DeBros/orama
4
0
Fork 0
mirror of https://github.com/DeBrosOfficial/orama.git synced 2026-06-17 03:54:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
572 Commits 6 Branches 159 Tags
Commit Graph

111 Commits

Author SHA1 Message Date
anonpenguin23
d811810f17 refactor(remotessh): use rwagent directly instead of rw CLI subprocesses 
- replace `rw vault ssh` calls with `rwagent.Client` in PrepareNodeKeys,
  LoadAgentKeys, EnsureVaultEntry, ResolveVaultPublicKey
- add vaultClient interface, newClient func, and wrapAgentError for
  testability and improved error messages
- prefer pre-built systemd dir in installNamespaceTemplates
 2026-03-20 07:23:10 +02:00
anonpenguin23
48d834ae09 feat(monitor): add sandbox environment support 
- load nodes from active sandbox state for env=sandbox
- extract fanoutArchive for efficient server-to-server distribution
 2026-03-09 10:19:40 +02:00
anonpenguin23
c4fbdcb6a7 feat(sandbox): optimize archive upload via server-to-server fanout 
- add WithNoHostKeyCheck option for ephemeral server IPs
- upload binary to genesis then distribute to other nodes (faster)
- improve provisioning error handling for cleanup on partial failure
 2026-03-07 14:27:09 +02:00
anonpenguin23
8bc94eeab2 docs: add security hardening and OramaOS deployment docs 
- Document WireGuard IPv6 disable, service auth, token security, process isolation
- Introduce OramaOS architecture, enrollment flow, and management via Gateway API
- Add troubleshooting for RQLite/Olric auth, OramaOS LUKS/enrollment issues
 2026-02-28 15:41:04 +02:00
anonpenguin23
986212d4d4 feat(security): add manifest signing, TLS TOFU, refresh token migration 
- Invalidate plaintext refresh tokens (migration 019)
- Add `--sign` flag to `orama build` for rootwallet manifest signing
- Add `--ca-fingerprint` TOFU verification for production joins/invites
- Save cluster secrets from join (RQLite auth, Olric key, IPFS peers)
- Add RQLite auth config fields
 2026-02-28 15:40:43 +02:00
anonpenguin23
f71593af4a feat: add sandbox command and vault guardian build 
- integrate Zig-built vault-guardian into cross-compile process
- add `orama sandbox` for ephemeral Hetzner Cloud clusters
- update docs for `orama node` subcommands and new guides
 2026-02-27 15:22:51 +02:00
anonpenguin23
a1c6688901 Remove legacy deployment and upgrade scripts 
- Deleted redeploy.sh, which handled redeployment to nodes in devnet/testnet environments.
- Removed upgrade-nodes.sh, responsible for rolling upgrades of nodes.
- Eliminated upload-source-fanout.sh, which uploaded source archives to nodes in parallel.
- Removed upload-source.sh, used for uploading and extracting source archives to VPS nodes.
 2026-02-24 14:24:25 +02:00
anonpenguin23
b4a51576d8 Bump version to 0.112.2 and update TURN server configuration 
- Updated version in Makefile to 0.112.2.
- Enhanced SFU server error handling to ignore http.ErrServerClosed.
- Added TURNS (TURN over TLS) configuration options in TURN server and related components.
- Updated firewall rules to include TURNS ports and modified related tests.
- Implemented self-signed certificate generation for TURNS.
- Adjusted TURN server to support both UDP and TCP listeners.
- Updated WebRTC and SFU components to accommodate new TURNS configurations.
 2026-02-23 16:32:32 +02:00
anonpenguin23
0db851a611 feat: disable HTTP/3 in Caddy to free UDP 443 for TURN server and add patch script 2026-02-21 18:30:28 +02:00
anonpenguin23
7eb1f5eac8 feat: add WebRTC support with SFU and TURN server integration, including configuration, monitoring, and API endpoints 2026-02-21 11:31:20 +02:00
anonpenguin23
ed28d40103 feat: implement suspect node handling with callbacks for DNS record management 2026-02-20 09:27:35 +02:00
anonpenguin23
9f668cefa4 Bug fixing 2026-02-18 11:20:16 +02:00
anonpenguin23
89b6ab7c5e Updated docs and bug fixing 2026-02-17 08:49:16 +02:00
anonpenguin23
e1a5f2f843 A ton of updates on the monitoring mostly bug fixes 2026-02-16 16:35:29 +02:00
anonpenguin23
226d36f04c Refactor installation scripts and improve security measures 
- Updated `clean-testnet.sh` to stop and disable legacy services.
