emdee/proxy_role
1
0
Fork 0
Code Issues Pull requests Wiki Activity

second

Browse source
This commit is contained in:
emdee 2024-01-06 03:08:22 +00:00
parent 19597c9297
commit d29b1e4542
128 changed files with 15399 additions and 61 deletions
Download patch file Download diff file Expand all files Collapse all files

1005
vars/Debian11.yml Executable file
View file

File diff suppressed because it is too large Load diff

110
vars/Devuan.uris Normal file
View file

@ -0,0 +1,110 @@
Reading package lists...
Building dependency tree...
Reading state information...
apt is already the newest version (2.2.4+devuan1).
apt-utils is already the newest version (2.2.4+devuan1).
bootlogd is already the newest version (2.96-7+devuan1).
bzip2 is already the newest version (1.0.8-4).
ca-certificates is already the newest version (20210119).
cron is already the newest version (3.0pl1-137).
curl is already the newest version (7.74.0-1.3+b1).
dnsmasq-base is already the newest version (2.85-1).
file is already the newest version (1:5.39-3).
findutils is already the newest version (4.8.0-1).
gcc is already the newest version (4:10.2.1-1).
gcc set to manually installed.
gdisk is already the newest version (1.0.6-1.1).
gnupg is already the newest version (2.2.27-2).
gnupg-utils is already the newest version (2.2.27-2).
gnupg2 is already the newest version (2.2.27-2).
gpg is already the newest version (2.2.27-2).
gpg-agent is already the newest version (2.2.27-2).
gpg-wks-client is already the newest version (2.2.27-2).
gpg-wks-server is already the newest version (2.2.27-2).
grep is already the newest version (3.6-1).
groff-base is already the newest version (1.22.4-6).
hostname is already the newest version (3.23).
htop is already the newest version (3.0.5-7).
ifupdown is already the newest version (0.8.36).
init is already the newest version (1.60+devuan1).
init-system-helpers is already the newest version (1.60+devuan1).
install-info is already the newest version (6.7.0.dfsg.2-6).
iproute2 is already the newest version (5.10.0-4).
iptables is already the newest version (1.8.7-1).
iputils-ping is already the newest version (3:20210202-1).
iso-codes is already the newest version (4.6.0-1).
iw is already the newest version (5.9-3).
kbd is already the newest version (2.3.0-3).
keyboard-configuration is already the newest version (1.205).
klibc-utils is already the newest version (2.0.8-6.1).
less is already the newest version (551-2).
login is already the newest version (1:4.8.1-1).
lsb-base is already the newest version (11.1.0).
lsb-release is already the newest version (11.1.0).
lsof is already the newest version (4.93.2+dfsg-1.1).
lynx is already the newest version (2.9.0dev.6-3~deb11u1).
make is already the newest version (4.3-4.1).
man-db is already the newest version (2.9.4-2).
mg is already the newest version (20200723-1).
mount is already the newest version (2.36.1-8+devuan1).
nano is already the newest version (5.4-2).
ncurses-base is already the newest version (6.2+20201114-2).
ncurses-bin is already the newest version (6.2+20201114-2).
ncurses-term is already the newest version (6.2+20201114-2).
net-tools is already the newest version (1.60+git20181103.0eebece-1+devuan1).
netbase is already the newest version (6.3).
openssh-client is already the newest version (1:8.4p1-5).
openssl is already the newest version (1.1.1k-1+deb11u1).
parted is already the newest version (3.4-1).
passwd is already the newest version (1:4.8.1-1).
patch is already the newest version (2.7.6-7).
pciutils is already the newest version (1:3.7.0-5).
perl is already the newest version (5.32.1-4+deb11u2).
perl-base is already the newest version (5.32.1-4+deb11u2).
pinentry-curses is already the newest version (1.1.0-4).
policykit-1 is already the newest version (0.105-31+devuan1).
policykit-1-gnome is already the newest version (0.105-7).
procps is already the newest version (2:3.3.17-5+devuan1).
psmisc is already the newest version (23.4-2).
python3-pip is already the newest version (20.3.4-4).
python3-pkg-resources is already the newest version (52.0.0-4).
python3-setuptools is already the newest version (52.0.0-4).
python3-setuptools set to manually installed.
rsync is already the newest version (3.2.3-4+deb11u1).
sed is already the newest version (4.7-1).
sudo is already the newest version (1.9.5p2-3).
tar is already the newest version (1.34+dfsg-1).
traceroute is already the newest version (1:2.1.0-2+b1).
tzdata is already the newest version (2021a-1+deb11u1).
unzip is already the newest version (6.0-26).
upower is already the newest version (0.99.11-2).
util-linux is already the newest version (2.36.1-8+devuan1).
wget is already the newest version (1.21-1+b1).
whois is already the newest version (5.5.10).
wireless-tools is already the newest version (30~pre9-13.1).
xz-utils is already the newest version (5.2.5-2).
The following additional packages will be installed:
ethtool geoip-database hdparm libgeoip1 libhavege2 libinotifytools0 libjq1
liblinear4 liblua5.3-0 libnet-netmask-perl libnetaddr-ip-perl libonig5
libsocket6-perl libx86-1 lua-lpeg netcat-openbsd nmap-common
python3-distro-info python3-pathspec python3-software-properties
python3-yaml tor tor-geoipdb unattended-upgrades vbetool
Suggested packages:
resolvconf liblinear-tools liblinear-dev ndiff zenmap molly-guard
monkeysphere ssh-askpass ufw cpufrequtils radeontool mixmaster
torbrowser-launcher socat tor-arm apparmor-utils obfs4proxy bsd-mailx
needrestart
The following NEW packages will be installed:
apt-transport-https apt-transport-tor corkscrew dnsmasq ethtool geoip-bin
geoip-database haveged hdparm inotify-tools iotop jnettop jq libgeoip1
libhavege2 libinotifytools0 libjq1 liblinear4 liblua5.3-0
libnet-ifconfig-wrapper-perl libnet-netmask-perl libnetaddr-ip-perl libonig5
libsocket6-perl libx86-1 lua-lpeg ncat netcat netcat-openbsd nmap
nmap-common nss-plugin-pem ntpdate openssh-server openssh-sftp-server
pm-utils policyrcd-script-zg2 powermgmt-base python3-argcomplete
python3-distro-info python3-pathspec python3-software-properties
python3-yaml software-properties-common strace tor tor-geoipdb torsocks
unattended-upgrades vbetool xsltproc yamllint zip
0 upgraded, 53 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/17.3 MB of archives.
After this operation, 65.4 MB of additional disk space will be used.

