SysAdmin
0a0075ce66
Two product lines, named to make scope obvious to buyers: - 🔒 SilverMetal OS — we ship the operating system or ROM (Linux, Pixel, Samsung-unlocked, Motorola-unlocked) - 🛡️ SilverMetal Enhanced — we harden the OS the device already runs (Windows, macOS, iOS, generic Android) Repo alignment: - SilverVPN already exists as a SilverLABS product (server + MAUI client + Linux client + tunnel service). stack/vpn/ is now an integration pointer rather than a re-scaffold; per-platform READMEs reference it. - SilverApple is deprecated; SilverMetal Enhanced — iOS supersedes it. Migration step added as roadmap milestone 3I.1. - SilverDROID name clash explicitly noted as unrelated (it's the SilverSHELL AppStore Android client, not an Android ROM). - SilverChat may overlap with SilverVPN.Client.Chat; alignment decision added as roadmap milestone 1.1.1. Roadmap restructured: phases now track the OS/Enhanced split. Platform matrix re-sectioned and decision flowchart updated. README rewritten around the two-product-line framing. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
SilverVPN — Integration Pointer
The SilverVPN component already exists as a separate, in-production SilverLABS product. This directory does not re-implement it; it tracks the integration of the existing SilverVPN into SilverMetal OS images and Enhanced packages.
Where SilverVPN lives
SilverLABS/SilverVPN — local checkout typically at ../SilverVPN/.
The product includes:
.NET 9server stack: API, admin dashboard, web client, Docker imagesSilverVPN.Client.Maui— cross-platform native client (Windows, macOS, Android, iOS)SilverVPN.Client.Linux— dedicated Linux clientSilverVPN.Client.Web/SilverVPN.Client.Web.Host— browser-based clientSilverVPN.TunnelService/SilverVPN.TunnelService.Linux— tunnel daemonSilverVPN.Tunnel.Shared— shared tunnel codelibbox-bridge— sing-box / sing-tun integration layer- Debian packaging (
build-deb.sh,debian/) - OpenWrt support (
openwrt/) - Production releases ongoing
SilverMetal's responsibility
This directory tracks integration, not development. Integration tasks per platform:
SilverMetal OS — Linux
- Include
silvervpn.deb(built from../SilverVPN/build-deb.sh) inlinux/packages/include.list - Bundle
SilverVPN.TunnelService.Linuxas a default systemd service - Configure SilverVPN to be always-on by default with our exit nodes preconfigured
- Verify nftables kill-switch coexists with the SilverVPN tunnel service
- Validate DNS through tunnel (no leaks)
- Auto-launch
SilverVPN.Client.Linuxon first login for account-number entry
SilverMetal OS — Pixel / Samsung / Motorola
- Bundle SilverVPN MAUI client APK into ROM build (or system app)
- Configure as default VPN provider via Android
VpnService - Always-on VPN enforced at OS level (
Settings > VPN > Always-on)
SilverMetal Enhanced — Windows
- Bundle MAUI Windows client into hardening installer
- Set up auto-start on boot
- Kill-switch enforced via Windows Filtering Platform rules
SilverMetal Enhanced — macOS
- Bundle MAUI macOS client into setup
.pkg - NetworkExtension content filter for kill-switch
SilverMetal Enhanced — iOS
- SilverVPN App Store listing referenced in iOS setup guide
- MDM profile pre-configures SilverVPN as default
SilverMetal Enhanced — Android (generic)
- SilverVPN MAUI APK referenced as required install in profile
- Work-profile config sets it as system VPN
Coordination
Changes that affect SilverMetal integration (e.g., silvervpn package layout, default endpoints, account-number CLI) should be flagged in this directory's CHANGELOG (to be created when first integration milestone starts) so the SilverMetal build pipeline can react.
Cross-repo issues that touch both projects should be opened in whichever repo owns the change, with a back-reference in the other.