Sovran_Systems/Sovran_SystemsOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,242 Commits 3 Branches 0 Tags
3c4c6c7389b63c5ad84c85cec6e81b69c3b7a6d2
Commit Graph

351 Commits

Author SHA1 Message Date
copilot-swe-agent[bot]
950a6dabd8 Use /etc/shadow as source of truth for factory default password detection 
- server.py: add _is_free_password_default() helper that reads /etc/shadow
  and hashes known defaults ("free", "gosovransystems") via crypt module;
  update api_password_is_default to use it instead of reading the secrets file
- factory-seal.nix: replace file-based free-password check with shadow-based
  cryptographic check using python3 + crypt module; add pkgs.python3 to path;
  pass values via env vars to avoid shell expansion of hash $ characters

Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/31e6fc93-8b4b-47af-9c47-568da0905301

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 18:50:16 +00:00
copilot-swe-agent[bot]
069f6c3ec7 Avoid storing password in variable to prevent process listing exposure 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/c18311e4-609d-4edf-a2a1-a018baede373

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 18:27:32 +00:00
copilot-swe-agent[bot]
5a27b79b51 Fix security warning reappearing after every reboot 
Add two early-exit checks in sovran-legacy-security-check before the
legacy fallthrough block:
1. Exit if /var/lib/sovran/onboarding-complete exists (Hub onboarding done)
2. Exit if /var/lib/secrets/free-password exists and is not "free" (password changed)

This prevents the boot-time service from overwriting the security-status
file that /api/change-password clears after a successful password change.

Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/c18311e4-609d-4edf-a2a1-a018baede373

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 18:26:54 +00:00
copilot-swe-agent[bot]
ac9ba4776c Detect and warn when machine was set up without factory seal 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/169de2bb-0655-4504-a270-8c0341c0d3dd

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 17:48:38 +00:00
copilot-swe-agent[bot]
7a08bc0b2b Remove all PDF references: rename credentials-pdf.nix and update references 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/150954c9-65a0-4d5b-b8e2-08f301f07511

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 15:04:33 +00:00
copilot-swe-agent[bot]
6c433d642d Add zeus-connect-setup service and timer to wallet-autoconnect.nix 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/6b3d9c59-40e1-45c1-93f9-a5ba6547567b

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 14:52:40 +00:00
copilot-swe-agent[bot]
7a1cd8a6f6 fix(wordpress): use /run/wrappers/bin/su to fix su: command not found in wordpress-init service 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/24a9d2b1-6b09-41ac-bb3b-418f0ea2b2d7

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 14:46:46 +00:00
naturallaw77
9f1dd7def1 updated nextcloud.nix 2026-04-07 09:35:23 -05:00
Sovran_Systems
480f188d86 Merge pull request #110 from naturallaw777/copilot/remove-credentials-pdf-generator 
Factory security: per-device SSH passphrase, factory seal command, customer password onboarding
 2026-04-07 09:28:07 -05:00
naturallaw77
e2bd366bb3 updated nextcloud.nix 2026-04-07 09:27:25 -05:00
copilot-swe-agent[bot]
f80c8a0481 Factory security: per-device SSH passphrase, factory seal, password onboarding, remove PDF generator 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/4222f228-615c-4303-8286-979264c6f782

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 14:23:59 +00:00
naturallaw77
7e996fffa1 updated nextcloud.nix 2026-04-07 09:11:13 -05:00
copilot-swe-agent[bot]
dd8867b52f feat: add sovran_systemsOS.caddy.extraVirtualHosts NixOS option 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/e966dd20-b74e-4ec5-b4db-68aa06129162

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 13:06:35 +00:00
copilot-swe-agent[bot]
8286e00eb3 feat: create dedicated desktop dock icon and update nix build to use it 
- Add app/sovran_systemsos_web/static/sovran-hub-icon.svg: a new square
  256x256 app icon for the GNOME dock/dash. Uses the Sovran brand dark
  green (#0d3320) rounded-rectangle background, concentric arc rings in
  brand greens (#1C9954, #077233), and a white bold "S" letterform
  centered — visible at small sizes on both light and dark panels.
- Update modules/core/sovran-hub.nix line 266 to copy the new icon file
  to the hicolor icon path instead of reusing logo-light.svg.
- logo-light.svg is left untouched; it continues to serve the Hub web UI.

Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/e3f466ae-eee1-4ba8-b93c-00fe04c7054d

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 10:14:04 +00:00
copilot-swe-agent[bot]
4978d44ba2 Add bitcoind to sovran-hub-web PATH so Bitcoin version shows on Hub tiles 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/b8aaba8d-2c51-40ca-9826-69b78060a840

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 02:26:16 +00:00
copilot-swe-agent[bot]
27f27b1503 feat: add wallet-autoconnect module for Sparrow and Bisq 1 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/29aa6dce-667a-49a6-9740-68d501fed22c

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 01:44:43 +00:00
copilot-swe-agent[bot]
5123287ef7 Fix curl command in hub-autolaunch-script (remove unnecessary -w flag) 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/0b0d70c0-01d1-49d1-b9ca-8d4f8e5af64a

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 01:28:55 +00:00
copilot-swe-agent[bot]
13e3b76c88 Add hub auto-launch: XDG autostart, API endpoints, and frontend toggle 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/0b0d70c0-01d1-49d1-b9ca-8d4f8e5af64a

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 01:26:11 +00:00
naturallaw77
94d94fb7a2 fixed ssh at first boot 2026-04-06 18:40:17 -05:00
copilot-swe-agent[bot]
f7539dc9b6 Remove redundant terminal domain setup script and update stale references 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/ed7fee4d-b50e-4387-8eb6-46840b9d930f

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-06 23:27:52 +00:00
copilot-swe-agent[bot]
536eb0deb1 Add sovran-hub.desktop entry and icon to GNOME dock 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/42720669-f980-4f13-989e-0728ea9307de

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-05 16:52:40 +00:00
copilot-swe-agent[bot]
df2768c6fc feat: move sshd into its own Nix feature module, gate Tech Support behind it 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/d45dc36f-0b3b-48bb-950f-700afe45dd06

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-05 15:09:02 +00:00
copilot-swe-agent[bot]
6584b63c36 Revert commit 7c047a1: restore LAN access to Hub, RTL, and Mempool 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/c92f1a7f-7c42-44f1-a86d-089383bafc94

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-05 14:43:49 +00:00
copilot-swe-agent[bot]
7c047a16b7 Security: restrict RTL, Mempool ports to LAN-only; remove global firewall rules 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/1110322d-bc41-4d5d-9a4c-e5f7a5d2ef57

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-05 14:29:09 +00:00
copilot-swe-agent[bot]
af31c60be8 Add RDP to Bitcoin-only Node role 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/17c88629-43c4-438a-9640-7abe3609c82d

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-05 04:03:30 +00:00
copilot-swe-agent[bot]
58966646c2 feat: role-aware hub — service filtering, onboarding, upgrade path 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/af4088da-8845-4f7f-914f-259fd33884ed

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-05 03:55:20 +00:00
copilot-swe-agent[bot]
67b533146a Fix icon name mismatches and add haven.svg for Haven Relay tile 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/f7fed319-711f-4ced-b732-6d832289bf4d

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-05 02:30:55 +00:00
copilot-swe-agent[bot]
dd9ff2f4b2 Fix 5 issues: Caddy domain, Zeus emoji, Feature Manager in tiles, header centering, domain dialog content 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/faca798f-6820-4db6-adc9-d5a5c9ac1ba1

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-04 16:25:36 +00:00
copilot-swe-agent[bot]
2a105edf04 Update tech support protected paths: remove root/.lnd, sparrow, bisq; add /home 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/c1303e8b-ff51-4951-b64c-2162d9e9a805

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-04 13:16:22 +00:00
copilot-swe-agent[bot]
85396e804d Add NixOS tech-support module and security documentation 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/7e7a94ca-202b-4eb5-aa3a-a36a1365574b

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-04 01:31:56 +00:00
copilot-swe-agent[bot]
ed1548ea81 Add Avahi mDNS hostName override and Caddy .local block for sovransystemsos.local LAN access 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/ca3945d7-a2cb-4121-bd89-a5e3fe31fc47

