msw/CISS.debian.live.builder
SHA256
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

Compare commits

base: msw:813229d505bd2565b8747fc2437e41bfb5bae99b0a7feb3196bb960ce6416c80
Branches Tags
msw:master
msw:v8.13.142-stable msw:v8.13.008-stable msw:v8.03.864-stable msw:v8.03.832-stable msw:v8.03.768-stable msw:v8.03.644-stable
..
compare: msw:a5219c67547d424ed1d5953183bcb2f503836f4670abac296351ade6c1a6c3e5
Branches Tags
msw:master
msw:v8.13.142-stable msw:v8.13.008-stable msw:v8.03.864-stable msw:v8.03.832-stable msw:v8.03.768-stable msw:v8.03.644-stable

3 Commits
813229d505 ... a5219c6754

Author SHA256 Message Date
Marc S. Weidner
a5219c6754 V8.03.384.2025.06.03 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
 2025-06-03 10:44:59 +02:00
Marc S. Weidner
96504a40fb Merge remote-tracking branch 'origin/master' 2025-06-03 10:43:19 +02:00
Marc S. Weidner
661ae7cb7f V8.03.384.2025.06.03 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
 2025-06-03 10:43:02 +02:00
2 changed files with 6 additions and 6 deletions
Expand all files Collapse all files

4
README.md
View File

@@ -66,8 +66,8 @@ add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; prelo
The CI runners operate on a dedicated host system located in a completely separate Autonomous System (AS). This host is solely The CI runners operate on a dedicated host system located in a completely separate Autonomous System (AS). This host is solely
dedicated to providing CI runners and does not perform any other tasks. Each runner is hermetically isolated from others using dedicated to providing CI runners and does not perform any other tasks. Each runner is hermetically isolated from others using
non-privileged, shell-less user accounts with no direct login capability. Additionally, each runner executes within its own non-privileged, shell-less user accounts with no direct login capability. Additionally, each runner executes within its own
separate directory tree, employs `DynamicUser` features, and adheres to strict systemd hardening policies (achieving a security separate directory tree, employs `DynamicUser` features, and adheres to strict systemd hardening policies (achieving a ``systemd-analyze security``
rating of 2.6). Docker containers used by runners do not run in privileged mode. Security is further enhanced through the use rating of **``2.6``**). Docker containers used by runners do not run in privileged mode. Security is further enhanced through the use
of both UFW software firewalls and dedicated hardware firewall appliances. of both UFW software firewalls and dedicated hardware firewall appliances.
## 1.2. Immutable Source-of-Truth System ## 1.2. Immutable Source-of-Truth System

8
docs/DL_PUB_ISO.md
View File

@@ -14,7 +14,7 @@ include_toc: true
## 2.1. Autobuild Information ## 2.1. Autobuild Information
The latest information about the public CISS.debian.live.ISO is available at `./LIVE_ISO.public`. The latest information about the public **``CISS.debian.live.ISO``** is available at **`/LIVE_ISO.public`**.
## 2.2. URL ## 2.2. URL
@@ -22,14 +22,14 @@ Download the latest Auto-Generated [CISS.debian.live.ISO_PUBLIC](https://cloud.e
## 2.3. Root Passwd ## 2.3. Root Passwd
Use the following Root Passwd: Use the following ``Root`` Password:
````text ````text
Mvnz#zENbf2vsAYEAbfPcnbDcmct7XefPXfRJxSQQH Mvnz#zENbf2vsAYEAbfPcnbDcmct7XefPXfRJxSQQH
```` ````
## 2.4. Root SSH Keys ## 2.4. Root SSH Keys
Use the following Root SSH Key Material: Use the following ``Root`` SSH Key Material:
### 2.4.1. SSH Public Key ### 2.4.1. SSH Public Key
````text ````text
@@ -73,7 +73,7 @@ Private-MAC: 3c87f88ee5306c56e7b2240d7bddda3ce4369d6d296b9101d8a8c5834fdf5e25
### 2.4.4. SSH Private Key Encryption Key (KEK) ### 2.4.4. SSH Private Key Encryption Key (KEK)
````text ````text
Mvnz#zENbf2vsAYEAbfPcnbDcmct7XefPXfRJxSQQH ^QbHsh#WPdaVwyWbkb5fpejDawhaKP9hx74dnCzD#W
```` ````
# 3. Login # 3. Login