463
vars/Devuan5.yml Normal file
View file

@ -0,0 +1,463 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
PROXY_TIME_DAEMON: sdwdate
PROXY_GPG_KEYERVER_URL: hkps://
proxy_masked_services:
- apt-daily-upgrade
# List of proxy packages to install.
proxy_debs_inst:
# Install packages to allow apt to use a repository over HTTPS:
- apt
- apt-transport-tor
- apt-utils
- apt-transport-https
- bootlogd
- ca-certificates
- debsums
- debsecan
- apt-listbugs
- dnsmasq
- ntpdate
- bzip2
- corkscrew
- console-data
- cron
- curl
- less
- mg
- netcat
- ncat
- openssl
- passwd
- patch
- pciutils
- perl
- perl-base
- sudo
- unzip
- xsltproc
- zip
- openssh-client
- openssh-server
- openssh-sftp-server
- nmap
- wireless-tools
- software-properties-common
- lsof
- ifupdown
- iproute2
- iptables
- iputils-ping
- htop
- iotop
- jnettop
- iw
- jq
- python3-argcomplete
- libnet-ifconfig-wrapper-perl
# I need this for Ubuntu even though it come in the bootstrap - 2 setuptools, 1 pip
# - pip
# for pip
- python3-pkg-resources
- python3-pip
- python3-setuptools
# - python3-wheel
# Install packages to allow apt to use a repository over HTTPS:
# niceities from testforge
- file
- findutils
- gcc
- gdisk
- gnupg
- gnupg-utils
- gnupg2
- gpg
- gpg-agent
- gpg-wks-client
- gpg-wks-server
- grep
- groff-base
- haveged
- hostname
- init
- init-system-helpers
- inotify-tools
- install-info
- iso-codes
- kbd
- keyboard-configuration
- klibc-utils
- login
- lsb-base
- lsb-release
- lynx
- make
- man-db
- mount
- nano
- ncurses-base
- ncurses-bin
- ncurses-term
- net-tools
- netbase
- parted
- pinentry-curses
- pm-utils
- policykit-1
- policykit-1-gnome
- policyrcd-script-zg2
- powermgmt-base
- procps
- psmisc
- python-six
- rsync
- sed
- strace
- tar
- traceroute
- tzdata
- upower
- util-linux
- wget
- xz-utils
- geoip-bin
- nss-plugin-pem
- torsocks
- whois
- yamllint
- python3-impacket
- python3-altgraph
proxy_qemu_guest_debs_inst:
- qemu-guest-agent
proxy_pips2_inst: []
proxy_pips3_inst:
- jq
proxy_pips_reinstall:
# pip prerequisites
#? - distlib
#? - lockfile
- jq
# pip itself? NO
#
# whonix general
- acpi-support
- acpi-support-base
- acpid
- adduser
- busybox
- console-common
- console-data
- console-setup
- console-setup-linux
- coreutils
- cpio
cntlm_pid_file: /var/run/cntlm/cntlm.pid
# BOX_OS_FLAVOR in ['WhonixGateway']}}"
proxy_gateway_debs_inst: []
# BOX_OS_FLAVOR in ['KickSecure', 'WhonixGateway', 'WhonixWorkstation']
proxy_xfce_debs_inst:
- apt-transport-https
- libnetfilter-conntrack3
- dnsmasq-base
- dnsmasq
- firmware-linux-free
- firmware-misc-nonfree
- firmware-amd-graphics
- firmware-linux-nonfree
- firmware-linux
- firmware-atheros
- firmware-iwlwifi
#linux-headers-5.8.0-0.bpo.2-amd64
#linux-image-5.8.0-0.bpo.2-amd64
- ntpdate
- corkscrew
- cron
- mg
# No package matching 'liblua5.3' is available
# - liblua5.3
- netcat-traditional
- netcat
- ncat
- xsltproc
- openssh-client
- openssh-server
- openssh-sftp-server
- nmap-common
- libgfortran5
- libblas3
- libncurses-dev
- libreadline-dev
- nmap
- wireless-tools
- gir1.2-glib-2.0
- gir1.2-packagekitglib-1.0
- python3-dbus
- libgirepository-1.0
- python3-gi
- python3-pycurl
- python3-software-properties
- software-properties-common
- ifupdown
- libpcap0.8
- libnfnetlink0
- libnftnl11
- libiptc0
- libnetfilter-conntrack3
- iptables
- htop
- iotop
- libpcap0.8
- jnettop
- python3-argcomplete
- libnet-ifconfig-wrapper-perl
# I need this for Ubuntu even though it come in the bootstrap - 2 setuptools, 1 pip
#pip
#! python-cryptography
#! python3-pkg-resources
#! apython3-pip
#! python3-setuptools
#! python3-wheel
- install-info
- lynx-common
- lynx
- ncurses-term
- rsync
- traceroute
- tzdata
- geoip-bin
- nss-plugin-pem
- torsocks
- whois
## non-qubes-whonix-gateway-xfce
- xauth
# kicksecure-desktop-applications-recommended : Depends: monero-gui
- libpackagekit-glib2-18
