msw/CISS.debian.live.builder
SHA256
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

V8.03.384.2025.06.03
All checks were successful
Render Graphviz Diagrams. / Render Graphviz Diagrams. (push) Successful in 27s
Details

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2025-06-03 00:57:19 +02:00
parent c359695199
commit 0a4a2c4149
4 changed files with 23 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@@ -59,6 +59,7 @@ add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; prelo
* Additionally, the entire zone is dual-signed with DNSSEC. See the current DNSSEC status at: **[DNSSEC Audit Report](/docs/AUDIT_DNSSEC.md)**
* A comprehensive TLS audit of the `git.coresecret.dev` Gitea server is also available. See: **[TLS Audit Report](/docs/AUDIT_TLS.md)**
* The infrastructure of the CISS.debian.live.builder building system is visualized here. See: **[Centurion Net](/docs/CNET.md)**
### 1.1.3. Gitea Action Runner Hardening

21
docs/CNET.md Normal file
View File

@@ -0,0 +1,21 @@
---
gitea: none
include_toc: true
---
# 1. CISS.debian.live.builder
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*Debian Live Build Generator for hardened live environment and CISS Debian Installer*<br>
**Master Version**: 8.03<br>
**Build**: V8.03.384.2025.06.03<br>
# 2. Download the latest PUBLIC CISS.debian.live.ISO
This is an automatically generated overview of the secure ``Centurion Net`` ``CISS.debian.live.builder`` building system.
![Centurion Net](/docs/graphviz/ciss.debian.live.builder.png)
---
**[no tracking | no logging | no advertising | no profiling | no bullshit](https://coresecret.eu/)**
<!-- vim: set number et ts=2 sw=2 sts=2 ai tw=128 ft=markdown -->

5
docs/graphiz/ciss.debian.live.builder.dot → docs/graphviz/ciss.debian.live.builder.dot
View File

@@ -86,10 +86,7 @@ digraph CISS_debian_live_builder {
// ----- Cluster: TLS/HTTPS group (contains B-Server, cloud, and the TLS cloud) -----
subgraph cluster_tls_group {
// The red dotted rectangle around B-Cluster, cloud, and the TLS cloud
label="ECDHE-RSA-AES256-GCM-SHA384 ECDH 448 AESGCM 256\n\
ECDHE-RSA-CHACHA20-POLY1305 ECDH 448 ChaCha20 256\n\
TLS_AES_256_GCM_SHA384 ECDH 448 AESGCM 256\n\
TLS_CHACHA20_POLY1305_SHA256 ECDH 448 ChaCha20 256";
label="TLS 1.2 || 1.3 AES256-GCM-SHA384 ECDH 448 AESGCM 256 only.";
style=dashed;
color=red;

0
docs/graphiz/ciss.debian.live.builder.png → docs/graphviz/ciss.debian.live.builder.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 119 KiB

After

Width:  |  Height:  |  Size: 119 KiB