Generating immutable, A/B updatable, securely booting Debian images

Debian provides a lot of the pieces you need to create a securely booting Linux system that is able to encrypt all its sensitive data while storing the key in a device-bound trust anchor like a TPM. It even permits to use immutable rootfs images that can be updated in A/B fashion atomically. But all these pieces are neither plugged together by its official installer nor would that help when you need offline-built and signed images.

The Civil Infrastructure Platform project (https://www.cip-project.org) aims at closing this gap, specifically for Debian use cases in the embedded industrial field, although results are not limited to that. This talk introduces the integration layer isar-cip-core (https://gitlab.com/cip-project/cip-core/isar-cip-core) that the project created, presents its current key features and next plans. It looks back on how some custom packages that used to be generated ad-hoc became regular Debian packages. Furthermore, it explains how (most) generated images were made bit-identically reproducible.