# kicksecure-xfce-vm: kicksecure-cli-vm, kicksecure-xfce, kicksecure-network-conf-gui, non-qubes-audio, non-qubes-vm-enhancements-gui, kicksecure-desktop-applications-recommended
## The following NEW packages will be installed:
## apt-transport-https corkscrew cron dnsmasq dnsmasq-base
## firmware-amd-graphics firmware-atheros firmware-iwlwifi firmware-linux
## firmware-linux-free firmware-linux-nonfree firmware-misc-nonfree geoip-bin
## gir1.2-glib-2.0 gir1.2-packagekitglib-1.0 htop ifupdown install-info iotop
# No package matching 'liblua5.3' is available## # xiptables jnettop libblas3 libgfortran5 libgirepository-1.0-1 libip6tc0
## libiptc0 libiw30 liblinear3 liblua5.3-0 liblua5.3-0-dbg liblua5.3-dev
## libncurses-dev libnet-ifconfig-wrapper-perl libnetfilter-conntrack3
## libnfnetlink0 libnftnl11 libpackagekit-glib2-18 libpcap0.8 libreadline-dev
## lynx lynx-common mg ncat ncurses-term netcat netcat-traditional nmap
## nmap-common nss-plugin-pem ntpdate openssh-client openssh-server
## openssh-sftp-server polipo python3-argcomplete python3-dbus python3-gi
## python3-pycurl python3-software-properties rsync scurl
## software-properties-common torsocks traceroute whois wireless-tools xauth
## xsltproc
# RAW complete overlap
whonix_gateway_debs:
- apparmor
- apparmor-utils
- arc-theme
- auditd
- basez
- bash
- bash-completion
- bc
- bind9-host
- binutils
- binutils-common
- binutils-x86-64-linux-gnu
- bsdmainutils
- bsdtar
- bsdutils
- bubblewrap
- cryptsetup
- cryptsetup-bin
- cryptsetup-initramfs
- cryptsetup-run
- dash
- dbus
- dbus-user-session
- dconf-gsettings-backend
- dconf-service
- debconf
- debsums
- desktop-file-utils
- dialog
- dictionaries-common
- diffutils
- dirmngr
- distro-info-data
- dkms
- dmidecode
- dmsetup
- dnsutils
- dpkg
- dpkg-dev
- e2fslibs
- e2fsprogs
- eatmydata
- elpa-auto-complete
- elpa-concurrent
- elpa-ctable
- elpa-deferred
- elpa-epc
- elpa-jedi
- elpa-jedi-core
- elpa-popup
- elpa-python-environment
- exo-utils
- faketime
- fdisk
- fontconfig
- fontconfig-config
- fonts-dejavu-core
- gettext-base
- gir1.2-atk-1.0
- gir1.2-freedesktop
- gir1.2-gdkpixbuf-2.0
- gir1.2-glib-2.0
- gir1.2-gtk-3.0
- gir1.2-pango-1.0
- glib-networking
- glib-networking-common
- glib-networking-services
- gnome-brave-icon-theme
- gnome-colors-common
- gnome-icon-theme
- gnome-themes-extra
- gnome-themes-extra-data
- gnustep-base-common
- gnustep-base-runtime
- gnustep-common
- gpgconf
- gpgsm
- gpgv
- hicolor-icon-theme
- jitterentropy-rngd
- linux-headers-amd64
- linux-image-amd64
- live-boot
- live-boot-initramfs-tools
- live-tools
- locales
- mawk
- menu
- mime-support
- most
- mousepad
- nyx
- obfs4proxy
- onioncircuits
- openvpn
- os-prober
- p7zip
- p7zip-full
- pv
- pymacs
- pypy
- pypy-ipaddress
- pypy-lib
- pypy-pkg-resources
- pypy-setuptools
- pypy-stem
- python
- python-m2crypto
- python-minimal
- python-pip-whl
- python-pyasn1
- python-six
- python-yaml
- python2
- python2-minimal
- python2.7
- python2.7-minimal
- python3
- python3-apparmor
- python3-dateutil
- python3-distutils
- python3-gevent
- python3-gi
- python3-greenlet
- python3-ipy
- python3-jedi
- python3-lib2to3
- python3-libapparmor
- python3-minimal
- python3-parso
- python3-pkg-resources
- python3-psutil
- python3-pycountry
- python3-pyqt5
- python3-scapy
- python3-sdnotify
- python3-sip
- python3-six
- python3-socks
- python3-stem
- python3-virtualenv
- python3-yaml
- python3.7
- readline-common
- secure-delete
- sensible-utils
- shared-mime-info
- sound-theme-freedesktop
- spectre-meltdown-checker
- spice-vdagent
- sysfsutils
- systemd
- systemd-sysv
- sysvinit-utils
- tor
- tor-geoipdb
- torsocks
- ucf
- udev
- udisks2
- unar
- vanguards
- virt-what
- virtualenv
- vrms
# whonix
- wmctrl
- xxd
- zenity
- zenity-common
- zlib1g
- zsh
- zsh-common
- zulucrypt-cli
- zulupolkit
proxy_libvirt_debs_inst:
- libvirt-daemon-system
- libvirt-clients
- libvirt-daemon
- usbutils
- usb.ids
- libvirt-doc
- virt-manager
- privoxy
proxy_libs_debs: []
proxy_services:
# console-setup.sh Debian - in /usr/local/etc/local.d/Whonix-Lati.rc
- "{{ 'console-setup' if ansible_distribution in ['Ubuntu', 'Debian'] else '' }}"
- bootlogd
- "{{ 'privoxy' if BOX_WHONIX_PROXY_HOST != '' else '' }}"
# FixMe: tie in with
# - "{{ 'privoxy' if PRIV_TOR_TYPE == 'client' else ''}}"

