[dguido]

Thanks, that would be great! Yes, I would very much like to see options to strip down Streisand. I'm not worried about getting my packets filtered by the Great Firewall. I'd rather have the minimum number of agents necessary: IKEv2, SSH, and maybe stunnel. I consider every additional agent to add risk of compromise to the entire setup.

Sidenote: Ubuntu's security posture appears slightly better than Debian's, but I'm a little vague on the details. Historically, Ubuntu has had people like Kees Cook working on security of their distro and relentless pursued AppArmor policies, adoption of exploit mitigations, and reducing the footprint of the default install. Any way you can make it more distro-agnostic so I could run the installers on Ubuntu instead would be appreciated!

Btw, I didn't notice that portable OpenIKED was deprecated :-(.

[jlund]

Yeah, I will probably make it possible to choose the list of services instead of singling out Tor specifically. I have heard from some users who only want to run Shadowsocks, for example. The diversity of services really helps keep things flowing in restrictive environments. Not everyone falls into that category though.

Good news! Your Ubuntu dreams are already a reality. The playbooks are currently designed for Ubuntu 14.04. I was using Debian 7 at launch (which might be what you saw previously) but I switched the base distribution late last year. Ubuntu 16.04 is the frontrunner for the next upgrade. The playbooks and roles are complicated enough that it's not terribly practical to target multiple distros, especially given the wide support that Ubuntu enjoys.