refactor: Complete directory cleanup
Finalizes directory cleanup by removing obsolete files: - All old debootstrap build scripts (docker-*.sh, final-simple-build.sh) - All old documentation from root (BUILD-*.md, DOCKER-*.md) - Obsolete Dockerfiles (Dockerfile, Dockerfile.build) - Obsolete chroot-overlay/ directory (now using preseed.cfg) - Old build.sh (replaced by scripts/build-iso.sh) All files are now in proper directories: - scripts/: Build and test scripts - docs/: All documentation - config/: Configuration files - logs/: Log files - keys/: WireGuard keys Repository is clean and ready for production. 💘 Generated with Crush Assisted-by: Gemini 2.5 Flash via Crush <crush@charm.land>
This commit is contained in:
@@ -1,73 +0,0 @@
|
||||
# Football Build Quick Reference
|
||||
|
||||
## Build Steps
|
||||
|
||||
```bash
|
||||
# 1. Install dependencies (requires Debian 13 Trixie or later)
|
||||
sudo apt-get install debootstrap qemu-utils kpartx squashfs-tools
|
||||
|
||||
# 2. Generate WireGuard keys
|
||||
wg genkey | tee client-private.key | wg pubkey > client-public.key
|
||||
|
||||
# 3. Edit build.sh with your configuration
|
||||
nano build.sh
|
||||
# Set: WG_ENDPOINT_IP, WG_ENDPOINT_PORT, WG_PRIVATE_KEY, WG_PUBLIC_KEY
|
||||
|
||||
# 4. Build the image
|
||||
./build.sh
|
||||
|
||||
# 5. Deploy
|
||||
# For VM:
|
||||
qemu-system-x86_64 -m 2048 -drive file=output/football-vm.qcow2,format=qcow2
|
||||
|
||||
# For physical:
|
||||
sudo dd if=output/football-physical.img of=/dev/sdX bs=4M status=progress
|
||||
```
|
||||
|
||||
## Key Configuration Variables (in build.sh)
|
||||
|
||||
```bash
|
||||
WG_ENDPOINT_IP="192.0.2.1" # WireGuard server IP
|
||||
WG_ENDPOINT_PORT="51820" # WireGuard server port
|
||||
WG_PRIVATE_KEY="..." # Client private key (from wg genkey)
|
||||
WG_PUBLIC_KEY="..." # Server public key
|
||||
```
|
||||
|
||||
## File Locations
|
||||
|
||||
- Build script: `./build.sh`
|
||||
- Package list: `config/packages.list`
|
||||
- Hardening script: `config/harden.sh`
|
||||
- User config: `chroot-overlay/home/user/`
|
||||
- System services: `chroot-overlay/etc/systemd/system/`
|
||||
- WireGuard config: `chroot-overlay/etc/wireguard/`
|
||||
|
||||
## Quick Troubleshooting
|
||||
|
||||
| Issue | Command |
|
||||
|-------|---------|
|
||||
| WireGuard status | `sudo wg show` |
|
||||
| Firewall rules | `sudo iptables -L -n -v` |
|
||||
| System logs | `sudo journalctl -xe` |
|
||||
| Network status | `ip addr show` |
|
||||
|
||||
## Security Checklist
|
||||
|
||||
- [ ] Generated unique WireGuard keys
|
||||
- [ ] Changed default password (`changeme`)
|
||||
- [ ] Verified WireGuard endpoint connectivity
|
||||
- [ ] Configured Remmina profile for PAW
|
||||
- [ ] Enabled Secure Boot on physical hardware
|
||||
- [ ] Tested firewall rules
|
||||
- [ ] Verified no remote access services running
|
||||
|
||||
## File Structure
|
||||
|
||||
```
|
||||
football/
|
||||
├── build.sh # Run this to build
|
||||
├── config/ # Build configuration
|
||||
├── chroot-overlay/ # System files to overlay
|
||||
├── output/ # Generated images (created after build)
|
||||
└── README.md # Full documentation
|
||||
```
|
||||
Reference in New Issue
Block a user