33
vars/Firefox.yml Normal file
View file

@ -0,0 +1,33 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
# careful - strings need doublequoting
# now merged with src/ansible/roles/privacy/overlay/Linux/var/local/src/firefox_prefs.bash
proxy_firefox_userprefs:
- { name: "extensions.torbutton.socks_host", val: "'127.0.0.1'", invalid: [] }
- { name: "extensions.torbutton.socks_port", val: 9150, invalid: [] }
#? - { name: "extensions.torbutton.startup", val: true, invalid: [] }
#? - { name: "extensions.torbutton.use_privoxy", val: true, invalid: [] }
#user_pref("extensions.torlauncher.control_port", {{PRIV_TOR_CONTROLPORT}} );
#user_pref("extensions.torlauncher.default_bridge_type", '""');
#user_pref("extensions.torlauncher.loglevel", 2);
#user_pref("extensions.torlauncher.logmethod", 0);
#user_pref("extensions.torlauncher.prompt_at_startup", false);
- { name: "extensions.torlauncher.start_tor", val: false, invalid: [] }
- { name: "extensions.torbutton.socks_host", '127.0.0.1', invalid: [] }
- { name: "extensions.torbutton.socks_port", 9050, invalid: [] }
- { name: "extensions.torlauncher.socks_port_flags", "PreferIPv4", invalid: [] }
- { name: "extensions.torlauncher.start_tor", false, invalid: [] }
- { name: "network.proxy.http", val: "'127.0.0.1'", invalid: [] }
- { name: "network.proxy.http_port", val: 3128, invalid: [] }
- { name: "network.proxy.no_proxies_on", val: "127.0.0.1,localhost", invalid: [] }
- { name: "network.proxy.socks", val: "'127.0.0.1'", invalid: [] }
- { name: "network.proxy.socks_port", val: 9050, invalid: [] }
- { name: "network.proxy.socks_remote_dns", true, invalid: [] }
- { name: "network.proxy.socks_version", val: 5, invalid: [] }
- { name: "network.proxy.ssl", val: "'127.0.0.1'", invalid: [] }
- { name: "network.proxy.ssl_port", val: 9128, invalid: [] }
- { name: "network.proxy.type", val: 1, invalid: [] }

