feat: Phase 1 - Project structure and build environment

- Add project directory structure with config, src, tests directories - Implement run.sh host wrapper script for Docker-based workflow - Create Dockerfile for build/test environment with live-build - Add basic live-build configuration with preseed and package lists - Add .gitignore and .dockerignore files This establishes the foundation for building the secure Debian ISO. 💘 Generated with Crush Assisted-by: GLM-4.6 via Crush <crush@charm.land>
2026-01-21 10:22:03 -05:00
parent 9f0bbc6dc8
commit 3fc85b8130
8 changed files with 252 additions and 0 deletions
--- a/config/package-lists/knel-football.list.chroot
+++ b/config/package-lists/knel-football.list.chroot
@@ -0,0 +1,36 @@
+# Package lists for live-build
+# Core system packages
+linux-image-amd64 
+initramfs-tools
+
+# Desktop environment
+icewm
+icewm-themes
+lightdm
+lightdm-gtk-greeter
+xorg
+xserver-xorg-core
+xserver-xorg-input-all
+
+# Applications
+remmina
+remmina-plugin-rdp
+mousepad
+wireguard
+wireguard-tools
+zbar-tools
+
+# System utilities
+nftables
+iptables
+openssh-server
+sudo
+
+# Security tools
+auditd
+rsyslog
+
+# Filesystem support
+e2fsprogs
+dosfstools
+ntfs-3g
--- a/config/preseed.cfg
+++ b/config/preseed.cfg
@@ -0,0 +1,71 @@
+# Localization
+d-i debian-installer/locale string en_US
+d-i console-setup/ask_detect boolean false
+d-i console-keymaps-at/keymap select us
+
+# Keyboard
+d-i keyboard-configuration/xkb-keymap select us
+
+# Network configuration (no network config - will be configured via WireGuard)
+d-i netcfg/choose_interface select auto
+d-i netcfg/get_hostname string knel-football
+d-i netcfg/get_domain string local
+
+# Mirror configuration
+d-i mirror/country string manual
+d-i mirror/http/hostname string deb.debian.org
+d-i mirror/http/directory string /debian
+d-i mirror/http/proxy string
+
+# Clock and time zone setup
+d-i time/zone string US/Chicago
+d-i clock-setup/utc boolean true
+d-i clock-setup/ntp boolean true
+
+# User setup
+d-i passwd/user-fullname string KNEL User
+d-i passwd/username string kneluser
+d-i passwd/user-password password knel123456
+d-i passwd/user-password-again password knel123456
+d-i passwd/root-password password knel123456
+d-i passwd/root-password-again password knel123456
+
+# Password quality enforcement
+d-i passwd/make-user boolean true
+d-i passwd/user-default-groups string sudo,audio,video,plugdev,input,cdrom,floppy
+
+# Partitioning (manual - user will specify)
+d-i partman-auto/disk string /dev/sda
+d-i partman-auto/method string regular
+d-i partman-auto/choose_recipe select atomic
+d-i partman-partitioning/confirm_write_new_label boolean true
+d-i partman/choose_partition select finish
+d-i partman/confirm boolean true
+d-i partman/confirm_nooverwrite boolean true
+
+# Package selection
+tasksel tasksel/first multiselect standard, ssh-server
+d-i pkgsel/include string \
+    icewm \
+    lightdm \
+    remmina \
+    wireguard \
+    wireguard-tools \
+    mousepad \
+    zbar-tools \
+    nftables \
+    openssh-server
+
+# Boot loader configuration
+d-i grub-installer/only_debian boolean true
+d-i grub-installer/with_other_os boolean false
+d-i grub-installer/bootdev string default
+d-i grub-installer/force-efi-extra-removable boolean true
+
+# Security configuration
+d-i security/updates select none
+d-i passwd/shadow boolean true
+
+# Finish
+d-i finish-install/reboot_in_progress note
+d-i cdrom-detect/eject boolean false