Sovran_Systems/Sovran_SystemsOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,254 Commits 3 Branches 0 Tags
6ffcc056ad5bba3219cb7a181c0dda822b69b482
Commit Graph

1254 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sovran_Systems
6ffcc056ad Merge pull request #131 from naturallaw777/copilot/fix-sovran-legacy-security-check 
Replace Python `crypt` module with `openssl passwd` (Python 3.13 compatibility)
 2026-04-07 16:17:02 -05:00
copilot-swe-agent[bot]
742f680d0d fix: replace Python crypt module with openssl passwd for Python 3.13 compatibility 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/9544e3d5-f7f8-4299-9198-3b5f1f835d14

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 21:11:13 +00:00
copilot-swe-agent[bot]
c872f1c6b0 Initial plan 2026-04-07 21:04:58 +00:00
Sovran_Systems
bc5a40f143 Merge pull request #130 from naturallaw777/copilot/add-sovran-auto-seal-service 
Add sovran-auto-seal: automatic first-boot seal with live-system safety guards
 2026-04-07 15:48:25 -05:00
copilot-swe-agent[bot]
c2bd3f6273 Add sovran-auto-seal systemd service to factory-seal.nix 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/869df8d4-3811-4a1a-b026-e978d3a81589

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 20:43:15 +00:00
copilot-swe-agent[bot]
343dee3576 Initial plan 2026-04-07 20:40:53 +00:00
Sovran_Systems
ebcafd3c6d Merge pull request #129 from naturallaw777/copilot/add-tmpfiles-rules-for-bitcoin-electrs 
[WIP] Add tmpfiles rules for Bitcoin and Electrs data directories
 2026-04-07 15:21:26 -05:00
copilot-swe-agent[bot]
5231b5ca4b Add systemd.tmpfiles.rules for Bitcoin/Electrs directory permissions 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/ea46340b-7cf5-404b-9cef-b5ed1fcb2ecb

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 20:21:07 +00:00
Sovran_Systems
1195456bee Merge pull request #128 from naturallaw777/copilot/fix-flake-nix-references 
[WIP] Fix flake.nix references after nixos-install cleanup
 2026-04-07 15:21:02 -05:00
copilot-swe-agent[bot]
48de6b9821 fix(installer): improve error handling for deployed flake.nix write 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/b7dfaecc-2b2e-4f5f-bb9a-f97ced90e76e

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 20:20:36 +00:00
copilot-swe-agent[bot]
cd4a17fe31 Initial plan 2026-04-07 20:20:01 +00:00
copilot-swe-agent[bot]
d3a5b3e6ef fix(installer): write deployed flake.nix and remove flake.lock after install cleanup 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/b7dfaecc-2b2e-4f5f-bb9a-f97ced90e76e

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 20:18:36 +00:00
copilot-swe-agent[bot]
3c4c6c7389 Initial plan 2026-04-07 20:16:57 +00:00
Sovran_Systems
876f728aa2 Merge pull request #127 from naturallaw777/copilot/update-api-password-check 
Use /etc/shadow as authoritative source for factory default password detection
 2026-04-07 13:55:53 -05:00
copilot-swe-agent[bot]
950a6dabd8 Use /etc/shadow as source of truth for factory default password detection 
- server.py: add _is_free_password_default() helper that reads /etc/shadow
  and hashes known defaults ("free", "gosovransystems") via crypt module;
  update api_password_is_default to use it instead of reading the secrets file
- factory-seal.nix: replace file-based free-password check with shadow-based
  cryptographic check using python3 + crypt module; add pkgs.python3 to path;
  pass values via env vars to avoid shell expansion of hash $ characters

Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/31e6fc93-8b4b-47af-9c47-568da0905301

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 18:50:16 +00:00
copilot-swe-agent[bot]
1d9589a186 Initial plan 2026-04-07 18:46:24 +00:00
Sovran_Systems
b13fa7dc05 Merge pull request #126 from naturallaw777/copilot/fix-security-warning-reappearance 
Fix legacy security warning reappearing on every reboot after password change
 2026-04-07 13:29:32 -05:00
copilot-swe-agent[bot]
069f6c3ec7 Avoid storing password in variable to prevent process listing exposure 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/c18311e4-609d-4edf-a2a1-a018baede373

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 18:27:32 +00:00
copilot-swe-agent[bot]
5a27b79b51 Fix security warning reappearing after every reboot 
Add two early-exit checks in sovran-legacy-security-check before the
legacy fallthrough block:
1. Exit if /var/lib/sovran/onboarding-complete exists (Hub onboarding done)
2. Exit if /var/lib/secrets/free-password exists and is not "free" (password changed)

This prevents the boot-time service from overwriting the security-status
file that /api/change-password clears after a successful password change.

Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/c18311e4-609d-4edf-a2a1-a018baede373

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 18:26:54 +00:00
copilot-swe-agent[bot]
72453c80bf Initial plan 2026-04-07 18:25:47 +00:00
naturallaw77
14800ffb1e update flake 2026-04-07 13:14:21 -05:00
naturallaw77
e2f36d01bc update flake 2026-04-07 13:13:06 -05:00
naturallaw77
55b231b456 update flake and installer 2026-04-07 13:11:39 -05:00
Sovran_Systems
b4b2607df1 Merge pull request #125 from naturallaw777/copilot/update-security-check-for-unsealed-state 
[WIP] Update sovran-legacy-security-check to warn on unsealed state
 2026-04-07 12:50:45 -05:00
copilot-swe-agent[bot]
ac9ba4776c Detect and warn when machine was set up without factory seal 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/169de2bb-0655-4504-a270-8c0341c0d3dd

