V8.13.384.2025.11.06

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>

.gitea/workflows/generate_PRIVATE_trixie_1.yaml

@@ -121,7 +121,7 @@ jobs:
           set +x
           set -euo pipefail
           umask 0077
-          GNUPGHOME="/dev/shm/gnupg.${GITHUB_RUN_ID}.${GITHUB_JOB}.${GITHUB_RUN_ATTEMPT}"
+          GNUPGHOME="/dev/shm/gnupg.${GITHUB_RUN_ID}.${GITHUB_JOB}"
           # shellcheck disable=SC2174
           mkdir -p -m 0700 "${GNUPGHOME}"
           echo "GNUPGHOME=${GNUPGHOME}"  >> "${GITHUB_ENV}"
@@ -190,26 +190,23 @@ jobs:
           timestamp=$(date -u +"%Y_%m_%dT%H_%M_%SZ")
           ### Change "--autobuild=" to the specific kernel version you need: '6.16.3+deb13-amd64'.
           ./ciss_live_builder.sh \
-            --autobuild=6.16.3+deb13-amd64 \
             --architecture amd64 \
+            --autobuild=6.16.3+deb13-amd64 \
             --build-directory /opt/cdlb \
             --cdi \
             --control "${timestamp}" \
             --jump-host ${{ secrets.CISS_DLB_JUMP_HOSTS_1 }} \
+            --key_age=keys.txt \
+            --key_luks=luks.txt \
             --root-password-file /dev/shm/cdlb_secrets/password.txt \
-            --signing_key=signing_key.asc \
-            --signing_key_fpr="${{ secrets.PGP_MSW_PRIVATE_SIGNING_KEY_FPR }}" \
+            --signing_key_fpr=${{ secrets.PGP_MSW_PRIVATE_SIGNING_KEY_FPR }} \
             --signing_key_pass=signing_key_pass.txt \
+            --signing_key=signing_key.asc \
             --ssh-port ${{ secrets.CISS_DLB_SSH_PORT_1 }} \
             --ssh-pubkey /dev/shm/cdlb_secrets \
             --sshfp \
             --trixie
 
-          REPO_ROOT="$(git rev-parse --show-toplevel 2>/dev/null || pwd -P)"
-          OUT="${REPO_ROOT}/config/hooks/live/9935_hardening_ssh.chroot"
-          rm -f "${OUT}"
-          echo "Hook removed: ${OUT}"
-
       - name: 📥 Checking Centurion Cloud for existing LIVE ISOs.
         env:
           NC_BASE: "https://cloud.e2ee.li"