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-04 00:40:24 +00:00
copilot-swe-agent[bot]
0a323d7b3c Revert hostName/mDNS/Caddy .local block changes from PR #34 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/8d17fed2-7329-442e-bfa5-a96a38fb31e4

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-04 00:24:10 +00:00
copilot-swe-agent[bot]
08452e06cc feat: enable mDNS (Avahi) and local reverse proxy for sovransystemsos.local 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/4159c571-2bfb-48fc-a6bc-e0765ef88ef6

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-03 21:08:21 +00:00
copilot-swe-agent[bot]
df5ad3afe2 Add dynamic port status detection and improved port forwarding instructions 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/cd52f6a2-250b-49e3-8558-aa2ae7512d1b

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-03 17:29:02 +00:00
naturallaw77
d4f81339ef added awk command 2026-04-03 11:36:03 -05:00
copilot-swe-agent[bot]
0f4f53b9e5 fix: matrix-synapse-create-users always writes individual Hub credential files 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/4259c835-2875-4a48-86c9-1efccbeb6887

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-03 16:32:25 +00:00
copilot-swe-agent[bot]
b1386ba701 Fix Matrix credentials modal: write individual credential files and update hub config 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/f4c4df17-1ef8-4b72-be8a-82472a5f4476

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-03 16:12:00 +00:00
copilot-swe-agent[bot]
570a767636 fix(synapse): tolerate existing users in matrix-synapse-create-users script 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/f76f46da-0836-4295-8e26-c656acc38e3f

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-03 15:44:00 +00:00
copilot-swe-agent[bot]
e6cdb3b840 Add RTL and Mempool LAN reverse proxies, open firewall ports 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/d29c1b82-a70e-4092-88c7-b521a1b3cac3

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-03 15:21:01 +00:00
copilot-swe-agent[bot]
3c6106d06a Eliminate hub-overrides.nix: write feature toggles into custom.nix instead 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/db82f216-af3e-4d7f-a972-86c03f23e069

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-03 14:28:24 +00:00
naturallaw77
f3d75b9ba5 updated wiring for hub feature enable 2026-04-03 08:37:21 -05:00
naturallaw77
801b46b95f deeper fix for RDP regeneration 2026-04-03 07:16:01 -05:00
naturallaw77
bc7a9d96da deeper fix for RDP regeneration 2026-04-03 07:10:40 -05:00
naturallaw77
1f273d9229 fix for RDP regeneration 2026-04-03 07:08:09 -05:00
copilot-swe-agent[bot]
b9c8c20347 feat: add Feature Manager to Sovran Hub dashboard 
- flake.nix: import /etc/nixos/hub-overrides.nix alongside custom.nix
- sovran-hub.nix: add hub-overrides-init service (seeds file if missing),
  sovran-hub-rebuild service (nixos-rebuild switch only), and
  feature_manager=true in generated config.json
- server.py: add FEATURE_REGISTRY with 6 features (rdp, haven,
  element-calling, mempool, bip110, bitcoin-core); add hub-overrides.nix
  read/write helpers; add /api/features, /api/features/toggle,
  /api/rebuild/status, /api/domains/set, /api/domains/set-email,
  /api/domains/status endpoints; update /api/config to expose feature_manager
- index.html: add domain setup modal, SSL email modal, feature confirm
  modal, and rebuild modal HTML
- app.js: add Feature Manager rendering with sub-category layout,
  feature toggle cards with sliding toggles, domain setup flow,
  SSL email collection, conflict confirmation, rebuild polling
- style.css: add Feature Manager styles (feature cards, toggle switch,
  domain badge, conflict warning, domain input fields)"

Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/9088415a-efc3-4dd1-9c22-877a543af47b

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-02 23:24:17 +00:00
naturallaw77
e436b2f7a6 added service feature 2026-04-02 17:08:20 -05:00
naturallaw77
c4307f358c fixed RDP layout 2026-04-02 16:48:01 -05:00
naturallaw77
b63ad15cc1 fixed RDP layout 2026-04-02 16:45:27 -05:00
naturallaw77
51c458c33a added RDP 2026-04-02 16:39:01 -05:00
naturallaw77
4d23197aa3 added qr code 2026-04-02 16:23:45 -05:00