DeBros/orama
4
0
Fork 0
mirror of https://github.com/DeBrosOfficial/orama.git synced 2026-03-17 18:36:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
571 Commits 5 Branches 98 Tags
Commit Graph

110 Commits

Author SHA1 Message Date
anonpenguin23
78d876e71b feat(monitor): add sandbox environment support 
- load nodes from active sandbox state for env=sandbox
- extract fanoutArchive for efficient server-to-server distribution
 2026-03-09 10:19:40 +02:00
anonpenguin23
6468019136 feat(sandbox): optimize archive upload via server-to-server fanout 
- add WithNoHostKeyCheck option for ephemeral server IPs
- upload binary to genesis then distribute to other nodes (faster)
- improve provisioning error handling for cleanup on partial failure
 2026-03-07 14:27:09 +02:00
anonpenguin23
e2b6f7d721 docs: add security hardening and OramaOS deployment docs 
- Document WireGuard IPv6 disable, service auth, token security, process isolation
- Introduce OramaOS architecture, enrollment flow, and management via Gateway API
- Add troubleshooting for RQLite/Olric auth, OramaOS LUKS/enrollment issues
 2026-02-28 15:41:04 +02:00
anonpenguin23
fd87eec476 feat(security): add manifest signing, TLS TOFU, refresh token migration 
- Invalidate plaintext refresh tokens (migration 019)
- Add `--sign` flag to `orama build` for rootwallet manifest signing
- Add `--ca-fingerprint` TOFU verification for production joins/invites
- Save cluster secrets from join (RQLite auth, Olric key, IPFS peers)
- Add RQLite auth config fields
 2026-02-28 15:40:43 +02:00
anonpenguin23
f26676db2c feat: add sandbox command and vault guardian build 
- integrate Zig-built vault-guardian into cross-compile process
- add `orama sandbox` for ephemeral Hetzner Cloud clusters
- update docs for `orama node` subcommands and new guides
 2026-02-27 15:22:51 +02:00
anonpenguin23
c6998b6ac2 Remove legacy deployment and upgrade scripts 
- Deleted redeploy.sh, which handled redeployment to nodes in devnet/testnet environments.
- Removed upgrade-nodes.sh, responsible for rolling upgrades of nodes.
- Eliminated upload-source-fanout.sh, which uploaded source archives to nodes in parallel.
- Removed upload-source.sh, used for uploading and extracting source archives to VPS nodes.
 2026-02-24 14:24:25 +02:00
anonpenguin23
714a986a78 Bump version to 0.112.2 and update TURN server configuration 
- Updated version in Makefile to 0.112.2.
- Enhanced SFU server error handling to ignore http.ErrServerClosed.
- Added TURNS (TURN over TLS) configuration options in TURN server and related components.
- Updated firewall rules to include TURNS ports and modified related tests.
- Implemented self-signed certificate generation for TURNS.
- Adjusted TURN server to support both UDP and TCP listeners.
- Updated WebRTC and SFU components to accommodate new TURNS configurations.
 2026-02-23 16:32:32 +02:00
anonpenguin23
19463b8621 feat: disable HTTP/3 in Caddy to free UDP 443 for TURN server and add patch script 2026-02-21 18:30:28 +02:00
anonpenguin23
e6f828d6f1 feat: add WebRTC support with SFU and TURN server integration, including configuration, monitoring, and API endpoints 2026-02-21 11:31:20 +02:00
anonpenguin23
4ebf558719 feat: implement suspect node handling with callbacks for DNS record management 2026-02-20 09:27:35 +02:00
anonpenguin23
4f1709e136 Bug fixing 2026-02-18 11:20:16 +02:00
anonpenguin23
8aef779fcd Updated docs and bug fixing 2026-02-17 08:49:16 +02:00
anonpenguin23
0b5b6e68e3 A ton of updates on the monitoring mostly bug fixes 2026-02-16 16:35:29 +02:00
anonpenguin23
7163aad850 Refactor installation scripts and improve security measures 
- Updated `clean-testnet.sh` to stop and disable legacy services.
- Added `upload-source.sh` for streamlined source archive uploads.
- Enhanced password input handling in `ssh.go` for better security.
- Adjusted directory permissions in `validator.go` for improved security.
- Simplified node configuration logic in `config.go`.
- Removed unnecessary commands from `gateway.go` to streamline installation.
