config.cfg 2.8 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192
  1. ---
  2. # Add as many users as you want for your VPN server here.
  3. # Credentials will be generated for each one.
  4. users:
  5. - default
  6. # NOTE: If your usernames have leading 0's, like "000dan", you have to escape them
  7. ### Advanced users only below this line ###
  8. # If True re-init all existing certificates. (True or False)
  9. easyrsa_reinit_existent: False
  10. vpn_network: 10.19.48.0/20
  11. # https://www.sixxs.net/tools/whois/?fd9d:bc11:4020::/48
  12. vpn_network_ipv6: 'fd9d:bc11:4020::/48'
  13. server_name: "{{ ansible_ssh_host }}"
  14. IP_subject_alt_name: "{{ ansible_ssh_host }}"
  15. adblock_lists:
  16. - "http://winhelp2002.mvps.org/hosts.txt"
  17. - "https://adaway.org/hosts.txt"
  18. - "https://www.malwaredomainlist.com/hostslist/hosts.txt"
  19. - "https://hosts-file.net/ad_servers.txt"
  20. - "https://databuster.net/dns/blacklist.txt"
  21. dns_servers:
  22. ipv4:
  23. - 8.8.8.8
  24. - 8.8.4.4
  25. ipv6:
  26. - 2001:4860:4860::8888
  27. - 2001:4860:4860::8844
  28. # IP address for the local dns resolver
  29. local_service_ip: 172.16.0.1
  30. pkcs12_PayloadCertificateUUID: "{{ 900000 | random | to_uuid | upper }}"
  31. VPN_PayloadIdentifier: "{{ 800000 | random | to_uuid | upper }}"
  32. CA_PayloadIdentifier: "{{ 700000 | random | to_uuid | upper }}"
  33. # Block traffic between connected clients
  34. BetweenClients_DROP: Y
  35. congrats:
  36. common: |
  37. "# Congratulations! #"
  38. "# Your Algo server is running. #"
  39. "# Config files and certificates are in the ./configs/ directory. #"
  40. "# Go to https://whoer.net/ after connecting #"
  41. "# and ensure that all your traffic passes through the VPN. #"
  42. "# Local DNS resolver {{ local_service_ip }} #"
  43. p12_pass: |
  44. "# The p12 and SSH keys password for new users is {{ easyrsa_p12_export_password }} #"
  45. ca_key_pass: |
  46. "# The CA key password is {{ easyrsa_CA_password }} #"
  47. ssh_access: |
  48. "# Shell access: ssh -i {{ ansible_ssh_private_key_file|default(omit) }} {{ ansible_ssh_user|default(omit) }}@{{ ansible_ssh_host|default(omit) }} #"
  49. SSH_keys:
  50. comment: algo@ssh
  51. private: configs/algo.pem
  52. public: configs/algo.pem.pub
  53. cloud_providers:
  54. azure:
  55. size: Basic_A0
  56. image:
  57. offer: UbuntuServer
  58. publisher: Canonical
  59. sku: '16.04-LTS' # 16.04-LTS / 17.04
  60. version: latest
  61. digitalocean:
  62. size: 512mb
  63. image: "ubuntu-16-04-x64" # ubuntu-16-04-x64 / ubuntu-17-04-x64
  64. ec2:
  65. size: t2.micro
  66. image:
  67. name: "ubuntu-xenial-16.04" # ubuntu-xenial-16.04 / ubuntu-zesty-17.04
  68. owner: "099720109477"
  69. gce:
  70. size: f1-micro
  71. image: ubuntu-1604 # ubuntu-1604 / ubuntu-1704
  72. local:
  73. fail_hint:
  74. - Sorry, but something went wrong!
  75. - Please check the troubleshooting guide.
  76. - https://trailofbits.github.io/algo/troubleshooting.html