- Added `upload-source.sh` for streamlined source archive uploads.
- Enhanced password input handling in `ssh.go` for better security.
- Adjusted directory permissions in `validator.go` for improved security.
- Simplified node configuration logic in `config.go`.
- Removed unnecessary commands from `gateway.go` to streamline installation.
 2026-02-16 10:01:35 +02:00
anonpenguin23
f9da3b601d Moved everything to root user and to /opt/orama from home/orama/.orama 2026-02-14 14:33:38 +02:00
anonpenguin23
17148dcc5a Renamed debros to orama 2026-02-14 14:14:04 +02:00
anonpenguin23
9319d03f3f Updated installation process simplified it 2026-02-14 14:06:14 +02:00
anonpenguin23
35572d2aca Security audit, code cleanup 2026-02-13 14:33:11 +02:00
anonpenguin23
9d13b085ac Did a lot of cleanup and bug fixing 2026-02-13 12:47:02 +02:00
anonpenguin23
73b92ccb5c Cleaned up development environment 2026-02-13 10:33:11 +02:00
anonpenguin23
392eeb6cdc Auto node recovery and failover if node is dead, added wallet authentication with phantom and root wallet + cluster repair logic 2026-02-13 08:16:01 +02:00
anonpenguin23
989be553d2 created patch and fixed authentication issue for ipfs bug and cross node communication 2026-02-12 07:40:43 +02:00
anonpenguin23
34aba92cca Collector updates and bug fixes + patches scripts created 2026-02-11 15:08:20 +02:00
anonpenguin23
3f10ebdbd3 Did a small refactor, code clean, remove dead code, legacy etc 2026-02-11 07:43:33 +02:00
anonpenguin23
8f10bbc84f Fixed WG port issues and production firewall fixes 2026-02-10 09:39:26 +02:00
anonpenguin23
210d215d58 Updated docs and bug fixes and updated redeploy script 2026-02-09 15:23:02 +02:00
anonpenguin23
4402682d3b Fixed system service sudoer error on debros user 2026-02-05 13:32:06 +02:00
anonpenguin23
22e60652a5 Bug fixing 2026-02-03 13:59:03 +02:00
anonpenguin23
47e2a128a4 Bug fixing 2026-02-02 08:39:42 +02:00
anonpenguin23
6dbc05ebb0 Fixed ipfs blocking WG 2026-02-01 17:09:58 +02:00
anonpenguin23
c3e3dacc91 WG Fix for IPFS 2026-02-01 16:17:36 +02:00
anonpenguin23
c9f60e4e92 Made building faster 2026-02-01 16:15:37 +02:00
anonpenguin23
0559fd7ec1 fixed more bugs and updated docs 2026-02-01 15:58:28 +02:00
anonpenguin23
b835e4762d fixes 2026-02-01 14:26:36 +02:00
anonpenguin23
f16c822620 Deployement updates 2026-02-01 12:01:31 +02:00
anonpenguin23
0f6b3d0abb Added self signed cert fallback, fixed dns bugs 2026-01-31 10:07:15 +02:00
anonpenguin23
da7eb7452b Updated docs and fixed WG bugs and ip's bugs 2026-01-31 07:09:09 +02:00
anonpenguin23
7845d36b32 Added wireguard and updated installation process and added more tests 2026-01-30 15:30:18 +02:00
anonpenguin23
e5e8d23247 Added nyx auto install with anyone relay 2026-01-29 10:23:40 +02:00
anonpenguin23
6a4e0a4bef Fixed services on caddy 2026-01-29 08:56:28 +02:00
anonpenguin23
791c4a0b34 Fixed IPFS systemd service and deploy issue on nextjs 2026-01-29 08:38:33 +02:00
anonpenguin23
2ddf12b659 Fixed swarm problem flag and install TUI problem 2026-01-29 08:03:06 +02:00
anonpenguin23
c6c9dbeb1a core dns https issue 2026-01-29 07:45:40 +02:00
anonpenguin23
74902c81cd fixed cert issue 2026-01-29 07:45:15 +02:00
anonpenguin23
965eeebee6 fixed bugs on dns for deployment 2026-01-29 07:22:32 +02:00
anonpenguin23
593411f8de fixed test issues 2026-01-28 11:52:58 +02:00
anonpenguin23
a466768e1c added support for anyone relay with rewards 2026-01-28 08:36:57 +02:00
anonpenguin23
71ff95ae5f fixing bugs on tests and on codebase 2026-01-26 14:41:26 +02:00
anonpenguin23
a774037ae5 enchanced e2e tests, fixed rqlite issue 2026-01-26 10:04:30 +02:00