
List the names of trusted Wi-Fi networks (if any) that macOS/iOS clients exclude from using the VPN
(e.g., your home network. Comma-separated value, e.g., HomeNet,OfficeWifi,AlgoWiFi)
:
TASK [pause] **********************************************************************************************************************************************************************************
ok: [localhost]
[pause]
Do you want to install a DNS resolver on this VPN server, to block ads while surfing?
[y/N]
:
n
TASK [pause] **********************************************************************************************************************************************************************************
ok: [localhost]
[pause]
Do you want each user to have their own account for SSH tunneling?
[y/N]
:
y
TASK [pause] **********************************************************************************************************************************************************************************
ok: [localhost]
[pause]
Do you want the VPN to support Windows 10 or Linux Desktop clients? (enables compatible ciphers and key exchange, less secure)
[y/N]
:
y
TASK [pause] **********************************************************************************************************************************************************************************
ok: [localhost]
[pause]
Do you want to retain the CA key? (required to add users in the future, but less secure)
[y/N]
:
y
TASK [pause] **********************************************************************************************************************************************************************************
ok: [localhost]
TASK [Set facts based on the input] ***********************************************************************************************************************************************************
ok: [localhost]
PLAY [Provision the server] *******************************************************************************************************************************************************************
TASK [Gathering Facts] ************************************************************************************************************************************************************************
ok: [localhost]
--> Please include the following block of text when reporting issues:
Algo running on: Raspbian GNU/Linux 9 (stretch)
ZIP file created: 2019-01-15 03:23:48.000000000 +0000
Python 2.7.13
Runtime variables:
algo_provider "local"
algo_ondemand_cellular "True"
algo_ondemand_wifi "True"
algo_ondemand_wifi_exclude "_null"
algo_local_dns "False"
algo_ssh_tunneling "True"
algo_windows "True"
wireguard_enabled "True"
dns_encryption "True"
TASK [Display the invocation environment] *****************************************************************************************************************************************************
changed: [localhost -> localhost]
TASK [Install the requirements] ***************************************************************************************************************************************************************
ok: [localhost -> localhost]
TASK [Generate the SSH private key] ***********************************************************************************************************************************************************
ok: [localhost]
TASK [Generate the SSH public key] ************************************************************************************************************************************************************
ok: [localhost]
[local : pause]
Enter the IP address of your server: (or use localhost for local installation):
[localhost]
:
TASK [local : pause] **************************************************************************************************************************************************************************
ok: [localhost]
TASK [local : Set the facts] ******************************************************************************************************************************************************************
ok: [localhost]
TASK [local : Set the facts] ******************************************************************************************************************************************************************
ok: [localhost]
[local : pause]
Enter the public IP address of your server: (IMPORTANT! This IP is used to verify the certificate)
[localhost]
:
jmrdns.x443.pw
TASK [local : pause] **************************************************************************************************************************************************************************
ok: [localhost]
TASK [local : Set the facts] ******************************************************************************************************************************************************************
ok: [localhost]
TASK [Set subjectAltName as afact] ************************************************************************************************************************************************************
ok: [localhost]
TASK [Add the server to an inventory group] ***************************************************************************************************************************************************
changed: [localhost]
TASK [debug] **********************************************************************************************************************************************************************************
ok: [localhost] => {
"IP_subject_alt_name": "jmrdns.x443.pw"
}
Pausing for 20 seconds
(ctrl+C then 'C' = continue early, ctrl+C then 'A' = abort)
TASK [A short pause, in order to be sure the instance is ready] *******************************************************************************************************************************
ok: [localhost]
PLAY [Configure the server and install required software] *************************************************************************************************************************************
TASK [common : Check the system] **************************************************************************************************************************************************************
changed: [localhost]
TASK [common : include_tasks] *****************************************************************************************************************************************************************
included: /home/pi/algo-master/roles/common/tasks/ubuntu.yml for localhost
ok: [localhost] => (item=[u'python2.7', u'sudo'])
TASK [common : Ubuntu | Install prerequisites] ************************************************************************************************************************************************
TASK [common : Ubuntu | Configure defaults] ***************************************************************************************************************************************************
ok: [localhost]
TASK [common : Gather facts] ******************************************************************************************************************************************************************
ok: [localhost]
TASK [common : Install unattended-upgrades] ***************************************************************************************************************************************************
ok: [localhost]
TASK [common : Configure unattended-upgrades] *************************************************************************************************************************************************
ok: [localhost]
TASK [common : Periodic upgrades configured] **************************************************************************************************************************************************
ok: [localhost]
TASK [common : Unattended reboots configured] *************************************************************************************************************************************************
ok: [localhost]
ok: [localhost] => (item={u'regexp': u'^session.*optional.*pam_motd.so.*', u'line': u'# MOTD DISABLED', u'file': u'/etc/pam.d/login'})
ok: [localhost] => (item={u'regexp': u'^session.*optional.*pam_motd.so.*', u'line': u'# MOTD DISABLED', u'file': u'/etc/pam.d/sshd'})
TASK [common : Disable MOTD on login and SSHD] ************************************************************************************************************************************************
TASK [common : Loopback for services configured] **********************************************************************************************************************************************
ok: [localhost]
ok: [localhost] => (item=systemd-networkd)
ok: [localhost] => (item=systemd-resolved)
TASK [common : systemd services enabled and started] ******************************************************************************************************************************************
TASK [common : Check apparmor support] ********************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": true, "cmd": "apparmor_status", "delta": "0:00:00.508023", "end": "2019-01-15 22:47:47.905316", "msg": "non-zero return code", "rc": 1, "start": "2019-01-15 22:47:47.397293", "stderr": "apparmor module is not loaded.", "stderr_lines": ["apparmor module is not loaded."], "stdout": "", "stdout_lines": []}
...ignoring
TASK [common : set_fact] **********************************************************************************************************************************************************************
ok: [localhost]
ok: [localhost] => (item=git)
ok: [localhost] => (item=screen)
ok: [localhost] => (item=apparmor-utils)
ok: [localhost] => (item=uuid-runtime)
ok: [localhost] => (item=coreutils)
ok: [localhost] => (item=iptables-persistent)
ok: [localhost] => (item=cgroup-tools)
ok: [localhost] => (item=openssl)
TASK [common : Install tools] *****************************************************************************************************************************************************************
failed: [localhost] (item=[u'linux-headers-generic', u'linux-headers-4.14.79-v7+']) => {"changed": false, "item": ["linux-headers-generic", "linux-headers-4.14.79-v7+"], "msg": "No package matching 'linux-headers-generic' is available"}
TASK [common : Install headers] ***************************************************************************************************************************************************************
TASK [common : debug] *************************************************************************************************************************************************************************
ok: [localhost] => {
"fail_hint": [
"Sorry, but something went wrong!",
"Please check the troubleshooting guide.",
"https://trailofbits.github.io/algo/troubleshooting.html"
]
}
TASK [common : fail] **************************************************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed as requested from task"}
PLAY RECAP ************************************************************************************************************************************************************************************
localhost : ok=41 changed=4 unreachable=0 failed=2
(env) pi@raspberrypi:~/algo-master $
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment