emdee
/
proxy_role
1
0
Fork 0
Code Issues Pull Requests Wiki Activity
proxy_role/vars/Debian11.yml

1006 lines
18 KiB
YAML
Executable File
Raw Permalink Blame History

# -*- mode: yaml; indent-tabs-mode: nil; tab-width: 2; coding: utf-8-unix -*-
---
PROXY_TIME_DAEMON: ntp
PROXY_GPG_KEYERVER_URL: hkps://
proxy_masked_services:
- apt-daily-upgrade
- sdwdate
- tb-updater-first-boot
# List of proxy packages to install.
proxy_debs_inst:
# Install packages to allow apt to use a repository over HTTPS:
- apt
- apt-transport-tor
- apt-utils
- apt-transport-https
- bootlogd
- ca-certificates
- dnsmasq
- ntpdate
- bzip2
- corkscrew
- console-data
- cron
- curl
- less
- mg
- netcat
- ncat
- openssl
- passwd
- patch
- pciutils
- perl
- perl-base
- sudo
- unzip
- xsltproc
- zip
- openssh-client
- openssh-server
- openssh-sftp-server
- nmap
- wireless-tools
- software-properties-common
- lsof
- ifupdown
- iproute2
- iptables
- iputils-ping
- htop
- iotop
- jnettop
- iw
- jq
- python3-argcomplete
- libnet-ifconfig-wrapper-perl
# I need this for Ubuntu even though it come in the bootstrap - 2 setuptools, 1 pip
# - pip
# for pip
- python-cryptography
- python3-pkg-resources
- python3-pip
- python3-setuptools
# - python3-wheel
# Install packages to allow apt to use a repository over HTTPS:
# niceities from testforge
- file
- findutils
- gcc
- gdisk
- gnupg
- gnupg-utils
- gnupg2
- gpg
- gpg-agent
- gpg-wks-client
- gpg-wks-server
- grep
- groff-base
- haveged
- hostname
- init
- init-system-helpers
- inotify-tools
- install-info
- iso-codes
- kbd
- keyboard-configuration
- klibc-utils
- login
- lsb-base
- lsb-release
- lynx
- make
- man-db
- mount
- nano
- ncurses-base
- ncurses-bin
- ncurses-term
- net-tools
- netbase
- parted
- pinentry-curses
- pm-utils
- policykit-1
- policykit-1-gnome
- policyrcd-script-zg2
- powermgmt-base
- procps
- psmisc
- rsync
- sed
- strace
- tar
- traceroute
- tzdata
- upower
- util-linux
- wget
- xz-utils
- geoip-bin
- nss-plugin-pem
- torsocks
- whois
- yamllint
# drawn in
- python3-yaml
proxy_kicksecure_debs_inst:
- scurl
- usability-misc
proxy_qemu_guest_debs_inst:
- qemu-guest-agent
proxy_pips2_inst: []
proxy_pips3_inst:
- jq
proxy_pips_reinstall:
# pip prerequisites
- setuptools
- appdirs
- ipaddress
- six
- cachecontrol
- pyparsing
- colorama
#? - distlib
- html5lib
#? - lockfile
- packaging
- requests
- webencodings
- jq
# pip itself? NO
- cryptography
#
- pyOpenSSL
- paramiko
- Jinja2
- pyasn1
- bcrypt
- PyNaCl
- cffi
- idna
- asn1crypto
# whonix general
- acpi-support
- acpi-support-base
- acpid
- adduser
- busybox
- console-common
- console-data
- console-setup
- console-setup-linux
- coreutils
- cpio
cntlm_pid_file: /var/run/cntlm/cntlm.pid
# BOX_OS_FLAVOR in ['WhonixGateway']}}"
proxy_gateway_debs_inst: []
# BOX_OS_FLAVOR in ['KickSecure', 'WhonixGateway', 'WhonixWorkstation']
proxy_xfce_debs_inst:
- apt-transport-https
- libnetfilter-conntrack3
- dnsmasq-base
- dnsmasq
- firmware-linux-free
- firmware-misc-nonfree
- firmware-amd-graphics
- firmware-linux-nonfree
- firmware-linux
- firmware-atheros
- firmware-iwlwifi
#linux-headers-5.8.0-0.bpo.2-amd64
#linux-image-5.8.0-0.bpo.2-amd64
- ntpdate
- corkscrew
- cron
- mg
# No package matching 'liblua5.3' is available
# - liblua5.3
- netcat-traditional
- netcat
- ncat
- xsltproc
- openssh-client
- openssh-server
- openssh-sftp-server
- polipo
- nmap-common
- libgfortran5
- libblas3
- liblinear3
- libncurses-dev
- libreadline-dev
- nmap
- wireless-tools
- gir1.2-glib-2.0
- gir1.2-packagekitglib-1.0
- python3-dbus
- libgirepository-1.0
- python3-gi
- python3-pycurl
- python3-software-properties
- software-properties-common
- ifupdown
- libpcap0.8
- libnfnetlink0
- libnftnl11
- libiptc0
- libip6tc0
- libip6tc0
- libnetfilter-conntrack3
- iptables
- htop
- iotop
- libpcap0.8
- jnettop
- python3-argcomplete
- libnet-ifconfig-wrapper-perl
# I need this for Ubuntu even though it come in the bootstrap - 2 setuptools, 1 pip
#pip
#! python-cryptography
#! python3-pkg-resources
#! apython3-pip
#! python3-setuptools
#! python3-wheel
- install-info
- lynx-common
- lynx
- ncurses-term
- rsync
- traceroute
- tzdata
- geoip-bin
- nss-plugin-pem
- scurl
- torsocks
- whois
## non-qubes-whonix-gateway-xfce
- xauth
# kicksecure-desktop-applications-recommended : Depends: monero-gui
- libpackagekit-glib2-18
# kicksecure-xfce-vm: kicksecure-cli-vm, kicksecure-xfce, kicksecure-network-conf-gui, non-qubes-audio, non-qubes-vm-enhancements-gui, kicksecure-desktop-applications-recommended
## The following NEW packages will be installed:
## apt-transport-https corkscrew cron dnsmasq dnsmasq-base
## firmware-amd-graphics firmware-atheros firmware-iwlwifi firmware-linux
## firmware-linux-free firmware-linux-nonfree firmware-misc-nonfree geoip-bin
## gir1.2-glib-2.0 gir1.2-packagekitglib-1.0 htop ifupdown install-info iotop
# No package matching 'liblua5.3' is available## # xiptables jnettop libblas3 libgfortran5 libgirepository-1.0-1 libip6tc0
## libiptc0 libiw30 liblinear3 liblua5.3-0 liblua5.3-0-dbg liblua5.3-dev
## libncurses-dev libnet-ifconfig-wrapper-perl libnetfilter-conntrack3
## libnfnetlink0 libnftnl11 libpackagekit-glib2-18 libpcap0.8 libreadline-dev
## lynx lynx-common mg ncat ncurses-term netcat netcat-traditional nmap
## nmap-common nss-plugin-pem ntpdate openssh-client openssh-server
## openssh-sftp-server polipo python3-argcomplete python3-dbus python3-gi
## python3-pycurl python3-software-properties rsync scurl
## software-properties-common torsocks traceroute whois wireless-tools xauth
## xsltproc
# RAW complete overlap
whonix_gateway_debs:
- anon-apps-config
- anon-apt-sources-list
- anon-connection-wizard