73
vars/Gentoo2.yml Executable file
View file

@ -0,0 +1,73 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
PROXY_TIME_DAEMON: sdwdate
PROXY_GPG_KEYERVER_URL: hkps://keys.gentoo.org
# dont put stage3 elts in here
# these are really bootstrap packages
proxy_pkgs_bootstrap:
- app-admin/sudo
- sys-boot/grub:2
- sys-boot/syslinux
- app-editors/mg
- qemu-guest-agent
- sys-apps/gptfdisk
- net-analyzer/openbsd-netcat
- app-admin/logrotate
- media-fonts/terminus-font
- net-misc/curl
- app-arch/unzip
- net-libs/pacparser
- sys-process/lsof
- dev-util/strace
- app-portage/eix
- sys-libs/gpm
- linux-firmware
- net-dns/bind-tools
- net-misc/socat
proxy_pkgs_inst:
# move these to testforge - epecially gnupg for static
- net-proxy/privoxy
- net-analyzer/nmap
proxy_pkgs_inst_guest: []
proxy_funtoo_pkgs_inst: []
proxy_pips2_inst: []
proxy_pips3_inst: []
proxy_pips_reinstall:
# pip prerequisites
- setuptools
- appdirs
- ipaddress
- six
# - cachecontrol
- pyparsing
- colorama
#? - distlib
- html5lib
#? - lockfile
- packaging
- requests
- webencodings
# pip itself? NO
# - pip
- cryptography==1.9
cntlm_pid_file: /var/run/cntlm.pid
proxy_services:
# console-setup.sh Debian - in /usr/local/etc/local.d/Whonix-Lati.rc
- "{{ 'consolefont' if ansible_distribution == 'Gentoo' else '' }}"
- "{{ 'console-setup' if ansible_distribution in ['Ubuntu', 'Debian'] else '' }}"
- bootlogd
- "{{ 'polipo' if BOX_WHONIX_PROXY_HOST != '' else '' }}"
# FixMe: tie in with
# - "{{ 'polipo' if PRIV_TOR_TYPE == 'client' else ''}}"