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 17:48:38 +00:00
copilot-swe-agent[bot]
85aca0d022 Initial plan 2026-04-07 17:45:41 +00:00
Sovran_Systems
80c74b2d1a Merge pull request #124 from naturallaw777/copilot/add-password-creation-step-onboarding 
Add password creation step to first-boot onboarding wizard
 2026-04-07 12:45:34 -05:00
copilot-swe-agent[bot]
d28f224ad5 feat: add password creation step to onboarding wizard (#2) 
- Add GET /api/security/password-is-default endpoint in server.py
- Add Step 2 (Create Your Password) to onboarding wizard HTML
- Renumber old steps: Domains→3, Ports→4, Complete→5
- Add 5th step dot indicator
- Update onboarding.js: TOTAL_STEPS=5, ROLE_SKIP_STEPS=[3,4] for desktop/node
- Add loadStep2/saveStep2 for password step with smart default detection
- Rename old step functions to loadStep3/saveStep3/loadStep4
- Add password form CSS styles in onboarding.css

Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/74a30916-fb2d-4f1d-9763-e380b1aa5540

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 17:36:59 +00:00
copilot-swe-agent[bot]
f2a808ed13 Initial plan 2026-04-07 17:29:46 +00:00
Sovran_Systems
4ef420651d Merge pull request #122 from naturallaw777/copilot/fix-installer-create-password-step 
Fix installer password step: replace chroot+sh with direct chpasswd --root
 2026-04-07 12:17:24 -05:00
copilot-swe-agent[bot]
65ce66a541 Fix chpasswd: run directly from host with --root /mnt, no chroot needed 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/3ff98bf4-8f62-4c81-90fd-36854e88266f

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 17:14:32 +00:00
copilot-swe-agent[bot]
deae53b721 Initial plan 2026-04-07 17:13:16 +00:00
Sovran_Systems
f459e83861 Merge pull request #121 from naturallaw777/copilot/fix-change-password-form-issues 
Fix System Passwords change-password form: chpasswd path on NixOS, show/hide toggle, UX clarity
 2026-04-07 12:03:23 -05:00
copilot-swe-agent[bot]
badab99242 Fix chpasswd path on NixOS, add password toggle/hints/validation in change-password form 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/de03873d-5cdb-4929-bd4a-4d306916b525

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 17:01:54 +00:00
copilot-swe-agent[bot]
84124ba1b1 Initial plan 2026-04-07 16:57:23 +00:00
Sovran_Systems
2ad0d2072d Merge pull request #119 from naturallaw777/copilot/fix-change-passwords-button 
[WIP] Fix non-functional change passwords button in Hub
 2026-04-07 11:45:15 -05:00
copilot-swe-agent[bot]
ff1632dcda Fix Change Passwords button: add API endpoint, system password modal, fix security banner link 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/bf43bea9-9f93-4f7b-b6fd-c76714e7f25b

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 16:44:57 +00:00
Sovran_Systems
531b8c1d09 Merge pull request #120 from naturallaw777/copilot/fix-installer-password-step 
[WIP] Fix installer failure at 'Create Password' step
 2026-04-07 11:44:49 -05:00
copilot-swe-agent[bot]
a8128cef8d Fix chpasswd: find binary in Nix store and pipe password inline 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/630a25f6-417a-47de-b163-b519252b403c

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 16:43:50 +00:00
copilot-swe-agent[bot]
3baffb2a69 Initial plan 2026-04-07 16:42:51 +00:00
copilot-swe-agent[bot]
06bdf999a6 Initial plan 2026-04-07 16:41:02 +00:00
Sovran_Systems
76ff1f4d4f Merge pull request #118 from naturallaw777/copilot/fix-update-status-handling 
[WIP] Fix update status handling for interrupted builds
 2026-04-07 11:29:49 -05:00
copilot-swe-agent[bot]
2360b4147c fix: recover stale RUNNING status files on Hub server startup 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/22f9df39-fb39-4ffb-8c6b-c7323a894bee

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 16:29:08 +00:00
copilot-swe-agent[bot]
37874ff58e Initial plan 2026-04-07 16:26:26 +00:00
Sovran_Systems
aef13155fc Merge pull request #117 from naturallaw777/copilot/remove-security-warning-modal 
[WIP] Remove legacy password warning modal and add inline message
 2026-04-07 11:17:56 -05:00
copilot-swe-agent[bot]
1d4f104524 Replace security warning modal with inline banner in Preferences section 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/e7946288-08c7-4081-85dd-6780f1eba17a

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 16:17:23 +00:00
copilot-swe-agent[bot]
11ec4b4816 Initial plan 2026-04-07 16:14:42 +00:00
Sovran_Systems
2bd899848d Merge pull request #115 from naturallaw777/copilot/add-password-warning-screen 
[WIP] Add old password warning screen for legacy machines
 2026-04-07 10:50:11 -05:00
Sovran_Systems
18a6e8d24c Merge pull request #116 from naturallaw777/copilot/fix-installer-password-error 
Fix installer password step: replace bare chroot with nixos-enter
 2026-04-07 10:49:31 -05:00
copilot-swe-agent[bot]
13c686a8a1 feat: add legacy security warning API and UI modal for pre-factory-seal machines 
Agent-Logs-Url: https://github.com/naturallaw777/staging_alpha/sessions/f7c8f11b-873b-403f-ac55-8b5b7cd9f1fb

Co-authored-by: naturallaw777 <99053422+naturallaw777@users.noreply.github.com>
 2026-04-07 15:49:25 +00:00