msw/CISS.debian.live.builder
SHA256
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

V8.13.536.2025.12.04
Some checks failed
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Has been cancelled
Details

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2025-12-04 23:32:27 +01:00
parent 53009d97f7
commit 45f73f0d33
2 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.gitea/workflows/generate_PRIVATE_trixie_1.yaml
View File

@@ -183,6 +183,7 @@ jobs:
install -m 0600 /dev/null /dev/shm/cdlb_secrets/id_2025_ed25519_ciss_primordial.pub
install -m 0600 /dev/null /dev/shm/cdlb_secrets/keys.txt
install -m 0600 /dev/null /dev/shm/cdlb_secrets/luks.txt
install -m 0600 /dev/null /dev/shm/cdlb_secrets/signing_ca.asc
install -m 0600 /dev/null /dev/shm/cdlb_secrets/signing_key.asc
install -m 0600 /dev/null /dev/shm/cdlb_secrets/signing_key_pass.txt
@@ -196,6 +197,7 @@ jobs:
echo "${{ secrets.CISS_PRIMORDIAL_PUBLIC }}" >| /dev/shm/cdlb_secrets/id_2025_ed25519_ciss_primordial.pub
echo "${{ secrets.CISS_PHYS_AGE }}" >| /dev/shm/cdlb_secrets/keys.txt
echo "${{ secrets.CISS_PHYS_LUKS }}" >| /dev/shm/cdlb_secrets/luks.txt
echo "${{ secrets.PGP_CISS_CA_PUBLIC_KEY }}" >| /dev/shm/cdlb_secrets/signing_ca.asc
echo "${{ secrets.PGP_MSW_PRIVATE_SIGNING_KEY }}" >| /dev/shm/cdlb_secrets/signing_key.asc
echo "${{ secrets.PGP_MSW_PRIVATE_SIGNING_KEY_PASS }}" >| /dev/shm/cdlb_secrets/signing_key_pass.txt
@@ -205,16 +207,19 @@ jobs:
chmod 0700 ciss_live_builder.sh
timestamp=$(date -u +"%Y_%m_%dT%H_%M_%SZ")
### Change "--autobuild=" to the specific kernel version you need: '6.16.3+deb13-amd64'.
chmod 0400 /dev/shm/cdlb_secrets/*
./ciss_live_builder.sh \
--architecture amd64 \
--autobuild=6.17.8+deb13-amd64 \
--build-directory /opt/cdlb \
--cdi \
--change-splash hexagon \
--control "${timestamp}" \
--jump-host ${{ secrets.CISS_DLB_JUMP_HOSTS_1 }} \
--key_age=keys.txt \
--key_luks=luks.txt \
--root-password-file /dev/shm/cdlb_secrets/password.txt \
--signing_ca=signing_ca.asc \
--signing_key_fpr=${{ secrets.PGP_MSW_PRIVATE_SIGNING_KEY_FPR }} \
--signing_key_pass=signing_key_pass.txt \
--signing_key=signing_key.asc \