322
vars/Msys8.yml Executable file
View file

@ -0,0 +1,322 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
PROXY_TIME_DAEMON: ""
PROXY_GPG_KEYERVER_URL: hkp://
proxy_masked_services: []
# List of proxy packages to install.
proxy_pacs_inst:
# for pip
- aspell
- aspell6-en
- bash
- bash-completion
- binutils
- brotli
- bsdcpio
- bsdtar
- bzip2
- ca-certificates
- coreutils
- ctags
- curl
- dash
- db
- dialog
- diffutils
- dos2unix
- doxygen
- dtc
- elinks-git
- emacs
- file
- filesystem
- findutils
- flex
- gamin
- gawk
- gcc
- gcc-libs
- gdbm
- getent
- gettext
- glib2
- gmp
- gnu-netcat
- gnupg
- grep
- gzip
- heimdal
- heimdal-libs
- icu
- inetutils
- info
- isl
- jansson
- less
- libarchive
- libargp
- libasprintf
- libassuan
- libatomic_ops
- libbz2
- libcrypt
- libcurl
- libdb
- libedit
- libevent
- libexpat
- libffi
- libgc
- libgcrypt
- libgdbm
- libgettextpo
- libgnutls
- libgpg-error
- libgpgme
- libhogweed
- libiconv
- libidn
- libidn2
- libintl
- libksba
- liblz4
- liblzma
- liblzo2
- libmetalink
- libnettle
- libnghttp2
- libnpth
- libopenssl
- libp11-kit
- libpcre
- libpcre16
- libpcre2_8
- libpcre32
- libpcrecpp
- libpcreposix
- libpsl
- libreadline
- libsqlite
- libssh2
- libtasn1
- libtre-git
- libunistring
- libutil-linux
- libxml2
- libxslt
- libzstd
- lndir
- m4
- make
- meson
- mingw-w64-i686-ctags
- mingw-w64-i686-gcc-libs
- mingw-w64-i686-gmp
- mingw-w64-i686-libwinpthread-git
- mingw-w64-i686-mpc
- mingw-w64-i686-mpfr
- mingw-w64-x86_64-adns
- mingw-w64-x86_64-aspell
- mingw-w64-x86_64-aspell-en
- mingw-w64-x86_64-brotli
- mingw-w64-x86_64-bzip2
- mingw-w64-x86_64-c-ares
- mingw-w64-x86_64-ca-certificates
- mingw-w64-x86_64-curl
- mingw-w64-x86_64-expat
- mingw-w64-x86_64-gcc-libs
- mingw-w64-x86_64-gettext
- mingw-w64-x86_64-glib2
- mingw-w64-x86_64-gmp
- mingw-w64-x86_64-gnupg
- mingw-w64-x86_64-gnutls
- mingw-w64-x86_64-gpgme
- mingw-w64-x86_64-jansson
- mingw-w64-x86_64-jemalloc
- mingw-w64-x86_64-libassuan
- mingw-w64-x86_64-libffi
- mingw-w64-x86_64-libgcrypt
- mingw-w64-x86_64-libgpg-error
- mingw-w64-x86_64-libiconv
- mingw-w64-x86_64-libidn2
- mingw-w64-x86_64-libksba
- mingw-w64-x86_64-libmetalink
- mingw-w64-x86_64-libpsl
- mingw-w64-x86_64-libssh2
- mingw-w64-x86_64-libsystre
- mingw-w64-x86_64-libtasn1
- mingw-w64-x86_64-libtre-git
- mingw-w64-x86_64-libunistring
- mingw-w64-x86_64-libusb
- mingw-w64-x86_64-libusb-compat-git
- mingw-w64-x86_64-libwinpthread-git
- mingw-w64-x86_64-meson
- mingw-w64-x86_64-mpc
- mingw-w64-x86_64-mpdecimal
