modified installer script

The CreatePool function have some bug when creating an pool it mounting an vdev properties but in the reality it show that the option is the dataset properties

README.md

@@ -11,3 +11,22 @@ AtlasOS is an appliance-style storage controller build by Adastra
 - Prometheus metrics
 
 > This repository contains the management plane and appliance tooling.
+
+## Quick Installation
+
+### Standard Installation (with internet)
+```bash
+sudo ./installer/install.sh
+```
+
+### Airgap Installation (offline)
+```bash
+# Step 1: Download bundle (on internet-connected system)
+sudo ./installer/bundle-downloader.sh ./atlas-bundle
+
+# Step 2: Transfer bundle to airgap system
+# Step 3: Install on airgap system
+sudo ./installer/install.sh --offline-bundle /path/to/atlas-bundle
+```
+
+See `installer/README.md` and `docs/INSTALLATION.md` for detailed instructions.

docs/AIRGAP_INSTALLATION.md

@@ -0,0 +1,174 @@
+# Airgap Installation Guide for AtlasOS
+
+## Overview
+
+AtlasOS installer supports airgap (offline) installation for data centers without internet access. All required packages and dependencies are bundled into a single directory that can be transferred to the airgap system.
+
+## Quick Start
+
+### Step 1: Download Bundle (On System with Internet)
+
+On a system with internet access and Ubuntu 24.04:
+
+```bash
+# Clone the repository
+git clone <repository-url>
+cd atlas
+
+# Run bundle downloader (requires root)
+sudo ./installer/bundle-downloader.sh ./atlas-bundle
+```
+
+This will create a directory `./atlas-bundle` containing:
+- All required .deb packages (~100-200 packages)
+- All dependencies
+- Go binary (fallback)
+- Manifest and README files
+
+**Estimated bundle size:** 500MB - 1GB
+
+### Step 2: Transfer Bundle to Airgap System
+
+Transfer the entire bundle directory to your airgap system using:
+- USB drive
+- Internal network (if available)
+- Physical media
+
+```bash
+# Example: Copy to USB drive
+cp -r ./atlas-bundle /media/usb/
+
+# On airgap system: Copy from USB
+cp -r /media/usb/atlas-bundle /tmp/
+```
+
+### Step 3: Install on Airgap System
+
+On the airgap system (Ubuntu 24.04):
+
+```bash
+# Navigate to bundle directory
+cd /tmp/atlas-bundle
+
+# Run installer with offline bundle
+cd /path/to/atlas
+sudo ./installer/install.sh --offline-bundle /tmp/atlas-bundle
+```
+
+## Bundle Contents
+
+The bundle includes:
+
+### Main Packages
+- **Build Tools**: build-essential, git, curl, wget
+- **ZFS**: zfsutils-linux, zfs-zed, zfs-initramfs
+- **Storage Services**: samba, samba-common-bin, nfs-kernel-server, rpcbind
+- **iSCSI**: targetcli-fb
+- **Database**: sqlite3, libsqlite3-dev
+- **Go Compiler**: golang-go
+- **Utilities**: openssl, net-tools, iproute2
+
+### Dependencies
+All transitive dependencies are automatically included.
+
+## Verification
+
+Before transferring, verify the bundle:
+
+```bash
+# Count .deb files (should be 100-200)
+find ./atlas-bundle -name "*.deb" | wc -l
+
+# Check manifest
+cat ./atlas-bundle/MANIFEST.txt
+
+# Check total size
+du -sh ./atlas-bundle
+```
+
+## Troubleshooting
+
+### Missing Dependencies
+
+If installation fails with dependency errors:
+
+1. Ensure all .deb files are present in bundle
+2. Check that bundle was created on Ubuntu 24.04
+3. Verify system architecture matches (amd64/arm64)
+
+### Go Installation Issues
+
+If Go is not found after installation:
+
+1. Check if `golang-go` package is installed: `dpkg -l | grep golang-go`
+2. If missing, the bundle includes `go.tar.gz` as fallback
+3. Installer will automatically extract it if needed
+
+### Package Conflicts
+
+If you encounter package conflicts:
+
+```bash
+# Fix broken packages
+sudo apt-get install -f -y
+
+# Or manually install specific packages
+sudo dpkg -i /path/to/bundle/*.deb
+sudo apt-get install -f -y
+```
+
+## Bundle Maintenance
+
+### Updating Bundle
+
+To update the bundle with newer packages:
+
+1. Run `./installer/bundle-downloader.sh` again on internet-connected system
+2. This will download latest versions
+3. Transfer new bundle to airgap system
+
+### Bundle Size Optimization
+
+To reduce bundle size (optional):
+
+```bash
+# Remove unnecessary packages (be careful!)
+# Only remove if you're certain they're not needed
+```
+
+## Security Considerations
+
+- Verify bundle integrity before transferring
+- Use secure transfer methods (encrypted USB, secure network)
+- Keep bundle in secure location on airgap system
+- Verify package signatures if possible
+
+## Advanced Usage
+
+### Custom Bundle Location
+
+```bash
+# Download to custom location
+sudo ./installer/bundle-downloader.sh /opt/atlas-bundles/ubuntu24.04
+
+# Install from custom location
+sudo ./installer/install.sh --offline-bundle /opt/atlas-bundles/ubuntu24.04
+```
+
+### Partial Bundle (if some packages already installed)
+
+If some packages are already installed on airgap system:
+
+```bash
+# Installer will skip already-installed packages
+# Missing packages will be installed from bundle
+sudo ./installer/install.sh --offline-bundle /path/to/bundle
+```
+
+## Support
+
+For issues with airgap installation:
+1. Check installation logs
+2. Verify bundle completeness
+3. Ensure Ubuntu 24.04 compatibility
+4. Review MANIFEST.txt for package list