 2026-02-16 10:01:35 +02:00
anonpenguin23
bc9cbb3627 Moved everything to root user and to /opt/orama from home/orama/.orama 2026-02-14 14:33:38 +02:00
anonpenguin23
29d255676f Renamed debros to orama 2026-02-14 14:14:04 +02:00
anonpenguin23
ba4e2688e4 Updated installation process simplified it 2026-02-14 14:06:14 +02:00
anonpenguin23
1ab63857d3 Security audit, code cleanup 2026-02-13 14:33:11 +02:00
anonpenguin23
85a556d0a0 Did a lot of cleanup and bug fixing 2026-02-13 12:47:02 +02:00
anonpenguin23
ed82c8ca6b Cleaned up development environment 2026-02-13 10:33:11 +02:00
anonpenguin23
266507ef09 Auto node recovery and failover if node is dead, added wallet authentication with phantom and root wallet + cluster repair logic 2026-02-13 08:16:01 +02:00
anonpenguin23
5c73330be6 created patch and fixed authentication issue for ipfs bug and cross node communication 2026-02-12 07:40:43 +02:00
anonpenguin23
b5dfcab1d6 Collector updates and bug fixes + patches scripts created 2026-02-11 15:08:20 +02:00
anonpenguin23
eddf0553b7 Did a small refactor, code clean, remove dead code, legacy etc 2026-02-11 07:43:33 +02:00
anonpenguin23
21e82abb65 Fixed WG port issues and production firewall fixes 2026-02-10 09:39:26 +02:00
anonpenguin23
a297a14b44 Updated docs and bug fixes and updated redeploy script 2026-02-09 15:23:02 +02:00
anonpenguin23
a7f100038d Fixed system service sudoer error on debros user 2026-02-05 13:32:06 +02:00
anonpenguin23
156de7eb19 Bug fixing 2026-02-03 13:59:03 +02:00
anonpenguin23
e3dd359e55 Bug fixing 2026-02-02 08:39:42 +02:00
anonpenguin23
c7036cb931 Fixed ipfs blocking WG 2026-02-01 17:09:58 +02:00
anonpenguin23
af5f5f9893 WG Fix for IPFS 2026-02-01 16:17:36 +02:00
anonpenguin23
683ce50106 Made building faster 2026-02-01 16:15:37 +02:00
anonpenguin23
c401fdcd74 fixed more bugs and updated docs 2026-02-01 15:58:28 +02:00
anonpenguin23
73dfe22438 fixes 2026-02-01 14:26:36 +02:00
anonpenguin23
9282fe64ee Deployement updates 2026-02-01 12:01:31 +02:00
anonpenguin23
51371e199d Added self signed cert fallback, fixed dns bugs 2026-01-31 10:07:15 +02:00
anonpenguin23
810094771d Updated docs and fixed WG bugs and ip's bugs 2026-01-31 07:09:09 +02:00
anonpenguin23
4acea72467 Added wireguard and updated installation process and added more tests 2026-01-30 15:30:18 +02:00
anonpenguin23
d6106bcbb8 Added nyx auto install with anyone relay 2026-01-29 10:23:40 +02:00
anonpenguin23
d8c93f6ee9 Fixed services on caddy 2026-01-29 08:56:28 +02:00
anonpenguin23
571f8babb4 Fixed IPFS systemd service and deploy issue on nextjs 2026-01-29 08:38:33 +02:00
anonpenguin23
4b24b0aa6c Fixed swarm problem flag and install TUI problem 2026-01-29 08:03:06 +02:00
anonpenguin23
81414722cd core dns https issue 2026-01-29 07:45:40 +02:00
anonpenguin23
c3d6500785 fixed cert issue 2026-01-29 07:45:15 +02:00
anonpenguin23
5ec292a4f2 fixed bugs on dns for deployment 2026-01-29 07:22:32 +02:00
anonpenguin23
7ded21939b fixed test issues 2026-01-28 11:52:58 +02:00
anonpenguin23
468ca06398 added support for anyone relay with rewards 2026-01-28 08:36:57 +02:00
anonpenguin23
380b10add3 fixing bugs on tests and on codebase 2026-01-26 14:41:26 +02:00
anonpenguin23
1a717537e5 enchanced e2e tests, fixed rqlite issue 2026-01-26 10:04:30 +02:00
anonpenguin23
e94da3a639 Fixed problem on ipfs 2026-01-26 08:52:52 +02:00