1f61eb8c7e
Merge pull request #317 from naturallaw777/copilot/update-hub-router-port-forwarding-ui
...
Clarify Hub router forwarding copy and surface internal IP in Element Call flows
2026-06-24 17:26:11 -05:00
625a307a8d
Merge pull request #316 from naturallaw777/copilot/fix-legacy-ssh-key-handling
...
Repair legacy factory SSH keys when Hub passphrase changes
2026-06-24 17:25:57 -05:00
c2f3f048b9
fix: simplify internal IP copy handling
2026-06-24 22:19:14 +00:00
bd3dbcb057
fix: clarify router forwarding IP guidance
2026-06-24 22:17:13 +00:00
7f975bc4f1
chore: use flock for ssh bootstrap repair
2026-06-24 22:16:44 +00:00
31abf40722
chore: serialize ssh bootstrap key repairs
2026-06-24 22:16:05 +00:00
439021f798
chore: harden ssh bootstrap script
2026-06-24 22:15:24 +00:00
181465c376
chore: log legacy ssh key regeneration
2026-06-24 22:14:42 +00:00
6ec28b1ad7
Initial plan
2026-06-24 22:14:35 +00:00
db1a88ab2e
fix: repair legacy factory ssh key passphrases
2026-06-24 22:14:06 +00:00
aa148fe435
Initial plan
2026-06-24 22:12:39 +00:00
f4590ff653
Merge pull request #315 from naturallaw777/copilot/update-sovran-systemsos-port-forwarding-ui
...
Align port-forwarding UX to local-readiness semantics across service detail, Step 4 checklist, and onboarding
2026-06-24 16:55:07 -05:00
22402cb4fd
Align router setup wording and local port statuses
2026-06-24 19:06:12 +00:00
1868a58ee0
Initial plan
2026-06-24 19:03:36 +00:00
naturallaw777
50cbd2fa28
added onlyoffice
2026-06-24 13:19:41 -05:00
81e34a4adb
Merge pull request #314 from naturallaw777/copilot/fix-livekit-service-permissions
...
fix: deliver LiveKit config via LoadCredential to resolve DynamicUser permission denied
2026-06-23 21:04:51 -05:00
302eb43233
fix: deliver livekit config via LoadCredential to fix DynamicUser permission denied
2026-06-24 01:21:05 +00:00
949391ed44
Initial plan
2026-06-24 01:19:37 +00:00
5041e5202f
Merge pull request #313 from naturallaw777/fix/livekit-embedded-turn
...
fix(element-calling): enable LiveKit embedded TURN with runtime matri…
2026-06-23 20:04:38 -05:00
8baefe1bfd
fix(element-calling): enable LiveKit embedded TURN with runtime matrix domain + cert
...
LiveKit was exiting cleanly with "TURN domain required" because turn.enabled
was set in the build-time config but turn.domain was never provided to the
process (the old livekit-runtime-config.service wrote a YAML that nothing
read). A clean exit (status 0) meant Restart=on-failure never restarted it,
so the Hub reported the service as Inactive.
This replaces the dead runtime-config oneshot with livekit-turn-setup.service,
which at runtime:
- reads the matrix domain from /var/lib/domains/matrix (no hardcoding)
- copies Caddy's already-issued matrix cert/key into /var/lib/livekit
- generates a complete LiveKit config (incl. turn.domain + TLS cert/key)
at /run/livekit/livekit.yaml
The livekit.service ExecStart is overridden to load that runtime config
(mirroring the existing Caddy ExecStart override pattern in
modules/core/caddy.nix), since turn.domain is only known at runtime. The cert
is delivered via LoadCredential so it is readable under DynamicUser=true
without weakening the sandbox.
Also aligns the RTC media port range (rtc.port_range_start/end = 30000-40000)
so it matches the forwarded ports, and drops the now-redundant manual
30000-40000 firewall ranges (covered by services.livekit settings/openFirewall).
2026-06-23 20:03:26 -05:00
d8108dae0f
Merge pull request #312 from naturallaw777/copilot/rewrite-njalla-domain-setup
...
Rewrite Njal.la domain-setup instructions: remove IP box, clarify Name-field host-only rule, support subdomain-or-separate-domain
2026-06-22 19:46:10 -05:00
3eb347da06
Rewrite Njal.la domain-setup instructions (no IP box, Name-field clarification, subdomain-or-domain)
2026-06-23 00:44:39 +00:00
8d15b71c06
Initial plan
2026-06-23 00:40:49 +00:00
naturallaw777
a28ad04b55
removed uneeded livekit-cli
2026-06-18 16:51:15 -05:00
naturallaw777
6720b602ba
nixpkgs update
2026-06-18 16:05:02 -05:00
4e2264d5db
Fix Element Calling 30000-40000 port note: single rule with both TCP and UDP
...
