add copyright notices to ansible role files

automation/roles/algo/files/algo_refresh_users.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 LOG=/tmp/bubble.algo_refresh_users.log
 

automation/roles/algo/files/algo_refresh_users_monitor.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 LOG=/tmp/bubble.algo_refresh_users_monitor.log
 

automation/roles/algo/files/wg_monitor_connections.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 LOG=/tmp/bubble.wg_monitor_connections.log
 

automation/roles/algo/tasks/algo_firewall.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 # Insert additional firewall rules to allow required services to function
 - name: Allow HTTP
   iptables:

automation/roles/algo/tasks/main.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 - name: Unzip algo master.zip
   unarchive:
     src: master.zip

automation/roles/bubble/files/bsql.sh

@@ -1,2 +1,5 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 PGPASSWORD="$(cat /home/bubble/.BUBBLE_PG_PASSWORD)" psql -U bubble -h 127.0.0.1 bubble "${@}"

automation/roles/bubble/files/bubble_restore_monitor.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 BUBBLE_HOME="/home/bubble"
 RESTORE_MARKER="${BUBBLE_HOME}/.restore"

automation/roles/bubble/files/init_bubble_db.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 echo "$@" > /tmp/init.args
 

automation/roles/bubble/files/init_roles.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 SCRIPT="${0}"
 SCRIPT_DIR=$(cd $(dirname ${SCRIPT}) && pwd)

automation/roles/bubble/files/random_password.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 file=${1:?no file provided}
 owner=${2:?no owner provided}

automation/roles/bubble/files/refresh_bubble_ssh_keys_monitor.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 LOG=/tmp/bubble.ssh_keys_monitor.log
 

automation/roles/bubble/handlers/main.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 ---
 - name: Start Pgsql
   service: name=postgresql state=started

automation/roles/bubble/tasks/main.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 - name: Install OpenJDK 11 JRE (headless), redis, uuid and jq
   apt:
     name: [ 'openjdk-11-jre-headless', 'redis', 'uuid', 'jq' ]

automation/roles/bubble/tasks/postgresql.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 - name: Install PostgreSQL
   apt:
     name: [ 'postgresql-10', 'libpq-dev', 'python-psycopg2' ]

automation/roles/bubble/tasks/postgresql_data.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 - name: Creates bubble SQL dir
   file:
     path: /home/bubble/sql

automation/roles/bubble/tasks/restore.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 - name: Install restore helper scripts
   copy:

automation/roles/bubble_finalizer/files/copy_certs_to_bubble.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 function die {
   echo 1>&2 "${1}"

automation/roles/bubble_finalizer/tasks/main.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 - name: Snapshot ansible roles
   shell: snapshot_ansible.sh
 

automation/roles/common/tasks/main.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 - name: Set hostname to {{ hostname }}
   hostname:
     name: '{{ hostname }}'

automation/roles/firewall/defaults/main.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 fw_enable_http: true
 fw_enable_admin: true
 fw_enable_dns: true

automation/roles/firewall/tasks/main.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 - name: Install firewall packages
   apt:
     name: [ 'haveged', 'iptables-persistent', 'netfilter-persistent', 'autossh' ]

automation/roles/firewall/tasks/port_redirect.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 - sysctl:
     name: net.ipv4.ip_forward
     value: 1

automation/roles/firewall/tasks/sage.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 - name: Allow all from local
   iptables:
     chain: INPUT

automation/roles/mitmproxy/files/bubble_passthru.py

@@ -0,0 +1,19 @@
+
+def next_layer(next_layer):
+    """
+    This hook does the actual magic - if the next layer is planned to be a TLS layer,
+    we check if we want to enter pass-through mode instead.
+    """
+    if isinstance(next_layer, TlsLayer) and next_layer._client_tls:
+        server_address = next_layer.server_conn.address
+
+        if tls_strategy.should_intercept(server_address):
+            # We try to intercept.
+            # Monkey-Patch the layer to get feedback from the TLSLayer if interception worked.
+            next_layer.__class__ = TlsFeedback
+        else:
+            # We don't intercept - reply with a pass-through layer and add a "skipped" entry.
+            mitmproxy.ctx.log("TLS passthrough for %s" % repr(next_layer.server_conn.address), "info")
+            next_layer_replacement = RawTCPLayer(next_layer.ctx, ignore=True)
+            next_layer.reply.send(next_layer_replacement)
+            tls_strategy.record_skipped(server_address)

automation/roles/mitmproxy/files/install_cert.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 CERT="${1:?no cert provided}"
 TIMEOUT=${2:-0}

automation/roles/mitmproxy/files/mitmdump_monitor.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 LOG=/tmp/bubble.mitmdump_monitor.log
 

automation/roles/mitmproxy/files/reuse_bubble_mitm_certs.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 function die {
   echo 1>&2 "${1}"

automation/roles/mitmproxy/files/run_mitmdump.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 MITM_PORT=${1:?no port provided}
 cd /home/mitmproxy/mitmproxy && \

automation/roles/mitmproxy/files/set_cert_name.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 MITM_DIR=${1:?no mitm dir specified}
 CERT_NAME=${2:?no cert name specified}

automation/roles/mitmproxy/tasks/main.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 - name: Install python3, pip, virtualenv and required dependencies
   apt:
     name: [ 'python3-pip', 'python3-venv', 'libc6-dev', 'libpython3-dev', 'g++', 'libffi-dev' ]

automation/roles/mitmproxy/tasks/route.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 - sysctl:
     name: net.ipv4.ip_forward
     value: 1

automation/roles/nginx/defaults/main.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 ---
 # user under which we run acme-tiny and owner of ssl_base_folder
 acme_user: acme

automation/roles/nginx/files/certbot_renew.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 if [[ -d /home/mitmproxy ]] ; then
   service mitmproxy stop

automation/roles/nginx/files/init_certbot.sh

@@ -1,4 +1,7 @@
 #!/bin/bash
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 
 LE_EMAIL="${1}"
 SERVER_NAME="${2}"

automation/roles/nginx/handlers/main.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 ---
 - name: nginx reload
   service: name=nginx state=reloaded

automation/roles/nginx/tasks/main.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 - name: Install OpenSSL, nginx and software-properties-common
   apt:
     name: [ 'openssl', 'nginx', 'software-properties-common' ]

automation/roles/nginx/tasks/site.yml

@@ -1,3 +1,6 @@
+#
+# Copyright (c) 2020 Bubble, Inc.  All rights reserved. For personal (non-commercial) use, see license: https://bubblev.com/bubble-license/
+#
 - name: Disable default site
   file:
     path: /etc/nginx/sites-enabled/default