Sovran_Systems/Sovran_SystemsOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,308 Commits 3 Branches 0 Tags
21bf0ff03f9c3ef2c1467148f547464332f7ae76
Commit Graph

365 Commits

Author SHA1 Message Date
Sovran_Systems
21bf0ff03f Merge pull request #149 from naturallaw777/copilot/add-cache-busting-headers 
[WIP] Add cache-busting and data-clearing HTTP headers
 2026-04-08 09:52:40 -05:00
copilot-swe-agent[bot]
a2d2dac2b9 Add cache-busting and Clear-Site-Data headers for sovransystemsos.local browser access 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/0e1cbb58-3e7f-412b-be95-8907caaab6f3

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-08 14:52:13 +00:00
Sovran_Systems
46f8eb5308 Merge pull request #148 from naturallaw777/copilot/create-brave-launcher-wrapper 
Use ephemeral Brave profile for Hub desktop app to prevent data persistence
 2026-04-08 09:48:08 -05:00
copilot-swe-agent[bot]
5ab4021100 Fix RDP frozen screen: add session-level GNOME Remote Desktop configuration 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/e099592f-2d1e-4894-a91c-b4ef9b4a5244

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-08 14:46:52 +00:00
copilot-swe-agent[bot]
73cd5faab0 Add Brave wrapper script for isolated, ephemeral Hub sessions 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/ebc41311-f7da-40dd-b85b-87db3176a69a

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-08 14:45:00 +00:00
copilot-swe-agent[bot]
cfd416002d Fix dock icon size and RDP frozen screen regressions from PR #144 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/25eb7e56-2284-4030-a9dd-75f2f9a2917c

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-08 13:43:57 +00:00
copilot-swe-agent[bot]
78b08758f1 fix: brave --app mode, StartupWMClass, and icon PNGs for Sovran Hub dock 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/6f932322-cc0e-4fff-aca1-b853770c0817

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-08 13:17:09 +00:00
copilot-swe-agent[bot]
f0b7152c41 fix: rasterize sovran-hub icon to PNG at standard hicolor sizes 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/e414bb3e-f166-48b2-bac9-ad36c24aceb6

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-08 12:25:36 +00:00
copilot-swe-agent[bot]
ff55dce746 Add mount dependency for bitcoind and electrs systemd services 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/1def4c7b-d90d-4b0c-87a7-87dc729661b1

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-08 00:23:35 +00:00
naturallaw77
8839620e63 updated caddy.nix 2026-04-07 17:36:26 -05:00
copilot-swe-agent[bot]
6d1c360c02 Replace tmpfiles rules with systemd oneshot service for recursive chown on second drive 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/96b8f8fe-5a1d-42e5-8b2d-5dd5aee96044

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 21:29:33 +00:00
copilot-swe-agent[bot]
742f680d0d fix: replace Python crypt module with openssl passwd for Python 3.13 compatibility 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/9544e3d5-f7f8-4299-9198-3b5f1f835d14

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 21:11:13 +00:00
copilot-swe-agent[bot]
c2bd3f6273 Add sovran-auto-seal systemd service to factory-seal.nix 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/869df8d4-3811-4a1a-b026-e978d3a81589

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 20:43:15 +00:00
copilot-swe-agent[bot]
5231b5ca4b Add systemd.tmpfiles.rules for Bitcoin/Electrs directory permissions 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/ea46340b-7cf5-404b-9cef-b5ed1fcb2ecb

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 20:21:07 +00:00
copilot-swe-agent[bot]
950a6dabd8 Use /etc/shadow as source of truth for factory default password detection 
- server.py: add _is_free_password_default() helper that reads /etc/shadow
  and hashes known defaults ("free", "gosovransystems") via crypt module;
  update api_password_is_default to use it instead of reading the secrets file
- factory-seal.nix: replace file-based free-password check with shadow-based
  cryptographic check using python3 + crypt module; add pkgs.python3 to path;
  pass values via env vars to avoid shell expansion of hash $ characters

Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/31e6fc93-8b4b-47af-9c47-568da0905301

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 18:50:16 +00:00
copilot-swe-agent[bot]
069f6c3ec7 Avoid storing password in variable to prevent process listing exposure 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/c18311e4-609d-4edf-a2a1-a018baede373

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 18:27:32 +00:00
copilot-swe-agent[bot]
5a27b79b51 Fix security warning reappearing after every reboot 
Add two early-exit checks in sovran-legacy-security-check before the
legacy fallthrough block:
1. Exit if /var/lib/sovran/onboarding-complete exists (Hub onboarding done)
2. Exit if /var/lib/secrets/free-password exists and is not "free" (password changed)

This prevents the boot-time service from overwriting the security-status
file that /api/change-password clears after a successful password change.

Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/c18311e4-609d-4edf-a2a1-a018baede373

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 18:26:54 +00:00
copilot-swe-agent[bot]
ac9ba4776c Detect and warn when machine was set up without factory seal 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/169de2bb-0655-4504-a270-8c0341c0d3dd

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 17:48:38 +00:00
copilot-swe-agent[bot]
7a08bc0b2b Remove all PDF references: rename credentials-pdf.nix and update references 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/150954c9-65a0-4d5b-b8e2-08f301f07511

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 15:04:33 +00:00
copilot-swe-agent[bot]
6c433d642d Add zeus-connect-setup service and timer to wallet-autoconnect.nix 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/6b3d9c59-40e1-45c1-93f9-a5ba6547567b

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 14:52:40 +00:00
copilot-swe-agent[bot]
7a1cd8a6f6 fix(wordpress): use /run/wrappers/bin/su to fix su: command not found in wordpress-init service 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/24a9d2b1-6b09-41ac-bb3b-418f0ea2b2d7

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 14:46:46 +00:00
naturallaw77
9f1dd7def1 updated nextcloud.nix 2026-04-07 09:35:23 -05:00
Sovran_Systems
480f188d86 Merge pull request #110 from naturallaw777/copilot/remove-credentials-pdf-generator 
Factory security: per-device SSH passphrase, factory seal command, customer password onboarding
 2026-04-07 09:28:07 -05:00
naturallaw77
e2bd366bb3 updated nextcloud.nix 2026-04-07 09:27:25 -05:00
copilot-swe-agent[bot]
f80c8a0481 Factory security: per-device SSH passphrase, factory seal, password onboarding, remove PDF generator 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/4222f228-615c-4303-8286-979264c6f782

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 14:23:59 +00:00
naturallaw77
7e996fffa1 updated nextcloud.nix 2026-04-07 09:11:13 -05:00
copilot-swe-agent[bot]
dd8867b52f feat: add sovran_systemsOS.caddy.extraVirtualHosts NixOS option 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/e966dd20-b74e-4ec5-b4db-68aa06129162

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 13:06:35 +00:00
copilot-swe-agent[bot]
8286e00eb3 feat: create dedicated desktop dock icon and update nix build to use it 
- Add app/sovran_systemsos_web/static/sovran-hub-icon.svg: a new square
  256x256 app icon for the GNOME dock/dash. Uses the Sovran brand dark
  green (#0d3320) rounded-rectangle background, concentric arc rings in
  brand greens (#1C9954, #077233), and a white bold "S" letterform
  centered — visible at small sizes on both light and dark panels.
- Update modules/core/sovran-hub.nix line 266 to copy the new icon file
  to the hicolor icon path instead of reusing logo-light.svg.
- logo-light.svg is left untouched; it continues to serve the Hub web UI.

Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/e3f466ae-eee1-4ba8-b93c-00fe04c7054d

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 10:14:04 +00:00
copilot-swe-agent[bot]
4978d44ba2 Add bitcoind to sovran-hub-web PATH so Bitcoin version shows on Hub tiles 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/b8aaba8d-2c51-40ca-9826-69b78060a840

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 02:26:16 +00:00
copilot-swe-agent[bot]
27f27b1503 feat: add wallet-autoconnect module for Sparrow and Bisq 1 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/29aa6dce-667a-49a6-9740-68d501fed22c

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 01:44:43 +00:00
copilot-swe-agent[bot]
5123287ef7 Fix curl command in hub-autolaunch-script (remove unnecessary -w flag) 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/0b0d70c0-01d1-49d1-b9ca-8d4f8e5af64a

