msw/CISS.debian.live.builder
SHA256
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

V8.03.400.2025.06.05

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2025-06-05 20:18:30 +02:00
parent 5eaeb97716
commit 328c58335b
33 changed files with 350 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

106
.gitea/workflows/generate_PRIVATE_iso_flavour_0.yaml
View File

@@ -9,7 +9,7 @@
# SPDX-PackageName: CISS.debian.live.builder
# SPDX-Security-Contact: security@coresecret.eu
### Version Master V8.03.384.2025.06.03
### Version Master V8.03.400.2025.06.05
name: Generating a Private Live ISO FLV 0.
@@ -30,7 +30,7 @@ jobs:
### Run all steps inside Debian Bookworm
container:
image: debian:trixie
image: debian:bookworm
steps:
- name: 🛠️ Basic Image Setup and enable Bookworm Backports.
@@ -62,6 +62,108 @@ jobs:
wget \
whois
- name: 🛠️ Build GnuPG from the sources, as the Bookworm GPG does not understand key format 5.
shell: bash
run: |
urls=(
"https://gnupg.org/ftp/gcrypt/npth/npth-1.8.tar.bz2"
"https://gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.55.tar.bz2"
"https://gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.1.tar.bz2"
"https://gnupg.org/ftp/gcrypt/libksba/libksba-1.6.7.tar.bz2"
"https://gnupg.org/ftp/gcrypt/libassuan/libassuan-3.0.2.tar.bz2"
"https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.4.8.tar.bz2"
)
for url in "${urls[@]}"; do
archive_name="${url##*/}"
pkg_name="${archive_name%.tar.bz2}"
echo "🔄 Processing ${pkg_name}"
if [[ ! -f "${archive_name}" ]]; then
echo "📥 Downloading: '${archive_name}'."
if wget "${url}" -O "${archive_name}" > /dev/null 2>&1; then
echo "✅ Download successful: '${archive_name}'."
else
echo "❌ Download NOT successful: '${archive_name}'."
exit 1
fi
else
echo " Skipping download, package already exists: '${archive_name}'."
fi
if [[ ! -d "${pkg_name}" ]]; then
echo "📂 Extracting: '${archive_name}'."
if tar -xjf "${archive_name}"; then
echo "✅ Extraction successful: '${archive_name}'."
else
echo "❌ Extraction not successful: '${archive_name}'."
exit 1
fi
else
echo " Skipping directory, already exists: '${pkg_name}'."
fi
echo "🏗️ Build and install the package: '${pkg_name}'."
cd "${pkg_name}" || { echo "❌ Could not change to '${pkg_name}'."; exit 1; }
mkdir -p build
cd build || { echo "❌ Could not change to '/build'."; exit 1; }
sudo ../configure > /dev/null 2>&1 || { echo "❌ '../configure' NOT successful for '${pkg_name}'."; exit 1; }
make > /dev/null 2>&1 || { echo "❌ 'make' NOT successful for '${pkg_name}'."; exit 1; }
sudo make install > /dev/null 2>&1 || { echo "❌ 'make install' NOT successful for '${pkg_name}'."; exit 1; }
cd ../.. || { echo "❌ Could not change to '../..'."; exit 1; }
rm -f "${archive_name}"; \
echo "✅ Removed archive: '${pkg_name}'."
rm -fr "${pkg_name}"; \
echo "✅ Removed build artifacts: '${pkg_name}'."
echo "✅ Successful build and installation of '${pkg_name}'."
echo "-------------------------------------------------------------------------------------"
done
echo "✅ All packages were built and installed successfully."
mv_bin=(
"/usr/bin/gpg"
"/usr/bin/gpg-agent"
"/usr/bin/gpgconf"
"/usr/bin/gpg-connect-agent"
"/usr/bin/gpg-wks-client"
"/usr/bin/gpg-preset-passphrase"
)
for bin in "${mv_bin[@]}"; do
name="${bin##*/}"
if [[ -f "${bin}" && -f "/usr/local/bin/${name}" ]]; then
if mv "${bin}" "${bin}.debian-backup"; then
echo "✅ Moved successfully: '${bin}'."
else
echo "❌ Moved NOT successfully: '${bin}'."
fi
else
echo " Does not exist as build binary: '${bin}'."
fi
done
for bin in "${mv_bin[@]}"; do
name="${bin##*/}"
if [[ -f "/usr/local/bin/${name}" ]]; then
if update-alternatives --install "${bin}" "${name}" "/usr/local/bin/${name}" 100; then
echo "✅ 'update-alternatives' successfully: '${bin}'."
else
echo "❌ 'update-alternatives' NOT successfully: '${bin}'."
fi
else
echo " Does not exist: '/usr/local/bin/${name}'."
fi
done
sudo ldconfig
gpgconf --kill all
/usr/local/bin/gpg-agent --daemon
- name: ⚙️ Check GnuPG Version.
shell: bash
run: |

