football

KNEL/football

Fork 0

Commit Graph

Author	SHA1	Message	Date
Charles N Wyble	e19a1739b3	chore: Update .gitignore for cleaner repository Updates .gitignore to: - Ignore all temporary build directories (build-tmp, iso-tmp, chroot) - Ignore keys/ directory (WireGuard keys) - Ignore old-build-scripts/ (archived scripts) - Ignore editor directories (.crush/) - Ignore temporary test artifacts (test-disk.img, .qcow2, *.img) - Ignore VM state files (vm.pid, console.log) This keeps repository clean and focused on source code. 💘 Generated with Crush Assisted-by: Gemini 2.5 Flash via Crush <crush@charm.land>	2026-01-20 11:46:16 -05:00
Charles N Wyble	19bf4ec77d	chore: Update .gitignore for build artifacts Adds patterns to ignore build-tmp/, .log, and .key files which are generated during the build process and should not be committed to version control. 💘 Generated with Crush Assisted-by: Gemini 2.5 Flash via Crush <crush@charm.land>	2026-01-20 10:57:50 -05:00
Charles N Wyble	17dcee7e52	feat: add minimal Debian image build system with WireGuard-only networking Add complete build infrastructure for football secure access system: - Minimal Debian base with only IceWM and Remmina - WireGuard-only networking with strict firewall (eth0 allows only WireGuard) - All network traffic routed through mandatory VPN tunnel - Secure Boot enforced for physical deployments - Zero remote access - SSH, telnet disabled and blocked - AppArmor, auditd, and fail2ban for security hardening Build system generates both VM (qcow2) and physical (raw) images. WireGuard endpoint IP and port configurable via build script variables. Includes: - Package list with minimal dependencies - System hardening scripts - WireGuard client and server configuration tools - Comprehensive documentation (README.md, QUICKSTART.md) - systemd services for firewall enforcement - User environment with automatic IceWM startup 💘 Generated with Crush Assisted-by: GLM-4.7 via Crush <crush@charm.land>	2026-01-13 12:11:18 -05:00

Author

SHA1

Message

Date

Charles N Wyble

e19a1739b3

chore: Update .gitignore for cleaner repository

Updates .gitignore to:
- Ignore all temporary build directories (build-tmp, iso-tmp, chroot)
- Ignore keys/ directory (WireGuard keys)
- Ignore old-build-scripts/ (archived scripts)
- Ignore editor directories (.crush/)
- Ignore temporary test artifacts (test-disk*.img, *.qcow2, *.img)
- Ignore VM state files (vm.pid, console.log)

This keeps repository clean and focused on source code.

💘 Generated with Crush

Assisted-by: Gemini 2.5 Flash via Crush <crush@charm.land>

2026-01-20 11:46:16 -05:00

Charles N Wyble

19bf4ec77d

chore: Update .gitignore for build artifacts

Adds patterns to ignore build-tmp/, *.log, and *.key files
which are generated during the build process and should not be
committed to version control.

💘 Generated with Crush

Assisted-by: Gemini 2.5 Flash via Crush <crush@charm.land>

2026-01-20 10:57:50 -05:00

Charles N Wyble

17dcee7e52

feat: add minimal Debian image build system with WireGuard-only networking

Add complete build infrastructure for football secure access system:
- Minimal Debian base with only IceWM and Remmina
- WireGuard-only networking with strict firewall (eth0 allows only WireGuard)
- All network traffic routed through mandatory VPN tunnel
- Secure Boot enforced for physical deployments
- Zero remote access - SSH, telnet disabled and blocked
- AppArmor, auditd, and fail2ban for security hardening

Build system generates both VM (qcow2) and physical (raw) images.
WireGuard endpoint IP and port configurable via build script variables.

Includes:
- Package list with minimal dependencies
- System hardening scripts
- WireGuard client and server configuration tools
- Comprehensive documentation (README.md, QUICKSTART.md)
- systemd services for firewall enforcement
- User environment with automatic IceWM startup

💘 Generated with Crush

Assisted-by: GLM-4.7 via Crush <crush@charm.land>

2026-01-13 12:11:18 -05:00

3 Commits