From 6ce6f5c81e8e5a27ae6f4357512ee2e3362605aa Mon Sep 17 00:00:00 2001 From: Matthew Hall Date: Mon, 1 Apr 2024 02:23:59 +0100 Subject: [PATCH 1/5] Use region code instead of name to deploy in non-default Vultr region. (#14713) --- roles/cloud-vultr/tasks/prompts.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/cloud-vultr/tasks/prompts.yml b/roles/cloud-vultr/tasks/prompts.yml index 7813b0f5b..51e2ddd61 100644 --- a/roles/cloud-vultr/tasks/prompts.yml +++ b/roles/cloud-vultr/tasks/prompts.yml @@ -54,5 +54,5 @@ set_fact: algo_vultr_region: >- {% if region is defined %}{{ region }} - {%- elif _algo_region.user_input %}{{ vultr_regions[_algo_region.user_input | int -1 ]['name'] | lower }} + {%- elif _algo_region.user_input %}{{ vultr_regions[_algo_region.user_input | int -1 ]['regioncode'] | lower }} {%- else %}{{ vultr_regions[default_region | int - 1]['regioncode'] | lower }}{% endif %} From 8c4ae501ada91331f67f29aafa5ca655caebc660 Mon Sep 17 00:00:00 2001 From: Vladislav Orlov Date: Fri, 10 May 2024 05:04:25 +0300 Subject: [PATCH 2/5] Use legacy OpenSSL Format for Apple Devices (#14718) * fix openssl * Update openssl.yml --------- Co-authored-by: Jack Ivanov <17044561+jackivanov@users.noreply.github.com> --- roles/strongswan/tasks/openssl.yml | 16 ++++++++++++++++ users.yml | 1 + 2 files changed, 17 insertions(+) diff --git a/roles/strongswan/tasks/openssl.yml b/roles/strongswan/tasks/openssl.yml index f51ac9dd0..f51a74dc3 100644 --- a/roles/strongswan/tasks/openssl.yml +++ b/roles/strongswan/tasks/openssl.yml @@ -155,10 +155,25 @@ format: OpenSSH with_items: "{{ users }}" + - name: Get OpenSSL version + shell: | + set -o pipefail + {{ openssl_bin }} version | + cut -f 2 -d ' ' + args: + executable: bash + register: ssl_version + run_once: true + + - name: Set OpenSSL version fact + set_fact: + openssl_version: "{{ ssl_version.stdout }}" + - name: Build the client's p12 shell: > umask 077; {{ openssl_bin }} pkcs12 + {{ (openssl_version is version('3', '>=')) | ternary('-legacy', '') }} -in certs/{{ item }}.crt -inkey private/{{ item }}.key -export @@ -175,6 +190,7 @@ shell: > umask 077; {{ openssl_bin }} pkcs12 + {{ (openssl_version is version('3', '>=')) | ternary('-legacy', '') }} -in certs/{{ item }}.crt -inkey private/{{ item }}.key -export diff --git a/users.yml b/users.yml index e9e8c0868..3595db116 100644 --- a/users.yml +++ b/users.yml @@ -27,6 +27,7 @@ [{% for i in _configs_list.files %} {% set config = lookup('file', i.path)|from_yaml %} '{{ config.server }}' + '{{ config.IP_subject_alt_name }}' {{ ',' if not loop.last else '' }} {% endfor %}] From 5a275cd0cd1c0958b9b8026cbcad11f24c519967 Mon Sep 17 00:00:00 2001 From: Polycarbohydrate Date: Mon, 13 May 2024 20:36:57 -0400 Subject: [PATCH 3/5] Update deploy-from-cloudshell.md (#14721) --- docs/deploy-from-cloudshell.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/deploy-from-cloudshell.md b/docs/deploy-from-cloudshell.md index 2e75e910e..f0f0fed41 100644 --- a/docs/deploy-from-cloudshell.md +++ b/docs/deploy-from-cloudshell.md @@ -1,5 +1,4 @@ # Deploy from Google Cloud Shell -**IMPORTANT NOTE: As of 2021-12-14 Algo requires Python 3.8, but Google Cloud Shell only provides Python 3.7.3. The instructions below will not work until Google updates Cloud Shell to have at least Python 3.8.** If you want to try Algo but don't wish to install the software on your own system you can use the **free** [Google Cloud Shell](https://cloud.google.com/shell/) to deploy a VPN to any supported cloud provider. Note that you cannot choose `Install to existing Ubuntu server` to turn Google Cloud Shell into your VPN server. From da32bafd2ddb5d28117c7308e19aae41627a01de Mon Sep 17 00:00:00 2001 From: Daniel Elsner Date: Mon, 17 Jun 2024 17:13:26 +0200 Subject: [PATCH 4/5] Change hetzner default server to cx22 (#14730) --- config.cfg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config.cfg b/config.cfg index 27cb29d6a..6d579b71e 100644 --- a/config.cfg +++ b/config.cfg @@ -206,7 +206,7 @@ cloud_providers: image: Ubuntu 22.04 Jammy Jellyfish arch: x86_64 hetzner: - server_type: cx11 + server_type: cx22 image: ubuntu-22.04 openstack: flavor_ram: ">=512" From 346437fa6eb3a37b1be69268874784a73ab26e03 Mon Sep 17 00:00:00 2001 From: Roch Moreau Date: Thu, 18 Jul 2024 02:55:42 +0200 Subject: [PATCH 5/5] fix: Fix server selection in update-user while preserving nice display of server along with its alt_name in the list (#14727) This commit fixes a bug preventing correct selection of server when trying to update users. It improves the prompt's clarity by providing both server name and IP_subject_alt_name. It also ensures server selection from the list uses actual server names instead of list descriptions strings that caused the initial bug. Co-authored-by: Jack Ivanov <17044561+jackivanov@users.noreply.github.com> --- users.yml | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/users.yml b/users.yml index 3595db116..77c81a90b 100644 --- a/users.yml +++ b/users.yml @@ -25,19 +25,17 @@ set_fact: server_list: >- [{% for i in _configs_list.files %} - {% set config = lookup('file', i.path)|from_yaml %} - '{{ config.server }}' - '{{ config.IP_subject_alt_name }}' - {{ ',' if not loop.last else '' }} + {% set config = lookup('file', i.path) | from_yaml %} + {{ {'server': config.server, 'IP_subject_alt_name': config.IP_subject_alt_name} }} {% endfor %}] - name: Server address prompt pause: prompt: | - Select the server to update user list below: + Select the server to update user list below: {% for r in server_list %} - {{ loop.index }}. {{ r }} - {% endfor %} + {{ loop.index }}. {{ r.server }} ({{ r.IP_subject_alt_name }}) + {% endfor %} register: _server when: server is undefined @@ -46,7 +44,7 @@ set_fact: algo_server: >- {% if server is defined %}{{ server }} - {%- elif _server.user_input %}{{ server_list[_server.user_input | int -1 ] }} + {%- elif _server.user_input %}{{ server_list[_server.user_input | int -1 ].server }} {%- else %}omit{% endif %} - name: Import host specific variables