V9.14.022.2026.06.10
🛡️ Retrieve DNSSEC status of coresecret.dev. / 🛡️ Retrieve DNSSEC status of coresecret.dev. (push) Has been cancelled
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Has been cancelled
💙 Generating a PUBLIC Live ISO. / 💙 Generating a PUBLIC Live ISO. (push) Has been cancelled
🔐 Generating a Private Live ISO TRIXIE. / 🔐 Generating a Private Live ISO TRIXIE. (push) Has been cancelled
🛡️ Retrieve DNSSEC status of coresecret.dev. / 🛡️ Retrieve DNSSEC status of coresecret.dev. (push) Has been cancelled
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Has been cancelled
💙 Generating a PUBLIC Live ISO. / 💙 Generating a PUBLIC Live ISO. (push) Has been cancelled
🔐 Generating a Private Live ISO TRIXIE. / 🔐 Generating a Private Live ISO TRIXIE. (push) Has been cancelled
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
@@ -13,6 +13,7 @@ include_toc: true
|
||||
# 2. Changelog
|
||||
|
||||
## V9.14.022.2026.06.10
|
||||
* **Added**: [lib_logo.sh](../lib/lib_logo.sh)
|
||||
* **Added**: [9999_cdi_starter.sh](../scripts/usr/local/sbin/9999_cdi_starter.sh) Retrieve rdns for Primordial-Workflow™
|
||||
* **Added**: [0900_ufw_setup.chroot](../config/hooks/live/0900_ufw_setup.chroot) SSH ufw out exception for Primordial-Workflow™
|
||||
|
||||
|
||||
+12
-2
@@ -98,13 +98,23 @@ A lightweight Shell Wrapper for building a hardened Debian Live ISO Image.
|
||||
Provides statistic only after successful building a CISS.debian.live-ISO. While enabling '--log-statistics-only'
|
||||
the argument '--build-directory' MUST be provided.
|
||||
|
||||
--primordial-key <ssh-identity-filename>
|
||||
SSH identity filename for the Primordial overlay clone. This MUST be a filename only; the runtime path is derived as
|
||||
'/root/.ssh/<ssh-identity-filename>'.
|
||||
Example fragment:
|
||||
./ciss_live_builder.sh --primordial-url https://git.coresecret.dev/ahz/PhysNet.primordial.git \
|
||||
--primordial-key id--git.coresecret.dev--PhysNet.primordial_deploy--ed25519--newton--2025-10 \
|
||||
--primordial-ssh 42842
|
||||
|
||||
--primordial-ssh <INTEGER>
|
||||
Adds one outgoing UFW TCP exception for a bootstrap/recovery SSH port.
|
||||
Outgoing only: no incoming firewall rule is added, and this option does not replace '--ssh-port'.
|
||||
Effective only when the Live System's UFW outgoing policy is 'deny'.
|
||||
Port MUST be a decimal integer between '1' and '65535'.
|
||||
Example fragment:
|
||||
./ciss_live_builder.sh --ssh-port 42842 --primordial-ssh 2222
|
||||
|
||||
--primordial-url <https-git-url>
|
||||
HTTPS Git repository URL for the Primordial CDI overlay. MUST start with 'https://', include a host and path, and end in
|
||||
'.git'. The CDI starter converts this URL to an SSH clone URL at runtime.
|
||||
|
||||
--provider-netcup-ipv6
|
||||
Activates IPv6 support for Netcup Root Server. One unique IPv6 address MUST be provided in this case and MUST be
|
||||
|
||||
Reference in New Issue
Block a user