cronekorkn

0 followers · 0 following

• Joined on 2021-06-13

Repositories

22

Projects Packages Code Public activity Starred repositories

cronekorkn pushed to master at cronekorkn/left4me 2026-05-15 14:59:55 +02:00

f615d0de75 spec(user-uid-split): mark superseded by the hardening refactor

37309ba399 spec(hardening-test-plan): fix four bugs surfaced by executor

8e678b6765 deploy/files: annotate reference units with per-directive hardening comments

7c64910c90 spec(hardening-refactor): resolve emitter open items

b1293f9952 plan(hardening-refactor): implementation plan against the proven composition

Compare 11 commits »

cronekorkn pushed to master at cronekorkn/left4me 2026-05-15 12:15:05 +02:00

4aa69c2461 spec(janitorial): mark items 8, 9 resolved after on-host verification

8f30dd7754 docs: correct stale bubblewrap references in v1 spec + live docstring

Compare 2 commits »

cronekorkn pushed to master at cronekorkn/left4me 2026-05-15 12:06:05 +02:00

160911fbca spec(deploy-dir-rethink): plan + mark adjacent specs resolved

5284e28af7 refactor: move privileged scripts to scripts/{libexec,sbin}/; deploy/ is reference

Compare 2 commits »

cronekorkn pushed to master at cronekorkn/left4me 2026-05-15 02:05:14 +02:00

e38b844978 docs: janitorial cleanup checklist + L4D2 server cvar reference

cronekorkn pushed to master at cronekorkn/left4me 2026-05-15 01:59:59 +02:00

a450491a90 spec(uid-split): note these are system units, not user units

cronekorkn pushed to master at cronekorkn/left4me 2026-05-15 01:58:09 +02:00

62cf6cdd56 spec: handoff for revisiting 1/2/3-user split for left4me

cronekorkn pushed to master at cronekorkn/left4me 2026-05-15 01:54:42 +02:00

28b0ff951b spec(build-overlay-unit): flag DB-fetch-in-ExecStartPre as an option

cronekorkn pushed to master at cronekorkn/left4me 2026-05-15 01:52:59 +02:00

a9bbc209ae spec: handoff for replacing script-sandbox helper with template unit

cronekorkn pushed to master at cronekorkn/left4me 2026-05-15 01:33:16 +02:00

7a25c2453c fix(left4me-script-sandbox): self-wrap into PID 1's mount namespace

cronekorkn pushed to master at cronekorkn/left4me 2026-05-15 01:20:44 +02:00

48381089d3 refactor(left4me-overlay): move uid translation to script-sandbox build

bc25d423aa plan(left4me): move idmap from gameserver mount to script-sandbox build

Compare 2 commits »

cronekorkn pushed to master at cronekorkn/left4me 2026-05-15 01:02:25 +02:00

dd918aca4b fix(left4me-overlay): use /proc/self/mountinfo to detect bind mounts

2b20bffeb8 spec: handoff doc for rethinking deploy/ dir architecture

Compare 2 commits »

cronekorkn pushed to master at cronekorkn/left4me 2026-05-15 00:47:07 +02:00

f5e36eef79 deploy: claim /usr/local/sbin/left4me admin CLI in deploy/files

cronekorkn pushed to master at cronekorkn/left4me 2026-05-15 00:00:23 +02:00

f231ebcb0d doc(deploy): clarify ckn-bw verbatim-sync workflow for shipped files

e4101de7a5 test(deploy): assert left4me-overlay idmaps sandbox-owned lowerdirs

90531864b3 harden(left4me-overlay): fix idmap collision risk, gate test stubs on PRINT_ONLY, wrap os.stat

2f6a9cfba0 feat(left4me-overlay): idmap bind mounts for l4d2-sandbox-owned lowerdirs

3a2c379b71 plan(left4me-overlay): idmap lowerdir bind mounts for cross-uid copy-up

Compare 5 commits »

cronekorkn pushed to master at cronekorkn/left4me 2026-05-14 22:28:55 +02:00

bbb2b983bc harden(l4d2web): per-username login rate limit alongside per-IP

0e2a78e065 secure(l4d2web): block non-admin writes on system overlays; last-admin guard on deactivate

74b7f61437 harden(l4d2web): default security response headers and generic error handlers

2902c9cc82 harden(l4d2web): auth/session — clear on login+logout, constant-time CSRF, role-change invalidation

Compare 4 commits »

cronekorkn pushed to master at cronekorkn/left4me 2026-05-14 21:47:43 +02:00

66d14feca5 refactor(l4d2-web): harden console-history.js against HTMX version drift and races

6f49efd44a feat(l4d2-web): console panel UI on server detail page

ecc4aa28c6 refactor(l4d2-web): tighten console route limit test and dedupe is_error

553b280e40 feat(l4d2-web): backend for RCON console with persisted transcript

c4dffd471b feat(l4d2-web): add command_history table for RCON console transcript

Compare 8 commits »

cronekorkn pushed to master at cronekorkn/left4me 2026-05-13 15:49:58 +02:00

6cc1736f17 feat(l4d2-web): add hostname edit form to server detail page

963851c0e1 feat(l4d2-web): emit hostname in spec config with ephemeral fallback

d42383dc37 chore: add dev.db and opencode.json to gitignore

69d93dda4f feat(l4d2-web): accept hostname on server update, default empty on create

0a7f48f174 feat(l4d2-web): add hostname column to Server model

Compare 7 commits »

cronekorkn pushed to main at cronekorkn/dotfiles 2026-05-13 12:43:20 +02:00

431ab60e8d feat: add agent environment config

8d5406b7ef add Claude Code statusline script

5631169af2 docs(agents): add sandbox and temp file usage guidelines

b04ed3ffa0 docs(agents): prefer $TMPDIR or .tmp/ over /tmp to avoid sandbox prompts

Compare 4 commits »

cronekorkn pushed to master at cronekorkn/left4me 2026-05-13 11:39:58 +02:00

fe43f67b51 feat: include password-reveal.js in base template

ab83f5fd2b feat: add RCON password row to server detail page

d9aa6bd395 feat: add password reveal toggle JS

e75feb0649 docs: add rcon password display implementation plan

358a835d65 docs: add rcon password display design spec

Compare 5 commits »

cronekorkn pushed to master at cronekorkn/left4me 2026-05-12 23:34:54 +02:00

d113b7821c fix(live-state): remove loading=lazy from avatars to fix Firefox/Safari flash

cronekorkn pushed to master at cronekorkn/left4me 2026-05-12 23:26:57 +02:00

175e4e653c fix(live-state): eliminate flash on poll by switching to innerHTML swap