- mingw-w64-x86_64-mpfr
- mingw-w64-x86_64-ncurses
- mingw-w64-x86_64-nettle
- mingw-w64-x86_64-nghttp2
- mingw-w64-x86_64-ninja
- mingw-w64-x86_64-npth
- mingw-w64-x86_64-openssl
- mingw-w64-x86_64-p11-kit
- mingw-w64-x86_64-pcre
- mingw-w64-x86_64-putty
- mingw-w64-x86_64-putty-ssh
- mingw-w64-x86_64-python
- mingw-w64-x86_64-python-appdirs
- mingw-w64-x86_64-python-attrs
- mingw-w64-x86_64-python-ordered-set
- mingw-w64-x86_64-python-packaging
- mingw-w64-x86_64-python-pyparsing
- mingw-w64-x86_64-python-setuptools
- mingw-w64-x86_64-python-six
- mingw-w64-x86_64-readline
- mingw-w64-x86_64-sqlite3
- mingw-w64-x86_64-tcl
- mingw-w64-x86_64-termcap
- mingw-w64-x86_64-tk
- mingw-w64-x86_64-wineditline
- mingw-w64-x86_64-xz
- mingw-w64-x86_64-zlib
- mingw-w64-x86_64-zstd
- mintty
- mpc
- mpdecimal
- mpfr
- msys2-keyring
- msys2-launcher-git
- msys2-runtime
- msys2-runtime-devel
- msys2-w32api-headers
- msys2-w32api-runtime
- ncurses
- nettle
- ninja
- openssh
- openssl
- p11-kit
- pacman
- pacman-mirrors
- pactoys-git
- pass
- patch
- pax-git
- pcre
- perl
- perl-Module-Build
- perl-Test-Pod
- perl-YAML-Syck
- perl-inc-latest
- pinentry
- pkgfile
- psmisc
- python
- python-configobj
- python2
- python2-appdirs
- python2-attrs
- python2-packaging
- python2-pip
- python2-pyparsing
- python2-setuptools
- python2-six
- python3-appdirs
- python3-attrs
- python3-packaging
- python3-pip
- python3-pyparsing
- python3-setuptools
- python3-six
- rebase
- rsync
- sed
- tar
- tcl
- texinfo
- tftp-hpa
- time
- tmux
- tree
- ttyrec
- tzcode
- u-boot-tools
- unrar
- unzip
- util-linux
- w3m
- wget
- which
- whois
- windows-default-manifest
- xmlto
- xz
- zip
- zlib
- zstd
proxy_qemu_guest_pacs_inst: [] #?
proxy_pips2_inst:
- jq
proxy_pips3_inst: []
proxy_pips_reinstall:
# pip prerequisites
- setuptools
- appdirs
- ipaddress
- six
- cachecontrol
- pyparsing
- colorama
#? - distlib
- html5lib
#? - lockfile
- packaging
- requests
- webencodings
- jq
# pip itself? NO
- cryptography
#
- pyOpenSSL
- paramiko
- Jinja2
- pyasn1
- bcrypt
- PyNaCl
- cffi
- idna
- asn1crypto
# whonix general
- acpi-support
- acpi-support-base
- acpid
- adduser
- busybox
- console-common
- console-data
- console-setup
- console-setup-linux
- coreutils
- cpio
cntlm_pid_file: ""
# BOX_OS_FLAVOR in ['WhonixGateway']}}"
proxy_gateway_pacs_inst: []
# BOX_OS_FLAVOR in ['KickSecure', 'WhonixGateway', 'WhonixWorkstation']
proxy_xfce_pacs_inst: []
proxy_whonix_gateway_pacs: []
proxy_libvirt_pacs_inst: []
proxy_libs_pacs: []