- anon-gw-anonymizer-config
- anon-gw-base-files
- anon-icon-pack
- apparmor
- apparmor-profile-dist
- apparmor-utils
- arc-theme
- auditd
- basez
- bash
- bash-completion
- bc
- bind9-host
- bindp
- binutils
- binutils-common
- binutils-x86-64-linux-gnu
- bootclockrandomization
- bsdmainutils
- bsdtar
- bsdutils
- bubblewrap
- cryptsetup
- cryptsetup-bin
- cryptsetup-initramfs
- cryptsetup-run
- damngpl
- dash
- dbus
- dbus-user-session
- dconf-gsettings-backend
- dconf-service
- debconf
- debian-archive-keyring
- debianutils
- debsums
- desktop-file-utils
- dialog
- dictionaries-common
- diffutils
- dirmngr
- dist-base-files
- distro-info-data
- dkms
- dmidecode
- dmsetup
- dnsutils
- dpkg
- dpkg-dev
- e2fslibs
- e2fsprogs
- eatmydata
- elpa-auto-complete
- elpa-concurrent
- elpa-ctable
- elpa-deferred
- elpa-epc
- elpa-jedi
- elpa-jedi-core
- elpa-popup
- elpa-python-environment
- exo-utils
- faketime
- fdisk
- flashproxy-client
- flashproxy-common
- fontconfig
- fontconfig-config
- fonts-dejavu-core
- fteproxy
- gettext-base
- gir1.2-atk-1.0
- gir1.2-freedesktop
- gir1.2-gdkpixbuf-2.0
- gir1.2-glib-2.0
- gir1.2-gtk-3.0
- gir1.2-pango-1.0
- glib-networking
- glib-networking-common
- glib-networking-services
- gnome-brave-icon-theme
- gnome-colors-common
- gnome-icon-theme
- gnome-themes-extra
- gnome-themes-extra-data
- gnustep-base-common
- gnustep-base-runtime
- gnustep-common
- gpgconf
- gpgsm
- gpgv
- hardened-malloc
- helper-scripts
- hicolor-icon-theme
- jitterentropy-rngd
- kicksecure-dependencies-cli
- linux-headers-amd64
- linux-image-amd64
- live-boot
- live-boot-initramfs-tools
- live-tools
- locales
- mawk
- menu
- mime-support
- most
- mousepad
- msgcollector
- msgcollector-gui
- non-qubes-vm-enhancements-cli
- non-qubes-vm-enhancements-gui
- non-qubes-whonix-gateway-cli
- nyx
- obfs4proxy
- obfsproxy
- onion-grater
- onioncircuits
- open-link-confirmation
- openvpn
- os-prober
- p7zip
- p7zip-full
- pv
- pychecker
- pymacs
- pypy
- pypy-ipaddress
- pypy-lib
- pypy-pkg-resources
- pypy-setuptools
- pypy-stem
- python
- python-asn1crypto
- python-attr
- python-automat
- python-cffi-backend
- python-constantly
- python-crypto
- python-enum34
- python-epc
- python-fte
- python-hyperlink
- python-incremental
- python-ipaddress
- python-m2crypto
- python-minimal
- python-mode
- python-openssl
- python-pip-whl
- python-pyasn1
- python-pyasn1-modules
- python-pyptlib
- python-service-identity
- python-sexpdata
- python-six
- python-twisted-bin
- python-twisted-core
- python-typing
- python-yaml
- python-zope.interface
- python2
- python2-minimal
- python2.7
- python2.7-minimal
- python3
- python3-apparmor
- python3-dateutil
- python3-distutils
- python3-gevent
- python3-gi
- python3-greenlet
- python3-ipy
- python3-jedi
- python3-lib2to3
- python3-libapparmor
