Skip to content

Dante role: add more variables option to customize configuration #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Shr3ps wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Dante role: add more variables option to customize configuration #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions roles/dante/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,12 @@ Password and salt.
dante_verbose_log: false
Enables verbose logging (see https://www.inet.no/dante/doc/1.4.x/config/logging.html).

dante_logoutput: syslog
Override default log output

dante_user_privileged: root
Change default user privileged


## Tags

Expand Down
7 changes: 7 additions & 0 deletions roles/dante/defaults/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,13 @@ dante_enable: true
dante_port: 1080
dante_direct: true

## config customization
dante_logoutput: syslog
dante_user_privileged: root

dante_timeout_negotiate: 300
dante_timeout_io: 3600

## dante username must start with 'dante_' because it's global linux user
dante_user: dante_socks
dante_pass: secret
Expand Down
25 changes: 22 additions & 3 deletions roles/dante/templates/danted.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,23 @@
# dante with authentication and ipv6 support
# see: https://www.inet.no/dante/doc/1.4.x/config/ipv6.html

logoutput: syslog
# the server will log both via syslog, to stdout and to /var/log/sockd.log
#logoutput: syslog stdout /var/log/sockd.log
logoutput: {{ dante_logoutput }}

user.privileged: root
# when doing something that can require privilege, it will use the
user.privileged: {{ dante_user_privileged }}

# when running as usual, it will use the unprivileged userid of:
user.unprivileged: nobody

# If you are not using libwrap, no need for the below line, so leave
# it commented.
# If you compiled with libwrap support, what userid should it use
# when executing your libwrap commands? "libwrap".
#user.libwrap: libwrap
user.libwrap: nobody

internal.protocol: ipv4 ipv6
external.protocol: ipv4 ipv6

Expand All @@ -17,7 +29,7 @@ internal: :: port={{ dante_port }}
external: {{ address }}
{% endfor %}

socksmethod: username none
socksmethod: username none #rfc931

{% for address in dante_noauth_listen_addresses %}
client pass {
Expand Down Expand Up @@ -55,3 +67,10 @@ socks block {
from: 0/0 to: 0/0
log: {{ log_what }}
}

#
# Misc options.
#

# timeout.negotiate: {{ dante_timeout_negotiate }} # on a lan, this should be enough.
# timeout.io: {{ dante_timeout_io }} # or perhaps 86400, for a day.