scottk/secureblue
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/secureblue.git synced 2025-11-06 21:37:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
735 Commits 1 Branch 0 Tags
656bf9b5e2043764e3ef062c0400d355cde25818
Commit Graph

47 Commits

Author SHA1 Message Date
qoijjj
f3ec42e58e feat: add necessary init script, then add additional selinux tooling with alerts disabled by default 2024-04-07 20:37:23 -07:00
qoijjj
3be6988aa4 revert: feat: add additional selinux tooling, until bluebuild supports this package 2024-04-06 19:38:33 -07:00
qoijjj
b8db54dd62 feat: add additional selinux tooling 2024-04-06 13:45:03 -07:00
qoijjj
29eee4b804 fix: create parent dirs for upower on server images 2024-03-13 13:39:21 -07:00
qoijjj
83ad8d1377 improve: move upower workaround to scripts 2024-03-13 12:48:58 -07:00
qoijjj
6686d9ecc9 chore: remove deprecated images 2024-03-11 18:04:13 -07:00
qoijjj
67180c5a02 fix: update addchromiumdesktopfile.sh to reflect upstream changes 2024-03-07 22:08:39 -08:00
qoijjj
e34d5d7a0d chore: remove unused files from migration 2024-02-26 10:25:48 -08:00
qoijjj
1568df0fad fix: use improved workaround for nvidia optimus on gnome 2024-02-15 19:46:21 -08:00
qoijjj
5dc1f9198f improve: only set nvidia power management for nvidia laptop images 2024-01-25 23:00:00 -08:00
qoijjj
2a68fafeb3 fix: build for server images 2024-01-25 22:05:16 -08:00
qoijjj
06f6aa788d fix: switch to a resolved drop-in 2024-01-22 13:43:25 -08:00
qoijjj
a374ce5ae9 feat: opportunistic DNSSEC and DNSOverTLS 2024-01-22 13:10:21 -08:00
qoijjj
af121aa652 feat: cinnamon images with wayland session, improvements for nvidia optimus laptops 2024-01-21 16:02:25 -08:00
qoijjj
eaffb60cb5 fix: build failure 2024-01-09 18:13:08 -08:00
qoijjj
7d63ce5804 fix: firewall config name for server, and file permissions 2024-01-09 17:36:42 -08:00
qoijjj
f99da857c7 improve: various configs and file permissions 2024-01-09 13:14:21 -08:00
qoijjj
7c552f85cf use file override instead of script for ssh firewall rule 2024-01-09 01:05:04 -08:00
qoijjj
192d3bb6f7 enable ssh for server variants 2024-01-09 00:47:59 -08:00
qoijjj
e768d4a0f6 fix: coreos images to allow image signing 2024-01-08 01:25:09 -08:00
qoijjj
e511f85c6b fix: dirname in script 2024-01-08 00:54:56 -08:00
qoijjj
38ff34f90a cleanup server packages 2024-01-08 00:33:00 -08:00
qoijjj
65906a2c5d ensure policy.json exists 2024-01-08 00:06:03 -08:00
qoijjj
88d39b3c17 for create containers dir 2024-01-07 23:51:35 -08:00
qoijjj
b2cd52d28e include wget for server images 2024-01-06 20:04:09 -08:00
qoijjj
8c80e1d283 add sed parameter and fix order 2023-12-30 14:32:02 -08:00
qoijjj
7cb48cf75d add wayfire 2023-12-29 23:58:34 -08:00
qoijjj
69f00ae44f fix kargs for bluefin 2023-12-22 14:10:25 -08:00
qoijjj
681f3455f5 Add bluefin images 2023-12-22 10:28:35 -08:00
qoijjj
a111e47b84 set suid on bubblewrap from fedora 2023-12-18 12:10:51 -08:00
qoijjj
38999d4123 Add userns-enabled variant to give the users choice on the tradeoff between userns and non-userns 2023-12-16 13:11:41 -08:00
qoijjj
bee997577b Add cups back to the image and disable it by default. Include a just command to enable it if the user chooses. 2023-12-10 00:03:13 -08:00
34n0
3685fa6daa feat: 🔒 harden and enable pam faillock, password encryption & quality suggestions 2023-12-08 13:40:46 -08:00
qoijjj
0ddc0e65d3 Add server versions 2023-12-05 14:33:21 -08:00
qoijjj
d69f1c8a24 Switch to non-koji chromium 2023-12-04 19:22:08 -08:00
qoijjj
acfb2827c7 Add bubblejail 2023-11-29 19:55:32 -08:00
qoijjj
0167df08d9 Remove podman and all dependent packages 2023-11-29 19:43:02 -08:00
qoijjj
b05f0e2098 Switch to a more reliably updated build tag for chromium 2023-11-29 13:22:42 -08:00
qoijjj
cb11fbcaae Rebase secureblue with a new, clean commit history 2023-11-26 16:42:27 -08:00
gerblesh
e4114fd656 fix: specify image name in policy.json (#176) 
There was talk on the discord about not being able to pull in images with podman because the signing policy included *every* image inside of the user's ghcr account. Which means that images not signed with the same key won't be able to be pulled down
 2023-10-06 09:49:56 +00:00
xynydev
8596d5381e fix: ublue-update failure when signing image 2023-10-01 17:06:30 +03:00
gerblesh
5838d0fce4 feat: create /usr/share/ublue-os/image-info.json inside signing.sh (#157) 
* feat: create /usr/share/ublue-os/image-info.json inside signing.sh

* chore: remove debug call to cat, fix formatting
 2023-09-22 09:22:38 +00:00
ER
1d7a3a92b6 chore: remove outdated script-related docs 2023-08-26 14:18:31 +03:00
ER
9e301cec00 chore!: remove autorun.sh 
i think the existence of multiple built-in ways to add scripts
makes it more complicated,
and paradoxically, autorun was made to uncomplicate things

with the removal of clear "pre" and "post" hooks,
only a linear list of modules, the filesystem-based method
is ever more complicated

if such a feature is ever wanted again,
it should be implemented inside the script module
 2023-08-26 14:12:31 +03:00
ER
c07131b37d docs: move & start rewriting configuration docs 2023-08-13 18:46:00 +03:00
ER
1d7b14b38f feat: signing script 2023-08-13 17:36:21 +03:00
ER
9950409702 chore: outline rewrite without code changes 
* this does not work yet
* comments & documentation will be added once the rewrite is complete
 2023-08-09 19:59:04 +03:00