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 01:28:55 +00:00
copilot-swe-agent[bot]
13e3b76c88 Add hub auto-launch: XDG autostart, API endpoints, and frontend toggle 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/0b0d70c0-01d1-49d1-b9ca-8d4f8e5af64a

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 01:26:11 +00:00
naturallaw77
94d94fb7a2 fixed ssh at first boot 2026-04-06 18:40:17 -05:00
copilot-swe-agent[bot]
f7539dc9b6 Remove redundant terminal domain setup script and update stale references 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/ed7fee4d-b50e-4387-8eb6-46840b9d930f

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-06 23:27:52 +00:00
copilot-swe-agent[bot]
536eb0deb1 Add sovran-hub.desktop entry and icon to GNOME dock 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/42720669-f980-4f13-989e-0728ea9307de

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-05 16:52:40 +00:00
copilot-swe-agent[bot]
df2768c6fc feat: move sshd into its own Nix feature module, gate Tech Support behind it 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/d45dc36f-0b3b-48bb-950f-700afe45dd06

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-05 15:09:02 +00:00
copilot-swe-agent[bot]
6584b63c36 Revert commit 7c047a1: restore LAN access to Hub, RTL, and Mempool 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/c92f1a7f-7c42-44f1-a86d-089383bafc94

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-05 14:43:49 +00:00
copilot-swe-agent[bot]
7c047a16b7 Security: restrict RTL, Mempool ports to LAN-only; remove global firewall rules 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/1110322d-bc41-4d5d-9a4c-e5f7a5d2ef57

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-05 14:29:09 +00:00
copilot-swe-agent[bot]
af31c60be8 Add RDP to Bitcoin-only Node role 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/17c88629-43c4-438a-9640-7abe3609c82d

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-05 04:03:30 +00:00
copilot-swe-agent[bot]
58966646c2 feat: role-aware hub — service filtering, onboarding, upgrade path 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/af4088da-8845-4f7f-914f-259fd33884ed

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-05 03:55:20 +00:00
copilot-swe-agent[bot]
67b533146a Fix icon name mismatches and add haven.svg for Haven Relay tile 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/f7fed319-711f-4ced-b732-6d832289bf4d

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-05 02:30:55 +00:00
copilot-swe-agent[bot]
dd9ff2f4b2 Fix 5 issues: Caddy domain, Zeus emoji, Feature Manager in tiles, header centering, domain dialog content 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/faca798f-6820-4db6-adc9-d5a5c9ac1ba1

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-04 16:25:36 +00:00
copilot-swe-agent[bot]
2a105edf04 Update tech support protected paths: remove root/.lnd, sparrow, bisq; add /home 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/c1303e8b-ff51-4951-b64c-2162d9e9a805

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-04 13:16:22 +00:00
copilot-swe-agent[bot]
85396e804d Add NixOS tech-support module and security documentation 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/7e7a94ca-202b-4eb5-aa3a-a36a1365574b

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-04 01:31:56 +00:00
copilot-swe-agent[bot]
ed1548ea81 Add Avahi mDNS hostName override and Caddy .local block for sovransystemsos.local LAN access 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/ca3945d7-a2cb-4121-bd89-a5e3fe31fc47

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-04 00:40:24 +00:00
copilot-swe-agent[bot]
0a323d7b3c Revert hostName/mDNS/Caddy .local block changes from PR #34 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/8d17fed2-7329-442e-bfa5-a96a38fb31e4

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-04 00:24:10 +00:00
copilot-swe-agent[bot]
08452e06cc feat: enable mDNS (Avahi) and local reverse proxy for sovransystemsos.local 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/4159c571-2bfb-48fc-a6bc-e0765ef88ef6

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-03 21:08:21 +00:00
copilot-swe-agent[bot]
df5ad3afe2 Add dynamic port status detection and improved port forwarding instructions 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/cd52f6a2-250b-49e3-8558-aa2ae7512d1b

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-03 17:29:02 +00:00
naturallaw77
d4f81339ef added awk command 2026-04-03 11:36:03 -05:00
copilot-swe-agent[bot]
0f4f53b9e5 fix: matrix-synapse-create-users always writes individual Hub credential files 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/4259c835-2875-4a48-86c9-1efccbeb6887

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-03 16:32:25 +00:00