KNEL/football
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
96 Commits 1 Branch 0 Tags
e8a9ff8061bede53cc08b67cf34a06226f661338
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
ReachableCEO e8a9ff8061 docs: completely rewrite AGENTS.md with comprehensive LLM agent guide 
Rewrite AGENTS.md as comprehensive guide for LLM agents to be immediately productive. Add current status, mandatory security requirements, project structure, agent workflow, critical requirements, Docker-only workflow, testing coverage, key concepts, error handling, and success criteria. Provide clear quick start instructions and checklists.

💘 Generated with Crush

Assisted-by: GLM-4.7 via Crush <crush@charm.land>
2026-01-29 10:52:58 -05:00
bin
feat: Add bin directory for management scripts
2026-01-21 15:39:34 -05:00
config
feat: add encryption validation and user notification hook
2026-01-29 10:00:05 -05:00
docs
docs: Add comprehensive documentation structure
2026-01-21 15:38:50 -05:00
lib
feat: Add Docker utility library
2026-01-21 15:39:29 -05:00
plan
feat: Phase 1 - Project structure and build environment
2026-01-21 10:22:03 -05:00
src
feat: update ISO build command with encryption flags
2026-01-29 10:00:57 -05:00
tests
test: Update test suite with improved structure
2026-01-21 15:40:33 -05:00
.gitignore
chore: Update .gitignore for KNEL-Football project
2026-01-21 15:40:08 -05:00
AGENTS.md
docs: completely rewrite AGENTS.md with comprehensive LLM agent guide
2026-01-29 10:52:58 -05:00
BUILD-COMPLETE.md
docs: add build completion report with ISO verification
2026-01-29 10:00:19 -05:00
BUILD-SUMMARY.md
docs: add build session summary with implementation details
2026-01-29 10:00:21 -05:00
Dockerfile
chore: add multi-stage Dockerfile for build environment
2026-01-29 10:00:50 -05:00
FINAL-SECURITY-COMPLIANCE-REPORT.md
feat: Add final security compliance report
2026-01-21 15:38:57 -05:00
JOURNAL.md
docs: update JOURNAL with mandatory requirements implementation session
2026-01-29 10:00:33 -05:00
PRD.md
docs: add comprehensive PRD with mandatory security requirements
2026-01-29 09:59:15 -05:00
QUICK_START.md
docs: add quick start guide for project setup and build
2026-01-29 10:01:10 -05:00
README.md
docs: remove test-iso.sh from project files table
2026-01-29 10:39:13 -05:00
RESUME.md
docs: update RESUME with build completion and ISO status
2026-01-29 10:00:49 -05:00
run.sh
feat: add test:iso command to run.sh for VM testing
2026-01-29 10:38:51 -05:00
SESSION-CLOSED.md
docs: add session closure documentation for continuity
2026-01-29 10:01:12 -05:00
test-iso.sh
feat: add libvirt/virsh ISO testing script
2026-01-29 10:36:20 -05:00
VERIFICATION-REPORT.md
docs: add comprehensive verification report for mandatory requirements
2026-01-29 10:00:25 -05:00

README.md

KNEL-Football Secure OS

⚠️ READ THESE FILES FIRST

🚀 Quick Start

  1. AGENTS.md - Current status + critical requirements (START HERE)
  2. RESUME.md - Complete resumption guide
  3. QUICK_START.md - Quick reference commands

📋 Documentation Files

File Purpose
AGENTS.md START HERE - Current status + requirements
RESUME.md Complete resumption guide + build history
QUICK_START.md Quick commands and status
JOURNAL.md Append-only development journal

🔧 Project Files

File Purpose
run.sh Main entry point (build/test/lint/clean/iso/test:iso)
Dockerfile Build environment
config/ Live-build configuration
tests/ BATS test suite

Current Status (2026-01-24 19:00 CST)