- python3-minimal
- python3-parso
- python3-pkg-resources
- python3-psutil
- python3-pycountry
- python3-pyqt5
- python3-scapy
- python3-sdnotify
- python3-sip
- python3-six
- python3-socks
- python3-stem
- python3-virtualenv
- python3-yaml
- python3.7
- python3.7-minimal
- rads
- readline-common
- sdwdate
- sdwdate-gui
- secure-delete
- security-misc
- sensible-utils
- serial-console-enable
- shared-mime-info
- sound-theme-freedesktop
- spectre-meltdown-checker
- spice-vdagent
- swap-file-creator
- sysfsutils
- systemd
- systemd-sysv
- sysvinit-utils
- timesanitycheck
- tirdad
- tirdad-dkms
- tor
- tor-control-panel
- tor-geoipdb
- torsocks
- ucf
- udev
- udisks2
- unar
- uwt
- vanguards
- virt-what
- virtualenv
- vm-config-dist
- vrms
# whonix
- whonix-base-files
- whonix-firewall
- whonix-gateway-default-applications-gui
- whonix-gateway-packages-dependencies-cli
- whonix-gateway-packages-dependencies-pre
- whonix-gw-network-conf
- whonix-initializer
- whonix-legacy
- whonix-repository
- whonix-setup-wizard
- whonix-shared-default-applications-gui
- whonix-shared-packages-dependencies-cli
- whonix-shared-packages-recommended-cli
- whonix-xfce-desktop-config
- whonixcheck
- whonixsetup
- wmctrl
- xxd
- zenity
- zenity-common
- zlib1g
- zsh
- zsh-common
- zulucrypt-cli
- zulupolkit
- yq
proxy_libvirt_debs_inst:
- libvirt-daemon-system
- libvirt-clients
- libvirt-daemon
- usbutils
- usb.ids
- libvirt-doc
- virt-manager
proxy_libs_debs:
- libacl1
- libapparmor1
- libapt-inst2.0
- libapt-pkg5.0
- libarchive-tools
- libarchive13
- libargon2-1
- libasan5
- libasound2
- libasound2-data
- libaspell15
- libassuan0
- libasyncns0
- libatasmart4
- libatk-bridge2.0-0
- libatk1.0-0
- libatk1.0-data
- libatomic1
- libatspi2.0-0
- libattr1
- libaudit-common
- libaudit1
- libauparse0
- libavahi-client3
- libavahi-common-data
- libavahi-common3
- libbind9-161
- libbinutils
- libblkid1
- libblockdev-crypto2
- libblockdev-fs2
- libblockdev-loop2
- libblockdev-part-err2
- libblockdev-part2
- libblockdev-swap2
- libblockdev-utils2
- libblockdev2
- libbluray2
- libbrotli1
- libbsd0
- libbz2-1.0
- libc-bin
- libc-dev-bin
- libc-l10n
- libc6
- libc6-dev
- libcairo-gobject2
- libcairo2
- libcanberra-gtk3-0
- libcanberra0
- libcap-ng0
- libcap2
- libcap2-bin
- libcc1-0
- libcolord2
- libcom-err2
- libcomerr2
- libcrack2
- libcroco3
- libcryptsetup12
- libcups2
- libcurl4
- libdatrie1
- libdb5.3
- libdbus-1-3
- libdbus-glib-1-2
- libdconf1
- libdebconfclient0
- libdevmapper1.02.1
- libdns1104
- libdouble-conversion1
- libdpkg-perl
- libdrm-amdgpu1
- libdrm-common
- libdrm-intel1
- libdrm-nouveau2
- libdrm-radeon1
- libdrm2
- libeatmydata1
- libedit2
- libefiboot1
- libefivar1
- libegl-mesa0
- libegl1
- libelf1
- libenchant1c2a
- libepoxy0
- libevdev2
- libevent-2.1-6
- libexif12
- libexo-1-0
- libexo-2-0
- libexo-common
