lfg2025/archy
1
0
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects Releases 44 Wiki Activity
archy/image-recipe
History
Dorian 6656d2f1d9 fix: implement 22 security pentest remediation fixes 
Server-side session management with SHA-256 hashed tokens and HttpOnly
cookies. Auth middleware gating all RPC/WS/proxy routes with method
allowlist. Login rate limiting (5/60s per IP). CORS restricted to
config origin. Docker registry allowlist. App ID and path validation.
P2P message sanitization (HTML + log injection). Onion address and
known-peer validation. Nginx security headers (CSP, X-Frame-Options,
etc.) and AIUI proxy auth. Systemd hardening (non-root, NoNewPrivileges,
ProtectSystem).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-06 03:26:56 +00:00
..
archipelago-scripts
Update Fedimint configuration and enhance onboarding process
2026-02-17 15:03:34 +00:00
configs
fix: implement 22 security pentest remediation fixes
2026-03-06 03:26:56 +00:00
raspberrypi
Initial commit
2026-01-24 22:01:51 +00:00
scripts
Update .gitignore and remove obsolete documentation files
2026-02-01 02:22:02 +00:00
.gitignore
Initial commit
2026-01-24 22:01:51 +00:00
build-auto-installer-iso.sh
chore: sync ISO build configs with live server state
2026-03-05 08:34:53 +00:00
build-debian-iso.sh
Enhance README and RPC for package management
2026-02-01 18:46:35 +00:00
build-debian-live-iso.sh
Refactor configuration and scripts for Archipelago backend and ISO build
2026-02-01 05:42:05 +00:00
build-from-live-server.sh
Enhance README and RPC for package management
2026-02-01 18:46:35 +00:00
build-frontend.sh
Refactor build script for custom ISO creation and update hardware configuration
2026-01-31 22:56:39 +00:00
BUILD-ISO-STATUS.md
Revise BUILD-GUIDE and enhance ISO build process
2026-02-03 21:43:33 +00:00
build.sh
Initial commit
2026-01-24 22:01:51 +00:00
create-fat32-usb.sh
Update .gitignore and remove obsolete documentation files
2026-02-01 02:22:02 +00:00
fix-autostart.sh
Enhance README and RPC for package management
2026-02-01 18:46:35 +00:00
integrate-archipelago.sh
Refactor build script for custom ISO creation and update hardware configuration
2026-01-31 22:56:39 +00:00
INTEGRATION-GUIDE.md
Enhance development workflow and deployment practices for Archipelago
2026-02-01 13:24:03 +00:00
ISO-BUILD-CHECKLIST.md
Enhance Immich deployment process by removing old single-container instances and updating service configurations
2026-02-25 18:20:50 +00:00
prepare.sh
Initial commit
2026-01-24 22:01:51 +00:00
README.md
Enhance development workflow and deployment practices for Archipelago
2026-02-01 13:24:03 +00:00
run-local-build.sh
Initial commit
2026-01-24 22:01:51 +00:00
splash.png
Initial commit
2026-01-24 22:01:51 +00:00
sync-from-live.sh
Enhance development workflow and deployment practices for Archipelago
2026-02-01 13:24:03 +00:00
test-iso-qemu.sh
Update .gitignore and remove obsolete documentation files
2026-02-01 02:22:02 +00:00
write-usb-dd.sh
Update .gitignore and remove obsolete documentation files
2026-02-01 02:22:02 +00:00

README.md

Archipelago OS Image Recipes

Build scripts for creating bootable Debian Linux OS images for Archipelago Bitcoin Node OS.

Quick Start

Build the ISO

# 1. Sync latest configs from live dev server
./sync-from-live.sh

# 2. Build components
./scripts/build-backend.sh
./scripts/build-frontend.sh

# 3. Build the ISO
./build-debian-iso.sh

This creates a bootable Debian Live ISO with Archipelago pre-installed.

Write to USB

# Using dd (recommended)
./write-usb-dd.sh /dev/diskN

# Or use Balena Etcher to flash the ISO

See the ISO-BUILD-CHECKLIST.md for a comprehensive build workflow.

See the Architecture documentation for detailed system information.

What's Included

  • Debian Linux Base: Stable Debian 12 (Bookworm) distribution
  • Podman: Container runtime for apps (rootless by default)
  • Archipelago Backend: Rust-based API server
  • Archipelago Frontend: Vue.js web interface
  • Systemd Services: Automatic service management
  • Network Configuration: NetworkManager for easy setup

Build Output

  • results/archipelago-debian-12-x86_64.iso - Bootable hybrid ISO image

Supported Platforms

  • x86_64: Dell OptiPlex, HP ProDesk 400 G4 DM, Start9 Server Pure, and other x86_64 machines
  • Build Systems: macOS (requires Docker) and Linux (native or Docker)

Installation Methods

1. Live USB Boot

Boot from USB, run in live mode to test, or install to disk.

2. Full Disk Installation

From the live environment, run:

sudo /archipelago/install-to-disk.sh

This installs Archipelago to a target disk using debootstrap.

Directory Structure

image-recipe/
├── build-debian-iso.sh          # Main ISO builder
├── write-usb-dd.sh              # Write ISO to USB with dd
├── create-fat32-usb.sh          # Alternative USB creation
├── archipelago-scripts/         # Scripts included in ISO
│   ├── install-to-disk.sh       # Disk installer
│   └── setup-bitcoin.sh         # Bitcoin Core setup
├── scripts/                     # Build helper scripts
│   ├── build-backend.sh         # Compile Rust backend
│   ├── build-frontend.sh        # Build Vue.js frontend
│   └── check-dependencies.sh    # Verify build requirements
└── results/                     # Built ISO output

Requirements

  • Docker (for macOS builds)
  • xorriso (for ISO creation): brew install xorriso
  • 7zip (for ISO extraction): brew install p7zip