diff options
| author | Jesse Luehrs <doy@tozt.net> | 2021-10-03 12:47:22 -0400 |
|---|---|---|
| committer | Jesse Luehrs <doy@tozt.net> | 2021-10-03 12:47:22 -0400 |
| commit | 781a5d4d51ab63388ed6b189d70966b2a20654dc (patch) | |
| tree | ff59f147b30418d5516f32675b72beb762fdbced | |
| parent | 3257e44002cd62097c70a80368fb0228f0f86809 (diff) | |
| download | puppet-tozt-781a5d4d51ab63388ed6b189d70966b2a20654dc.tar.gz puppet-tozt-781a5d4d51ab63388ed6b189d70966b2a20654dc.zip | |
update algo config patch
| -rw-r--r-- | bin/helpers/algo-config.diff | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/bin/helpers/algo-config.diff b/bin/helpers/algo-config.diff index a2c156a..edc046f 100644 --- a/bin/helpers/algo-config.diff +++ b/bin/helpers/algo-config.diff @@ -1,14 +1,13 @@ diff --git i/config.cfg w/config.cfg -index bee023f..887ca40 100644 +index a6b8952..3c78520 100644 --- i/config.cfg +++ w/config.cfg -@@ -6,9 +6,12 @@ +@@ -6,9 +6,11 @@ # User names with leading 0's or containing only numbers should be escaped in double quotes, e.g. "000dan" or "123". # Email addresses are not allowed. users: + - hornet + - mail -+ - mail2 + - partofme - phone - - laptop @@ -17,7 +16,7 @@ index bee023f..887ca40 100644 ### Review these options BEFORE you run Algo, as they are very difficult/impossible to change after the server is deployed. -@@ -17,7 +20,7 @@ users: +@@ -17,7 +19,7 @@ users: ssh_port: 4160 # Deploy StrongSwan to enable IPsec support @@ -26,7 +25,7 @@ index bee023f..887ca40 100644 # Deploy WireGuard # WireGuard will listen on 51820/UDP. You might need to change to another port -@@ -40,7 +43,7 @@ alternative_ingress_ip: false +@@ -40,7 +42,7 @@ alternative_ingress_ip: false # automatically based on your server, but if connections hang you might need to # adjust this yourself. # See: https://github.com/trailofbits/algo/blob/master/docs/troubleshooting.md#various-websites-appear-to-be-offline-through-the-vpn @@ -35,7 +34,7 @@ index bee023f..887ca40 100644 # Algo will use the following lists to block ads. You can add new block lists # after deployment by modifying the line starting "BLOCKLIST_URLS=" at: -@@ -53,13 +56,13 @@ adblock_lists: +@@ -53,13 +55,13 @@ adblock_lists: # Enable DNS encryption. # If 'false', 'dns_servers' should be specified below. # DNS encryption can not be disabled if DNS adblocking is enabled @@ -51,7 +50,7 @@ index bee023f..887ca40 100644 # Block SMB/CIFS traffic block_smb: true -@@ -73,7 +76,7 @@ block_netbios: true +@@ -73,7 +75,7 @@ block_netbios: true # which case a reboot will take place if necessary at the time specified (as # HH:MM) in the time zone of your Algo server. The default time zone is UTC. unattended_reboot: @@ -60,7 +59,7 @@ index bee023f..887ca40 100644 time: 06:00 ### Advanced users only below this line ### -@@ -122,7 +125,7 @@ strongswan_network_ipv6: '2001:db8:4160::/48' +@@ -122,7 +124,7 @@ strongswan_network_ipv6: '2001:db8:4160::/48' # If you're behind NAT or a firewall and you want to receive incoming connections long after network traffic has gone silent. # This option will keep the "connection" open in the eyes of NAT. # See: https://www.wireguard.com/quickstart/#nat-and-firewall-traversal-persistence |