- libexo-helpers
- libexpat1
- libext2fs2
- libfaketime
- libfdisk1
- libffi6
- libfile-basedir-perl
- libfile-desktopentry-perl
- libfile-fnmatch-perl
- libfile-mimeinfo-perl
- libflac8
- libfontconfig1
- libfontenc1
- libfreetype6
- libfribidi0
- libfstrm0
- libfuse2
- libgarcon-1-0
- libgarcon-common
- libgbm1
- libgc1c2
- libgcc-8-dev
- libgcc1
- libgck-1-0
- libgcr-base-3-1
- libgcrypt20
- libgdbm-compat4
- libgdbm6
- libgdk-pixbuf2.0-0
- libgdk-pixbuf2.0-common
- libgeoip1
- libgirepository-1.0-1
- libgl1
- libgl1-mesa-dri
- libglapi-mesa
- libglib2.0-0
- libglib2.0-bin
- libglib2.0-data
- libglvnd0
- libglx-mesa0
- libglx0
- libgmp10
- libgnustep-base1.26
- libgnutls30
- libgomp1
- libgpg-error0
- libgpgme11
- libgpm2
- libgraphite2-3
- libgssapi-krb5-2
- libgstreamer-gl1.0-0
- libgstreamer-plugins-base1.0-0
- libgstreamer1.0-0
- libgtk-3-0
- libgtk-3-common
- libgtk2.0-0
- libgtk2.0-common
- libgtksourceview-3.0-1
- libgtksourceview-3.0-common
- libgudev-1.0-0
- libharfbuzz-icu0
- libharfbuzz0b
- libhavege1
- libhogweed4
- libhunspell-1.7-0
- libhyphen0
- libice6
- libicu63
- libidn11
- libidn2-0
- libimobiledevice6
- libindicator3-7
- libinotifytools0
- libinput-bin
- libinput10
- libip4tc0
- libip6tc0
- libipc-system-simple-perl
- libiptc0
- libirs161
- libisc1100
- libisccc161
- libisccfg163
- libisl19
- libitm1
- libjavascriptcoregtk-4.0-18
- libjbig0
- libjpeg62-turbo
- libjson-c3
- libjson-glib-1.0-0
- libjson-glib-1.0-common
- libk5crypto3
- libkeybinder-3.0-0
- libkeyutils1
- libkf5windowsystem-data
- libkf5windowsystem5
- libklibc
- libkmod2
- libkrb5-3
- libkrb5support0
- libksba8
- liblcms2-2
- libldap-2.4-2
- libldap-common
- liblightdm-gobject-1-0
- libllvm7
- liblmdb0
- liblocale-gettext-perl
- liblsan0
- libltdl7
- liblwres161
- liblxqt0
- liblz4-1
- liblzma5
- liblzo2-2
- libmagic-mgc
- libmagic1
- libmnl0
- libmount1
- libmpc3
- libmpdec2
- libmpfr6
- libmpx2
- libmtdev1
- libncurses6
- libncursesw6
- libnetfilter-conntrack3
- libnettle6
- libnfnetlink0
- libnftnl11
- libnghttp2-14
- libnotify-bin
- libnotify4
- libnpth0
- libnspr4
- libnss3
- libobjc4
- libogg0
- libopenjp2-7
- liborc-0.4-0
- libp11-kit0
- libpam-modules
- libpam-modules-bin
- libpam-runtime
- libpam-systemd
- libpam0g
- libpango-1.0-0
- libpangocairo-1.0-0
- libpangoft2-1.0-0
- libpangoxft-1.0-0
- libparted-fs-resize0
- libparted2
- libpcap0.8
- libpci3
- libpciaccess0
- libpcre2-16-0
- libpcre2-8-0
- libpcre3
- libperl5.28
- libpipeline1
- libpixman-1-0
- libpkcs11-helper1
- libplist3
- libpng16-16
- libpolkit-agent-1-0
- libpolkit-backend-1-0
- libpolkit-gobject-1-0
- libpopt0
- libprocps7
- libprotobuf-c1
- libproxy1v5
- libpsl5
- libpulse-mainloop-glib0
- libpulse0
- libpwquality-common
- libpwquality1
- libpython-stdlib
- libpython2-stdlib
- libpython2.7
- libpython2.7-minimal