The previous change incorrectly split the 30000-40000 TURN relay range into two
rows and told users to create two separate forwarding rules. On most routers
this range is a single port-forwarding rule with a protocol selector set to
"Both" (or TCP/UDP). Revert to a single row (protocol "TCP & UDP"), update the
note to say it's one rule with both protocols enabled, and restore the totals to
3 required + 5 optional = 8.
2026-06-13 11:59:18 -05:00
82a6221880
Clarify Element Calling 30000-40000 range needs separate TCP and UDP forwards
...
The onboarding Step 4 port table listed the 30000-40000 TURN relay range as a
single "TCP/UDP" row, which is ambiguous on most routers where TCP and UDP
forwards are separate entries. Split it into two explicit rows (TCP and UDP),
add a clarifying note, and update the totals so users create both forwarding
rules.
2026-06-13 11:50:43 -05:00
6ec1faf3e6
Merge pull request #311 from naturallaw777/copilot/migrate-federation-to-well-known
...
Migrate Matrix federation from port 8448 to .well-known/matrix/server delegation on 443
2026-06-13 10:04:42 -05:00
d3beee602d
feat: migrate Matrix federation from port 8448 to .well-known/matrix/server on 443
...
- modules/core/caddy.nix: replace $MATRIX:8448 site with .well-known/matrix/server handler inside $MATRIX vhost
- modules/element-calling.nix: add .well-known/matrix/server respond directive, remove $MATRIX:8448 block
- modules/synapse.nix: remove 8448 TCP/UDP firewall openings
- app/sovran_systemsos_web/server.py: remove _PORTS_MATRIX_FEDERATION constant, set matrix-synapse.service to [], simplify api_service_detail to only check LiveKit extra ports
- app/sovran_systemsos_web/static/onboarding.js: remove 8448 row from Step 4, update totals to 3/8 (3 required + 5 optional)
2026-06-13 14:52:26 +00:00
29960e9937
Initial plan
2026-06-13 14:49:39 +00:00
417456485a
Merge pull request #310 from naturallaw777/copilot/fix-iso-installer-imports
...
iso: remove orphaned branding.nix import from common.nix
2026-06-10 13:42:55 -05:00
0945092dde
Remove orphaned ./branding.nix import from iso/common.nix
2026-06-10 18:41:49 +00:00
6f12117521
Initial plan
2026-06-10 18:40:41 +00:00
naturallaw777
8bf8814fa7
nixpkgs update
2026-06-09 11:03:40 -05:00
d90b5b091b
Add files via upload
2026-06-05 15:15:19 -05:00
4275ac1d2f
Add files via upload
2026-06-05 13:27:04 -05:00
07b36d62d2
Merge pull request #309 from naturallaw777/copilot/add-desktop-screenshot
...
Add desktop screenshot to README
2026-06-05 13:20:41 -05:00
5fb8279d61
Improve screenshot alt text for accessibility
2026-06-05 18:14:13 +00:00
6eb63d3f85
Add desktop screenshot placeholder and README embed
2026-06-05 18:13:46 +00:00
2702854513
Plan README changes with placeholder screenshot
2026-06-05 18:13:16 +00:00
106537cc63
Initial plan
2026-06-05 17:56:09 +00:00
naturallaw777
dabb96e1b3
sync and removed element-desktop and bitwarden desktop
2026-06-05 10:29:20 -05:00
naturallaw777
2b5a154b99
updated nix packages
2026-06-05 10:27:51 -05:00
naturallaw777
e475b0f47d
updated stable branch
2026-06-05 10:04:13 -05:00
naturallaw777
8f81f8f1e2
moved to new bitcoin-knots with bip110
2026-06-04 16:06:58 -05:00
cd753a7e28
Merge pull request #308 from naturallaw777/copilot/fix-bip110-detection
...
Detect Knots `reduced_data` (RDTS) as BIP-110 in live status and add regression coverage
2026-06-04 15:18:10 -05:00
7ac1985508
Refine BIP110 matching and add regression coverage
2026-06-04 20:15:35 +00:00
0ecf2eb651
Fix BIP110 detection for reduced_data deployments
2026-06-04 20:11:58 +00:00
18c7095aaf
Initial plan
2026-06-04 20:07:44 +00:00
dcad276c59
Merge pull request #307 from naturallaw777/copilot/update-bip110-status-surface
...
Surface live BIP-110 deployment status on Bitcoin Knots tile
2026-06-04 14:51:22 -05:00
Sovran Systems
copilot-swe-agent[bot]
naturallaw777