83
vars/Ubuntu18.yml Executable file
View file

@ -0,0 +1,83 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
PROXY_TIME_DAEMON: ntp
HARDEN_FIREJAIL_VERSION: "0.9.58"
# List of proxy packages to install.
proxy_debs_inst:
- python-dev
- libffi-dev
- libssl-dev
- libcurl4-openssl-dev
- ca-certificates
- curl
- less
- sudo
- unzip
- zip
- cron
- xsltproc
- corkscrew
- openssl
- mg
- polipo
# I need this for Ubuntu even though it come in the bootstrap - 2 setuptools, 1 pip
# - pip
# for pip
- python-cryptography
# - python-pip
# - python-pip-whl
- python-pkg-resources
- python-setuptools
# - python-wheel
# - python3-pip
- python3-setuptools
# - python3-wheel
# Install packages to allow apt to use a repository over HTTPS:
- apt-transport-https
# these may be unuseable before testforge role installs pip
proxy_pips2_inst: []
proxy_pips3_inst: []
proxy_pips_reinstall:
# pip prerequisites
- setuptools
- appdirs
- ipaddress
- six
- cachecontrol
- pyparsing
- colorama
#? - distlib
- html5lib
#? - lockfile
- packaging
- requests
- webencodings
# pip itself? NO
- cryptography
#
- pyOpenSSL
- paramiko
- Jinja2
- pyasn1
- bcrypt
- PyNaCl
- cffi
- idna
- asn1crypto
cntlm_pid_file: /var/run/cntlm/cntlm.pid
proxy_services:
# console-setup.sh Debian - in /usr/local/etc/local.d/Whonix-Lati.rc
- "{{ 'consolefont' if ansible_distribution == 'Gentoo' else '' }}"
- "{{ 'console-setup' if ansible_distribution in ['Ubuntu', 'Debian'] else '' }}"
- bootlogd
- "{{ 'polipo' if BOX_WHONIX_PROXY_HOST != '' else '' }}"
# FixMe: tie in with
# - "{{ 'polipo' if PRIV_TOR_TYPE == 'client' else ''}}"

8
vars/Unix.yml Executable file
View file

@ -0,0 +1,8 @@
# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
# no notion of LOG_DIR - its before testforge so user /var/log or /var/tmp
# no - conflicts with harden
# - sshd
proxy_gpg_keys_system: []