Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

enabling support for wireguard and firewall #2713

Open
wants to merge 31 commits into
base: next/minor
Choose a base branch
from
Open

enabling support for wireguard and firewall #2713

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
31 commits
Select commit Hold shift + click to select a range
0e0b7b8
wip: enabling support for wireguard and firewall
dr-bonez Aug 15, 2024
1743b37
Merge branch 'next/minor' of github.com:Start9Labs/start-os into feat…
dr-bonez Nov 22, 2024
25aa627
wip
dr-bonez Nov 23, 2024
e950c5e
wip
dr-bonez Nov 25, 2024
9735a32
wip
dr-bonez Nov 26, 2024
1079ca2
wip
dr-bonez Nov 26, 2024
fb76877
wip
dr-bonez Nov 27, 2024
8af5f6d
implement some things
dr-bonez Nov 27, 2024
def6699
fix warning
dr-bonez Nov 29, 2024
821460e
wip
dr-bonez Nov 29, 2024
e8895e4
Merge branch 'next/minor' of github.com:Start9Labs/start-os into feat…
dr-bonez Nov 29, 2024
17d5d1c
alpha.23
dr-bonez Nov 29, 2024
cf1eefd
misc fixes
dr-bonez Dec 3, 2024
637b2ad
Merge branch 'next/minor' of github.com:Start9Labs/start-os into feat…
dr-bonez Dec 3, 2024
eb5de04
remove ufw since no longer required
dr-bonez Dec 3, 2024
d5fe527
remove debug info
dr-bonez Dec 3, 2024
309798b
add cli bindings
dr-bonez Dec 3, 2024
8f68822
debugging
dr-bonez Dec 5, 2024
282a451
Merge branch 'next/minor' of github.com:Start9Labs/start-os into feat…
dr-bonez Dec 6, 2024
1c90ddb
fixes
dr-bonez Dec 11, 2024
a1b4311
individualized acme and privacy settings for domains and bindings
dr-bonez Dec 13, 2024
926ef71
sdk version bump
dr-bonez Dec 16, 2024
5908ec4
migration
dr-bonez Dec 18, 2024
3fe54fc
misc fixes
dr-bonez Dec 19, 2024
79725c8
refactor Host::update
dr-bonez Dec 19, 2024
4a0716c
debug info
dr-bonez Dec 20, 2024
c8c5ee0
refactor webserver
dr-bonez Dec 31, 2024
7546c36
misc fixes
dr-bonez Jan 3, 2025
b249269
misc fixes
dr-bonez Jan 4, 2025
181d9f1
refactor port forwarding
dr-bonez Jan 7, 2025
d9a01e2
recheck interfaces every 5 min if no dbus event
dr-bonez Jan 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 0 additions & 40 deletions CLEARNET.md
View file
Open in desktop

This file was deleted.

3 changes: 2 additions & 1 deletion Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ GZIP_BIN := $(shell which pigz || which gzip)
TAR_BIN := $(shell which gtar || which tar)
COMPILED_TARGETS := core/target/$(ARCH)-unknown-linux-musl/release/startbox core/target/$(ARCH)-unknown-linux-musl/release/containerbox system-images/compat/docker-images/$(ARCH).tar system-images/utils/docker-images/$(ARCH).tar system-images/binfmt/docker-images/$(ARCH).tar container-runtime/rootfs.$(ARCH).squashfs
ALL_TARGETS := $(STARTD_SRC) $(ENVIRONMENT_FILE) $(GIT_HASH_FILE) $(VERSION_FILE) $(COMPILED_TARGETS) cargo-deps/$(ARCH)-unknown-linux-musl/release/startos-backup-fs $(shell if [ "$(PLATFORM)" = "raspberrypi" ]; then echo cargo-deps/aarch64-unknown-linux-musl/release/pi-beep; fi) $(shell /bin/bash -c 'if [[ "${ENVIRONMENT}" =~ (^|-)unstable($$|-) ]]; then echo cargo-deps/$(ARCH)-unknown-linux-musl/release/tokio-console; fi') $(PLATFORM_FILE)
REBUILD_TYPES = 1

