Work_Archive/ToolDisks_ISO-WipeStation
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
249 Commits 1 Branch 0 Tags
896a594d9c4ec9a55becbe4d6eea28a47f13727c
Commit Graph

249 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
nodiscc
dc1b696be4 add mlocate/updatedb configuration: do not scan version control directories (.git, .svn ...) 2020-03-07 21:01:44 +01:00
nodiscc
250734c895 language: add localepurge configuration: 
- purge all locales except english and french locales
 - add dpkg hooks
 - delete localized manpages
 - show freed space (quick/imprecise calculation)
packages: remove duplicate entry
 2020-03-07 21:01:44 +01:00
nodiscc
4a4634b8ea disable systemd "predictable interface names" by overriding the system's default 99-default.link 
https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/
 2020-03-07 21:01:44 +01:00
nodiscc
a51e3d513e sudo: decrease sudo session timeout to 3 minutes instead of the default 15 minutes 2020-03-07 21:01:44 +01:00
nodiscc
51ed7dba45 sudo: do not trust user-defined $PATH, use standard system binaries PATH 2020-03-07 21:01:44 +01:00
nodiscc
9624db669c sudo: enable password feedback (stars) 2020-03-07 21:01:44 +01:00
nodiscc
c6bb714873 and openssh server (sshd) configuration. 
hardened configuration from https://github.com/dev-sec/ansible-ssh-hardening/ and https://gitlab.com/nodiscc/ansible-xsrv-common/
 2020-03-07 21:01:44 +01:00
nodiscc
e8c92d12eb lightdm: add greeter configuratino (background, visible indicators/clock, theme, icons, font, antialiasing) 2020-03-07 21:01:44 +01:00
nodiscc
08bab4afa1 laptop-mode: do not auto-suspend USB HID devices (mouse/keyboard) when laptop-mode activates 2020-03-07 21:01:44 +01:00
nodiscc
7b773cc066 laptop-mode: remount disks with noatime option when laptop-mode activates 2020-03-07 21:01:44 +01:00
nodiscc
ed20d9f7ec laptop-mode: set disk spinup interval to 20 seconds on battery, 5 seconds on AC 2020-03-07 21:01:44 +01:00
nodiscc
3964cc143d add grub configuration: 
- enable boot splash
 - enable dynamic power management for the radeon driver
 - force Linux mode in ACPI/BIOS, force using vendor specifc drivers for backlight (fixes backlight control on some BIOSes) https://unix.stackexchange.com/questions/110624/what-do-the-kernel-parameters-acpi-osi-linux-and-acpi-backlight-vendor-do
 - enable apparmor
 - add various configuration examples
 2020-03-07 21:01:43 +01:00
nodiscc
e7a8f631d0 enable fonctconfig configuration files 2020-03-07 21:01:43 +01:00
nodiscc
98aced2235 fontconfig: enable anti-aliasing 2020-03-07 21:01:43 +01:00
nodiscc
8b28562355 fontconfig: Use lcddefault as default for LCD filter 2020-03-07 21:01:43 +01:00
nodiscc
ac79c0d504 fontconfig: disable font hinting 2020-03-07 21:01:43 +01:00
nodiscc
6e4ca22ec1 apt: force downloads over IPv4 since IPv6 is disabled in sysctl 2020-03-07 21:01:43 +01:00
nodiscc
4307e5e1ec add sysctl configuration (networking/security) 2020-03-07 21:01:43 +01:00
nodiscc
1ebd8f794a add plymouth configuration (set boot screen theme to debian-logo) 2020-03-07 21:01:43 +01:00
nodiscc
eb786ed776 add apt sources configuration (debian buster + security + updates/proposed-updates + backports) 2020-03-07 21:01:43 +01:00
nodiscc
0ae4e4ce76 apt: disable installatino of "recommended" packages 
keeps the number of installed packages and disk space requirements to the minimum necessary
 2020-03-07 21:01:43 +01:00
nodiscc
b2e51f6e96 apt: configure automatic security/bugfix upgrades (unattended-upgrades): 
- auto-upgrade packages from buster-updates, proposed-updates, security, backports
 - split the upgrade into minimal steps (so that shutodwns during upgrades are possible)
 - enable logging to syslog
 - daily, automatic update of package lists, download and installation of upgrades
 2020-03-07 21:01:42 +01:00
nodiscc
10cb95271d config: add lightdm config: 
- disable xdmcp/vnc
- do no hide users list
- disable guest user
- set xfce as default sessions
 2020-03-07 21:01:42 +01:00
nodiscc
11501169b9 makefile: add https://gitlab.com/nodiscc/xfce4-terminal-colorschemes to extra downloads 2020-03-07 21:01:42 +01:00
nodiscc
798838b71a Makefile: add https://gitlab.com/nodiscc/cc0-wallpapers to extra downloads, add a separate 'clean' target 2020-03-07 21:01:42 +01:00
