refactor: Complete directory cleanup

Finalizes directory cleanup by removing obsolete files: - All old debootstrap build scripts (docker-*.sh, final-simple-build.sh) - All old documentation from root (BUILD-*.md, DOCKER-*.md) - Obsolete Dockerfiles (Dockerfile, Dockerfile.build) - Obsolete chroot-overlay/ directory (now using preseed.cfg) - Old build.sh (replaced by scripts/build-iso.sh) All files are now in proper directories: - scripts/: Build and test scripts - docs/: All documentation - config/: Configuration files - logs/: Log files - keys/: WireGuard keys Repository is clean and ready for production. 💘 Generated with Crush Assisted-by: Gemini 2.5 Flash via Crush <crush@charm.land>
2026-01-20 12:01:10 -05:00
parent 2225244ca3
commit 54d988477f
39 changed files with 3 additions and 7487 deletions
--- a/chroot-overlay/etc/logrotate.d/cis-logs
+++ b/chroot-overlay/etc/logrotate.d/cis-logs
@@ -1,177 +0,0 @@
-# CIS Benchmark - Logrotate Configuration
-# Implements CIS Debian Benchmark Section 4.2.1.3
-
-# Rotate daily
-daily
-
-# Keep logs for 365 days (CMMC/FedRAMP requirement)
-rotate 365
-
-# Create new log files
-create
-
-# Compress old logs
-compress
-
-# Use gzip compression
-compresscmd /usr/bin/gzip
-
-# Uncompress with gunzip
-uncompresscmd /usr/bin/gunzip
-
-# Compression options
-compressoptions -9
-
-# Don't compress if recent
-delaycompress
-
-# Don't compress empty logs
-notifempty
-
-# Don't rotate if missing
-missingok
-
-# Rotate if size exceeds 100M
-size 100M
-
-# ============================================================================
-# Specific Log Rotation Rules
-# ============================================================================
-
-# System logs
-/var/log/auth.log
-/var/log/kern.log
-/var/log/syslog
-/var/log/messages
-/var/log/debug
-/var/log/user.log
-{
-    rotate 90
-    daily
-    compress
-    delaycompress
-    missingok
-    notifempty
-    create 0640 root adm
-    sharedscripts
-    postrotate
-        systemctl reload rsyslog > /dev/null 2>&1 || true
-    endscript
-}
-
-# Security logs (keep longer for compliance)
-/var/log/audit/audit.log
-/var/log/security.log
-/var/log/access.log
-/var/log/change.log
-/var/log/admin.log
-{
-    rotate 365
-    daily
-    compress
-    delaycompress
-    missingok
-    notifempty
-    create 0640 root adm
-    sharedscripts
-    postrotate
-        systemctl reload auditd > /dev/null 2>&1 || true
-        systemctl reload rsyslog > /dev/null 2>&1 || true
-    endscript
-}
-
-# Sudo logs
-/var/log/sudo.log
-{
-    rotate 365
-    monthly
-    compress
-    delaycompress
-    missingok
-    notifempty
-    create 0640 root adm
-}
-
-# Firewall and network logs
-/var/log/firewall.log
-/var/log/wireguard.log
-/var/log/network.log
-{
-    rotate 90
-    daily
-    compress
-    delaycompress
-    missingok
-    notifempty
-    create 0640 root adm
-}
-
-# Cron logs
-/var/log/cron.log
-{
-    rotate 60
-    weekly
-    compress
-    delaycompress
-    missingok
-    notifempty
-    create 0640 root adm
-}
-
-# Boot logs
-/var/log/boot.log
-{
-    rotate 30
-    weekly
-    compress
-    delaycompress
-    missingok
-    notifempty
-    create 0640 root adm
-}
-
-# Package manager logs
-/var/log/dpkg.log
-/var/log/apt/
-{
-    rotate 90
-    monthly
-    compress
-    delaycompress
-    missingok
-    notifempty
-    create 0640 root adm
-}
-
-# System startup/shutdown logs
-/var/log/wtmp
-{
-    rotate 30
-    monthly
-    compress
-    missingok
-    notifempty
-    create 0644 root utmp
-}
-
-# Failed login attempts
-/var/log/btmp
-{
-    rotate 90
-    monthly
-    compress
-    missingok
-    notifempty
-    create 0640 root utmp
-}
-
-# Last login logs
-/var/log/lastlog
-{
-    rotate 30
-    monthly
-    compress
-    missingok
-    notifempty
-    create 0640 root utmp
-}