- libpython2.7-stdlib
- libpython3-stdlib
- libpython3.7
- libpython3.7-minimal
- libpython3.7-stdlib
- libqt5core5a
- libqt5dbus5
- libqt5designer5
- libqt5gui5
- libqt5help5
- libqt5network5
- libqt5printsupport5
- libqt5sql5
- libqt5test5
- libqt5widgets5
- libqt5x11extras5
- libqt5xdg3
- libqt5xdgiconloader3
- libqt5xml5
- libquadmath0
- libreadline7
- librest-0.7-0
- librsvg2-2
- librsvg2-common
- librtmp1
- libsasl2-2
- libsasl2-modules-db
- libseccomp2
- libsecret-1-0
- libsecret-common
- libselinux1
- libsemanage-common
- libsemanage1
- libsensors-config
- libsensors5
- libsepol1
- libslang2
- libsm6
- libsmartcols1
- libsndfile1
- libsoup-gnome2.4-1
- libsoup2.4-1
- libsqlite3-0
- libss2
- libssh2-1
- libssl1.1
- libstartup-notification0
- libstdc++6
- libsysfs2
- libsystemd0
- libtasn1-6
- libtdb1
- libtext-iconv-perl
- libthai-data
- libthai0
- libthunarx-3-0
- libtiff5
- libtinfo6
- libtsan0
- libubsan1
- libuchardet0
- libudev1
- libudisks2-0
- libunistring2
- libunwind8
- libupower-glib3
- liburi-perl
- libusb-1.0-0
- libusbmuxd4
- libutempter0
- libuuid1
- libvolume-key1
- libvorbis0a
- libvorbisenc2
- libvorbisfile3
- libvte-2.91-0
- libvte-2.91-common
- libwacom-common
- libwacom2
- libwavpack1
- libwayland-client0
- libwayland-cursor0
- libwayland-egl1
- libwayland-server0
- libwebkit2gtk-4.0-37
- libwebp6
- libwebpdemux2
- libwnck-3-0
- libwnck-3-common
- libwnck-common
- libwnck22
- libwoff1
- libwrap0
- libx11-6
- libx11-data
- libx11-xcb1
- libxatracker2
- libxau6
- libxaw7
- libxcb-dri2-0
- libxcb-dri3-0
- libxcb-glx0
- libxcb-icccm4
- libxcb-image0
- libxcb-keysyms1
- libxcb-present0
- libxcb-randr0
- libxcb-render-util0
- libxcb-render0
- libxcb-shape0
- libxcb-shm0
- libxcb-sync1
- libxcb-util0
- libxcb-xfixes0
- libxcb-xinerama0
- libxcb-xkb1
- libxcb1
- libxcomposite1
- libxcursor1
- libxdamage1
- libxdmcp6
- libxext6
- libxfce4panel-2.0-4
- libxfce4ui-1-0
- libxfce4ui-2-0
- libxfce4ui-common
- libxfce4ui-utils
- libxfce4util-common
- libxfce4util7
- libxfconf-0-2
- libxfixes3
- libxfont2
- libxft2
- libxi6
- libxinerama1
- libxkbcommon-x11-0
- libxkbcommon0
- libxkbfile1
- libxklavier16
- libxml2
- libxmu6
- libxmuu1
- libxpm4
- libxrandr2
- libxrender1
- libxres1
- libxshmfence1
- libxslt1.1
- libxss1
- libxt6
- libxtables12
- libxtst6
- libxv1
- libxxf86dga1
- libxxf86vm1
- libyaml-0-2
- libzstd1
- libzulucrypt-exe1.2.0
- libzulucrypt-plugins
- libzulucrypt1.2.0
- libzulucryptpluginmanager1.0.0
proxy_services:
# console-setup.sh Debian - in /usr/local/etc/local.d/Whonix-Lati.rc
- "{{ 'console-setup' if ansible_os_family in ['Debian'] else '' }}"
- bootlogd
- "{{ '{{BOX_HTTP_PROXY}}' if BOX_WHONIX_PROXY_HOST != '' else '' }}"
# FixMe: tie in with
# - "{{ 'polipo' if PRIV_TOR_TYPE == 'client' else ''}}"
Reference in New Issue View Git Blame Copy Permalink