106
.gitea/workflows/generate_PRIVATE_iso_flavour_1.yaml
View File

@@ -9,7 +9,7 @@
# SPDX-PackageName: CISS.debian.live.builder
# SPDX-Security-Contact: security@coresecret.eu
### Version Master V8.03.384.2025.06.03
### Version Master V8.03.400.2025.06.05
name: Generating a Private Live ISO FLV 1.
@@ -30,7 +30,7 @@ jobs:
### Run all steps inside Debian Bookworm
container:
image: debian:trixie
image: debian:bookworm
steps:
- name: 🛠️ Basic Image Setup and enable Bookworm Backports.
@@ -62,6 +62,108 @@ jobs:
wget \
whois
- name: 🛠️ Build GnuPG from the sources, as the Bookworm GPG does not understand key format 5.
shell: bash
run: |
urls=(
"https://gnupg.org/ftp/gcrypt/npth/npth-1.8.tar.bz2"
"https://gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.55.tar.bz2"
"https://gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.1.tar.bz2"
"https://gnupg.org/ftp/gcrypt/libksba/libksba-1.6.7.tar.bz2"
"https://gnupg.org/ftp/gcrypt/libassuan/libassuan-3.0.2.tar.bz2"
"https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.4.8.tar.bz2"
)
for url in "${urls[@]}"; do
archive_name="${url##*/}"
pkg_name="${archive_name%.tar.bz2}"
echo "🔄 Processing ${pkg_name}"
if [[ ! -f "${archive_name}" ]]; then
echo "📥 Downloading: '${archive_name}'."
if wget "${url}" -O "${archive_name}" > /dev/null 2>&1; then
echo "✅ Download successful: '${archive_name}'."
else
echo "❌ Download NOT successful: '${archive_name}'."
exit 1
fi
else
echo " Skipping download, package already exists: '${archive_name}'."
fi
if [[ ! -d "${pkg_name}" ]]; then
echo "📂 Extracting: '${archive_name}'."
if tar -xjf "${archive_name}"; then
echo "✅ Extraction successful: '${archive_name}'."
else
echo "❌ Extraction not successful: '${archive_name}'."
exit 1
fi
else
echo " Skipping directory, already exists: '${pkg_name}'."
fi
echo "🏗️ Build and install the package: '${pkg_name}'."
cd "${pkg_name}" || { echo "❌ Could not change to '${pkg_name}'."; exit 1; }
mkdir -p build
cd build || { echo "❌ Could not change to '/build'."; exit 1; }
sudo ../configure > /dev/null 2>&1 || { echo "❌ '../configure' NOT successful for '${pkg_name}'."; exit 1; }
make > /dev/null 2>&1 || { echo "❌ 'make' NOT successful for '${pkg_name}'."; exit 1; }
sudo make install > /dev/null 2>&1 || { echo "❌ 'make install' NOT successful for '${pkg_name}'."; exit 1; }
cd ../.. || { echo "❌ Could not change to '../..'."; exit 1; }
rm -f "${archive_name}"; \
echo "✅ Removed archive: '${pkg_name}'."
rm -fr "${pkg_name}"; \
echo "✅ Removed build artifacts: '${pkg_name}'."
echo "✅ Successful build and installation of '${pkg_name}'."
echo "-------------------------------------------------------------------------------------"
done
echo "✅ All packages were built and installed successfully."
mv_bin=(
"/usr/bin/gpg"
"/usr/bin/gpg-agent"
"/usr/bin/gpgconf"
"/usr/bin/gpg-connect-agent"
"/usr/bin/gpg-wks-client"
"/usr/bin/gpg-preset-passphrase"
)
for bin in "${mv_bin[@]}"; do
name="${bin##*/}"
if [[ -f "${bin}" && -f "/usr/local/bin/${name}" ]]; then
if mv "${bin}" "${bin}.debian-backup"; then
echo "✅ Moved successfully: '${bin}'."
else
echo "❌ Moved NOT successfully: '${bin}'."
fi
else
echo " Does not exist as build binary: '${bin}'."
fi
done
for bin in "${mv_bin[@]}"; do
name="${bin##*/}"
if [[ -f "/usr/local/bin/${name}" ]]; then
if update-alternatives --install "${bin}" "${name}" "/usr/local/bin/${name}" 100; then
echo "✅ 'update-alternatives' successfully: '${bin}'."
else
echo "❌ 'update-alternatives' NOT successfully: '${bin}'."
fi
else
echo " Does not exist: '/usr/local/bin/${name}'."
fi
done
sudo ldconfig
gpgconf --kill all
/usr/local/bin/gpg-agent --daemon
- name: ⚙️ Check GnuPG Version.
shell: bash
run: |

