Streisand sets up a new server running your choice of WireGuard, OpenConnect, OpenSSH, OpenVPN, Shadowsocks, sslh, Stunnel, or a Tor bridge. It also generates custom instructions for all of these services. At the end of the run you are given an HTML file with instructions that can be shared with friends, family members, and fellow activists.
Expected behavior:
OpenConnect ca.crt can be downloaded by browser client.
Actual Behavior:
403 Forbidden when trying to download /openconnect/ca.crt. This was due to ca.crt having incorrect permissions (0600) on the filesystem.
Steps to Reproduce:
Ansible Information
Streisand Information
Enabled Roles
Here are the file permissions as generated:
(:wave:)