Feat add windows support#95
Merged
hsinatfootprintai merged 5 commits intomainfrom Apr 23, 2026
Merged
Conversation
Adds Windows Server VMs as a new instance type alongside Linux containers, with browser-based RDP access via Apache Guacamole. Implementation: - New OSType WINDOWS_SERVER_2022 in proto enum - internal/incus/client.go: support virtual-machine instance type - internal/container/manager.go: provision Windows VMs (skip Linux setup steps, mount install + virtio ISOs, configure UEFI/secboot) - internal/guacamole/: Guacamole API client for RDP session setup - Web UI: OS selector in CreateContainerDialog, Windows badge in list Includes docs/WINDOWS-VM-SETUP.md covering manual ISO download, virtio drivers, RDP configuration, and GPU passthrough. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Two new stacks for Android development: - android: headless SDK + KVM-accelerated emulator for CI/CD - android-studio: full IDE with XFCE desktop + VNC for GUI dev Both include Android SDK 35, build tools, x86_64 system image, and a pre-created Pixel 6 AVD. Emulator uses nested KVM via Incus security.nesting=true. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
New endpoint POST /v1/pentest/findings/{finding_id}/remediate
upgrades the OS package containing the vulnerable binary.
Flow:
1. Look up finding by ID, parse container name and binary path from
the Target field (format: "container-name (path/to/binary)")
2. Detect the owning OS package (dpkg -S or rpm -qf)
3. Run apt-get update && apt-get install --only-upgrade <package>
4. Return old version → new version in the response
Useful for routine Docker/gcloud-sdk CVEs where the fix is just
"install the latest package".
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Two bugs caused snapshots to accumulate indefinitely: 1. set -euo pipefail caused the script to exit when zfs send/receive failed (e.g. when backup pool's snapshot lineage diverged from main pool). The prune step never ran, so old snapshots piled up — we saw 25 days of snapshots consuming 442GB on one container. 2. The prune logic listed snapshots across all datasets sorted globally, then kept the newest N. With many containers, "newest 7 globally" wiped everything except today's backups across all containers (when it ran at all). Fixes: - Drop -e (keep -uo pipefail); check each command's exit explicitly - Move pruning to an EXIT trap so it always runs, even on error - Rewrite prune_snapshots() to keep N per dataset (not N globally) - On incremental send failure, fall back to full re-send to repair divergent backup pool lineage - Surface zfs receive errors instead of silencing them Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
- README: reflect multi-OS, multi-backend, GPU passthrough, Windows VM, and Android dev support; updated REST API endpoints table; fixed outdated examples (camelCase fields, osType, enablePodman); added documentation links table and v0.15.0 status note - CROSS-PEER-FILE-TRANSFER.md: rsync/tar+ssh/incus file methods for moving large files between peer containers, with UID mapping notes - ALERTING-SETUP.md: vmalert → Alertmanager → daemon relay → webhook pipeline, Zulip/Slack setup, built-in alert rules, and troubleshooting for two recent fixes (notifier path prefix, external URL override) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.