ISO Build Running

  • Status: Active build (3rd attempt, minimal config)
  • Current Stage: lb binary_chroot (creating binary filesystem)
  • Started: 18:04 CST
  • Expected Completion: 19:00-19:15 CST (~15 min remaining)
  • Build Log: /tmp/knel-iso-build.log
  • Output: output/ (ISO will appear here when complete)

First Actions

cd /home/tsys/Projects/KNEL/football

# 1. Check if ISO is ready
ls -lh output/

# 2. If ready, verify
cd output/
sha256sum -c knel-football-secure-v1.0.0.iso.sha256

# 3. If not ready, monitor
tail -f /tmp/knel-iso-build.log

Quick Commands

Project Management

./run.sh build    # Build Docker image
./run.sh test     # Run tests
./run.sh lint     # Check scripts
./run.sh clean    # Remove artifacts
./run.sh iso      # Build ISO (30-60 min)
./run.sh shell    # Interactive shell

Build Commands

# Monitor ISO build
tail -f /tmp/knel-iso-build.log

# Check build status
tail -50 /tmp/knel-iso-build.log | grep "P:"

# Check output
ls -lh output/

ISO Testing (libvirt/virsh)

./test-iso.sh create              # Create and boot test VM
./test-iso.sh console             # Connect to VM console
./test-iso.sh status              # Show VM status
./test-iso.sh stop                # Stop VM
./test-iso.sh destroy             # Remove VM
./test-iso.sh list                # List all test VMs

Project Overview

Goal

Build KNEL-Football secure ISO with Docker-only workflow following AGENTS.md requirements.

Features

  • Mandatory Full Disk Encryption - LUKS2 with AES-256-XTS
  • Mandatory Strong Passwords - 14+ chars, complexity requirements
  • Debian Testing base
  • IceWM + LightDM desktop
  • WiFi/Bluetooth permanently disabled
  • SSH with wireguard keys
  • Firewall rules (inbound SSH, outbound VPN only)
  • USB automount support
  • QR code import for WireGuard

Security Requirements (MANDATORY)

  • Full disk encryption with LUKS2 (AES-256-XTS, 512-bit key)
  • Encryption passphrase required at every boot (14+ characters)
  • Password complexity enforced (14+ chars, mix of classes)
  • Network isolation (VPN-only access)
  • No wireless networking
  • Comprehensive audit logging

Compliance

All operations in Docker container Docker volumes for file I/O No directories in /home No host system modifications Only final artifacts in output/ File ownership preserved

Documentation

AGENTS.md (READ FIRST)

  • Current build status
  • Critical requirements
  • Docker-only workflow
  • Volume structure

RESUME.md (Detailes Guide)

  • Build progress timeline
  • Issues encountered and solutions
  • Working configuration
  • Restart instructions
  • Compliance verification

QUICK_START.md (Quick Reference)

  • First actions
  • Quick commands
  • Key files reference
  • Expected output

JOURNAL.md (Development Log)

  • Append-only journal
  • Daily work notes
  • Lessons learned
  • Technical decisions

Session Summary

Date: 2026-01-24 Duration: 8 hours (11:00-19:00 CST) Goal: Build ISO with Docker-only workflow Status: Build running (expected completion ~15 min) Attempts: 7 Working Strategy: Minimal configuration (all problematic flags removed)

Next Actions:

  1. Check output/ for ISO
  2. Verify ISO with checksums
  3. Test ISO with libvirt/virsh
  4. Validate security features

📍 START HERE: AGENTS.md → Current status + requirements 📖 DETAILS: RESUME.md → Complete resumption guide QUICK: QUICK_START.md → Quick commands

ISO Build Running - Expected completion: 19:00-19:15 CST

Reference in New Issue View Git Blame Copy Permalink
Description
Fully self contained , very stripped and locked down Debian image intended for deployment onto physical access only system (Dell Laptop) (called football-(x) to be used for remote (RDP) access to another high security physical system (highside) which is a privileged access workstation in the KNEL server room.
Readme AGPL-3.0 5.3 MiB
Languages
Shell 98.8%
Dockerfile 1.2%