ifeq ($(REMOTE),)
mkdir = mkdir -p $1
Expand Down Expand Up @@ -226,7 +227,7 @@ container-runtime/node_modules/.package-lock.json: container-runtime/package.jso
npm --prefix container-runtime ci
touch container-runtime/node_modules/.package-lock.json

sdk/base/lib/osBindings/index.ts: core/startos/bindings/index.ts
sdk/base/lib/osBindings/index.ts: $(shell if [ "$(REBUILD_TYPES)" -ne 0 ]; then echo core/startos/bindings/index.ts; fi)
mkdir -p sdk/base/lib/osBindings
rsync -ac --delete core/startos/bindings/ sdk/base/lib/osBindings/
touch sdk/base/lib/osBindings/index.ts
Expand Down
2 changes: 2 additions & 0 deletions build/dpkg-deps/depends
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ cryptsetup
curl
dnsutils
dmidecode
dnsutils
dosfstools
e2fsprogs
ecryptfs-utils
Expand Down Expand Up @@ -57,4 +58,5 @@ systemd-timesyncd
tor
util-linux
vim
wireguard-tools
wireless-tools
1 change: 0 additions & 1 deletion build/lib/scripts/dhclient-exit-hook
View file
Open in desktop

This file was deleted.

5 changes: 4 additions & 1 deletion build/lib/scripts/enable-kiosk
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ set -e

# install dependencies
/usr/bin/apt update
/usr/bin/apt install --no-install-recommends -y xserver-xorg x11-xserver-utils xinit firefox-esr matchbox-window-manager libnss3-tools
/usr/bin/apt install --no-install-recommends -y xserver-xorg x11-xserver-utils xinit firefox-esr matchbox-window-manager libnss3-tools p11-kit-modules
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📓 https://en.wikipedia.org/wiki/PKCS_11


#Change a default preference set by stock debian firefox-esr
sed -i 's|^pref("extensions.update.enabled", true);$|pref("extensions.update.enabled", false);|' /etc/firefox-esr/firefox-esr.js
Expand Down Expand Up @@ -83,6 +83,9 @@ user_pref("toolkit.telemetry.updatePing.enabled", false);
user_pref("toolkit.telemetry.cachedClientID", "");
EOF

cp /usr/lib/firefox-esr/libnssckbi.so /usr/lib/firefox-esr/libnssckbi.so.bak
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤷‍♀️ why?

ln -sf /usr/lib/x86_64-linux-gnu/pkcs11/p11-kit-trust.so /usr/lib/firefox-esr/libnssckbi.so

# create kiosk script
cat > /home/kiosk/kiosk.sh << 'EOF'
#!/bin/sh
Expand Down
6 changes: 0 additions & 6 deletions container-runtime/src/Adapters/EffectCreator.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -216,12 +216,6 @@ export function makeEffects(context: EffectContext): Effects {
}) as ReturnType<T.Effects["getServiceInterface"]>
},

getPrimaryUrl(...[options]: Parameters<T.Effects["getPrimaryUrl"]>) {
return rpcRound("get-primary-url", {
...options,
callback: context.callbacks?.addCallback(options.callback) || null,
}) as ReturnType<T.Effects["getPrimaryUrl"]>
},
getServicePortForward(
...[options]: Parameters<T.Effects["getServicePortForward"]>
) {
Expand Down
1 change: 0 additions & 1 deletion container-runtime/src/Adapters/Systems/SystemForEmbassy/index.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -425,7 +425,6 @@ export class SystemForEmbassy implements System {
name: interfaceValue.name,
id: `${id}-${internal}`,
description: interfaceValue.description,
hasPrimary: false,
type:
interfaceValue.ui &&
(origin.scheme === "http" || origin.sslScheme === "https")
Expand Down
Loading