nodiscc
0d1298d0b0 config: ufw: enable firewall on boot, set log level to low 
https://manpages.debian.org/buster/ufw/ufw.8.en.html
 2020-03-07 21:01:42 +01:00
nodiscc
01394c3810 Makefile: add a target to download extra resources (plymouth-theme-debian-logo) 2020-03-07 21:01:42 +01:00
nodiscc
5449e10d1f add GNU GPLv3 license 2020-03-07 21:01:41 +01:00
nodiscc
5cc9d4f6b3 doc: custome.md add examples 2020-03-07 21:01:41 +01:00
nodiscc
4e5e33c37c doc: add main README.md and custom.md 2020-03-07 21:01:41 +01:00
nodiscc
6c98204ba6 doc: add CHANGELOG.md 2020-03-07 21:01:41 +01:00
nodiscc
b6f0891a5e doc: add changelog-archive.md (old changelog) 2020-03-07 21:01:41 +01:00
nodiscc
0376e64132 add installer preseed configuration: 
- disable network configuration
 - set the domain name to blank
 - load non-free firmware
 - install a generic linux image (all drivers)
 - set the debian mirror to https://deb.debian.org, but idsable use of a mirror
 - enable root logins
 - add the first user to common groups for desktop interaction + sudo
 - interpret the hardware clock to UTC
 - enable NTP, use pool.ntp.org server
 - enable contrib and non-free software
 - disable installer APT upgrade step since we run the installer offline
 - auto accept annoying license prompt for intel drivers
 - auto install grub to the MBR
 - auto install GRUB to the EFI removable media path
 - disable reboot prompt message
 2020-03-07 21:01:41 +01:00
nodiscc
a243a612f7 prseed: ensure home directories are not world-readable 2020-03-07 21:01:41 +01:00
nodiscc
6130356634 Makefile: add targets to download the ISO image from teh build server and run it in virt-manager/KVM virtual machine (tests) 2020-03-07 21:01:41 +01:00
nodiscc
6cb7c8bbfd doc: add documentation on how to build/customize the live system 2020-03-07 21:01:41 +01:00
nodiscc
d431afd98f Makefile: add a target to remind manually updating the version indicator in various files 2020-03-07 21:01:40 +01:00
nodiscc
98102aacbe add a live-build hook to enable multiarchitecture 
https://wiki.debian.org/Multiarch/HOWTO
 2020-03-07 21:01:37 +01:00
nodiscc
dd1223938c add a live-build hook to set teh default desktop session to xfce 2020-03-07 21:01:34 +01:00
nodiscc
b88c78ee74 add a live-build hook to set the default enabled/disabled status for systemd services 2020-03-07 21:01:30 +01:00
nodiscc
46e8d71a8b add a live-build hook to clear apt cacahe of downloaded pakages form final image 
cleanup is still incomplete https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947123
 2020-02-23 13:49:38 +01:00
nodiscc
d0432ef4ba add a live-build hook to remove unwanted packages from final image 2020-02-23 13:48:56 +01:00
nodiscc
f90fdd6bbb add bootloader (isolinux) configuration 
identical to default config + multilanguage boot options (english, french) + release/version indicator the menu
 2020-02-23 13:48:09 +01:00
nodiscc
c493abe6b2 Makefile: add targets to release a new version (ISO SHA512 checkums + GPG signature) 2020-02-23 13:46:39 +01:00
nodiscc
abcdbdc161 Makefile: add a target to build the iso image 2020-02-23 13:45:12 +01:00
nodiscc
3b312db1a5 add Makefile: add tageret to install build requirements 2020-02-23 13:41:33 +01:00
nodiscc
8cc16d60df add package lists 
497 manually installed packages
lists named after their respective xdg category
https://specifications.freedesktop.org/menu-spec/latest/apa.html
 2020-02-23 13:38:16 +01:00
nodiscc
7c7779a1c2 add main APT sources list for chroot build stage 2020-02-18 23:43:02 +01:00
nodiscc
1894c77e37 add basic configuration for 'lb build': 
- build an amd64 live system (Debian 10 "Buster")
 - don't install 'recommended' packages
 - enable contrib/non-free sections (required for firmwares)
 - enable stable-backports,security,stable-updates repositories
 - don't include source packages in the build (save space)
 - generate iso-hybrid images suitable for boot from USB
 - enable 'installer' mode allowing to install the live system to a fixed disk
 - install packages required for HTTPS APT sources
 - include binary firwares on the iso image
 - included memtest86+ and win32-loaded on the bootable media
 2020-02-08 18:26:36 +01:00