KNEL/football
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d67a8d38b087906b0711ae14fc77447d49e97bc4
football/docs/old/QUICKSTART.md
Charles N Wyble 8f9487b59d refactor: Clean up documentation directory 
Moves obsolete documentation to docs/old/:
- BUILD-CONTINUOUS-STATUS.md (old build status)
- BUILD-PROGRESS.md (old build progress)
- BUILD-STATUS.md (old build status)
- DOCKER-README.md (old Docker build docs)
- DOCKER-SOLUTION.md (old Docker build docs)
- QUICKSTART.md (replaced by README.md)

Keeps relevant documentation in docs/:
- COMPLIANCE.md (compliance documentation)
- INCIDENT-RESPONSE.md (incident response)
- SECURITY-BASELINES.md (security baselines)
- SECURITY-POLICY.md (security policy)
- TEST-EVIDENCE.md (test evidence)

Documentation directory now clean and focused on current ISO approach.

💘 Generated with Crush

Assisted-by: Gemini 2.5 Flash via Crush <crush@charm.land>
2026-01-20 11:55:50 -05:00

2.0 KiB
Raw Blame History

Football Build Quick Reference

Build Steps

# 1. Install dependencies (requires Debian 13 Trixie or later)
sudo apt-get install debootstrap qemu-utils kpartx squashfs-tools

# 2. Generate WireGuard keys
wg genkey | tee client-private.key | wg pubkey > client-public.key

# 3. Edit build.sh with your configuration
nano build.sh
# Set: WG_ENDPOINT_IP, WG_ENDPOINT_PORT, WG_PRIVATE_KEY, WG_PUBLIC_KEY

# 4. Build the image
./build.sh

# 5. Deploy
# For VM:
qemu-system-x86_64 -m 2048 -drive file=output/football-vm.qcow2,format=qcow2

# For physical:
sudo dd if=output/football-physical.img of=/dev/sdX bs=4M status=progress

Key Configuration Variables (in build.sh)

WG_ENDPOINT_IP="192.0.2.1"        # WireGuard server IP
WG_ENDPOINT_PORT="51820"          # WireGuard server port
WG_PRIVATE_KEY="..."              # Client private key (from wg genkey)
WG_PUBLIC_KEY="..."               # Server public key

File Locations

  • Build script: ./build.sh
  • Package list: config/packages.list
  • Hardening script: config/harden.sh
  • User config: chroot-overlay/home/user/
  • System services: chroot-overlay/etc/systemd/system/
  • WireGuard config: chroot-overlay/etc/wireguard/

Quick Troubleshooting

Issue Command
WireGuard status sudo wg show
Firewall rules sudo iptables -L -n -v
System logs sudo journalctl -xe
Network status ip addr show

Security Checklist

  • Generated unique WireGuard keys
  • Changed default password (changeme)
  • Verified WireGuard endpoint connectivity
  • Configured Remmina profile for PAW
  • Enabled Secure Boot on physical hardware
  • Tested firewall rules
  • Verified no remote access services running

File Structure

football/
├── build.sh           # Run this to build
├── config/            # Build configuration
├── chroot-overlay/    # System files to overlay
├── output/            # Generated images (created after build)
└── README.md          # Full documentation
Reference in New Issue View Git Blame Copy Permalink