106
.gitea/workflows/generate_PUBLIC_iso.yaml
View File

@@ -9,7 +9,7 @@
# SPDX-PackageName: CISS.debian.live.builder
# SPDX-Security-Contact: security@coresecret.eu
### Version Master V8.03.384.2025.06.03
### Version Master V8.03.400.2025.06.05
name: Generating a PUBLIC Live ISO.
@@ -30,7 +30,7 @@ jobs:
### Run all steps inside Debian Bookworm
container:
image: debian:trixie
image: debian:bookworm
steps:
- name: 🛠️ Basic Image Setup and enable Bookworm Backports.
@@ -62,6 +62,108 @@ jobs:
wget \
whois
- name: 🛠️ Build GnuPG from the sources, as the Bookworm GPG does not understand key format 5.
shell: bash
run: |
urls=(
"https://gnupg.org/ftp/gcrypt/npth/npth-1.8.tar.bz2"
"https://gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.55.tar.bz2"
"https://gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.1.tar.bz2"
"https://gnupg.org/ftp/gcrypt/libksba/libksba-1.6.7.tar.bz2"
"https://gnupg.org/ftp/gcrypt/libassuan/libassuan-3.0.2.tar.bz2"
"https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.4.8.tar.bz2"
)
for url in "${urls[@]}"; do
archive_name="${url##*/}"
pkg_name="${archive_name%.tar.bz2}"
echo "🔄 Processing ${pkg_name}"
if [[ ! -f "${archive_name}" ]]; then
echo "📥 Downloading: '${archive_name}'."
if wget "${url}" -O "${archive_name}" > /dev/null 2>&1; then
echo "✅ Download successful: '${archive_name}'."
else
echo "❌ Download NOT successful: '${archive_name}'."
exit 1
fi
else
echo " Skipping download, package already exists: '${archive_name}'."
fi
if [[ ! -d "${pkg_name}" ]]; then
echo "📂 Extracting: '${archive_name}'."
if tar -xjf "${archive_name}"; then
echo "✅ Extraction successful: '${archive_name}'."
else
echo "❌ Extraction not successful: '${archive_name}'."
exit 1
fi
else
echo " Skipping directory, already exists: '${pkg_name}'."
fi
echo "🏗️ Build and install the package: '${pkg_name}'."
cd "${pkg_name}" || { echo "❌ Could not change to '${pkg_name}'."; exit 1; }
mkdir -p build
cd build || { echo "❌ Could not change to '/build'."; exit 1; }
sudo ../configure > /dev/null 2>&1 || { echo "❌ '../configure' NOT successful for '${pkg_name}'."; exit 1; }
make > /dev/null 2>&1 || { echo "❌ 'make' NOT successful for '${pkg_name}'."; exit 1; }
sudo make install > /dev/null 2>&1 || { echo "❌ 'make install' NOT successful for '${pkg_name}'."; exit 1; }
cd ../.. || { echo "❌ Could not change to '../..'."; exit 1; }
rm -f "${archive_name}"; \
echo "✅ Removed archive: '${pkg_name}'."
rm -fr "${pkg_name}"; \
echo "✅ Removed build artifacts: '${pkg_name}'."
echo "✅ Successful build and installation of '${pkg_name}'."
echo "-------------------------------------------------------------------------------------"
done
echo "✅ All packages were built and installed successfully."
mv_bin=(
"/usr/bin/gpg"
"/usr/bin/gpg-agent"
"/usr/bin/gpgconf"
"/usr/bin/gpg-connect-agent"
"/usr/bin/gpg-wks-client"
"/usr/bin/gpg-preset-passphrase"
)
for bin in "${mv_bin[@]}"; do
name="${bin##*/}"
if [[ -f "${bin}" && -f "/usr/local/bin/${name}" ]]; then
if mv "${bin}" "${bin}.debian-backup"; then
echo "✅ Moved successfully: '${bin}'."
else
echo "❌ Moved NOT successfully: '${bin}'."
fi
else
echo " Does not exist as build binary: '${bin}'."
fi
done
for bin in "${mv_bin[@]}"; do
name="${bin##*/}"
if [[ -f "/usr/local/bin/${name}" ]]; then
if update-alternatives --install "${bin}" "${name}" "/usr/local/bin/${name}" 100; then
echo "✅ 'update-alternatives' successfully: '${bin}'."
else
echo "❌ 'update-alternatives' NOT successfully: '${bin}'."
fi
else
echo " Does not exist: '/usr/local/bin/${name}'."
fi
done
sudo ldconfig
gpgconf --kill all
/usr/local/bin/gpg-agent --daemon
- name: ⚙️ Check GnuPG Version.
shell: bash
run: |

2
.gitea/workflows/render-dnssec-status.yaml
View File

@@ -9,7 +9,7 @@
# SPDX-PackageName: CISS.debian.live.builder
# SPDX-Security-Contact: security@coresecret.eu
### Version Master V8.03.384.2025.06.03
### Version Master V8.03.400.2025.06.05
name: Retrieve DNSSEC status of coresecret.dev.

2
.gitea/workflows/render-dot-to-png.yaml
View File

@@ -9,7 +9,7 @@
# SPDX-PackageName: CISS.debian.live.builder
# SPDX-Security-Contact: security@coresecret.eu
### Version Master V8.03.384.2025.06.03
### Version Master V8.03.400.2025.06.05
name: Render Graphviz Diagrams.