docs/INSTALLATION.md

@@ -35,7 +35,7 @@ The easiest way to install AtlasOS is using the provided installer script:
 cd /path/to/atlas
 
 # Run installer (requires root)
-sudo ./install.sh
+sudo ./installer/install.sh
 ```
 
 The installer will:
@@ -50,22 +50,22 @@ The installer will:
 
 ```bash
 # Custom installation directory
-sudo ./install.sh --install-dir /opt/custom-atlas
+sudo ./installer/install.sh --install-dir /opt/custom-atlas
 
 # Custom data directory
-sudo ./install.sh --data-dir /mnt/atlas-data
+sudo ./installer/install.sh --data-dir /mnt/atlas-data
 
 # Skip dependency installation (if already installed)
-sudo ./install.sh --skip-deps
+sudo ./installer/install.sh --skip-deps
 
 # Skip building binaries (use pre-built)
-sudo ./install.sh --skip-build
+sudo ./installer/install.sh --skip-build
 
 # Custom HTTP address
-sudo ./install.sh --http-addr :8443
+sudo ./installer/install.sh --http-addr :8443
 
 # Show help
-sudo ./install.sh --help
+sudo ./installer/install.sh --help
 ```
 
 ## Manual Installation

docs/POSTGRESQL_MIGRATION.md

@@ -0,0 +1,226 @@
+# PostgreSQL Migration Guide
+
+## Overview
+
+AtlasOS now supports both SQLite and PostgreSQL databases. You can switch between them by changing the database connection string.
+
+## Quick Start
+
+### Using PostgreSQL
+
+Set the `ATLAS_DB_CONN` environment variable to a PostgreSQL connection string:
+
+```bash
+export ATLAS_DB_CONN="postgres://username:password@localhost:5432/atlas?sslmode=disable"
+./atlas-api
+```
+
+### Using SQLite (Default)
+
+Set the `ATLAS_DB_PATH` environment variable to a file path:
+
+```bash
+export ATLAS_DB_PATH="/var/lib/atlas/atlas.db"
+./atlas-api
+```
+
+Or use the connection string format:
+
+```bash
+export ATLAS_DB_CONN="sqlite:///var/lib/atlas/atlas.db"
+./atlas-api
+```
+
+## Connection String Formats
+
+### PostgreSQL
+
+```
+postgres://[user[:password]@][netloc][:port][/dbname][?param1=value1&...]
+```
+
+Examples:
+- `postgres://user:pass@localhost:5432/atlas`
+- `postgres://user:pass@localhost:5432/atlas?sslmode=disable`
+- `postgresql://user:pass@db.example.com:5432/atlas?sslmode=require`
+
+### SQLite
+
+- File path: `/var/lib/atlas/atlas.db`
+- Connection string: `sqlite:///var/lib/atlas/atlas.db`
+
+## Setup PostgreSQL Database
+
+### 1. Install PostgreSQL
+
+**Ubuntu/Debian:**
+```bash
+sudo apt-get update
+sudo apt-get install postgresql postgresql-contrib
+```
+
+**CentOS/RHEL:**
+```bash
+sudo yum install postgresql-server postgresql-contrib
+sudo postgresql-setup initdb
+sudo systemctl start postgresql
+sudo systemctl enable postgresql
+```
+
+### 2. Create Database and User
+
+```bash
+# Switch to postgres user
+sudo -u postgres psql
+
+# Create database
+CREATE DATABASE atlas;
+
+# Create user
+CREATE USER atlas_user WITH PASSWORD 'your_secure_password';
+
+# Grant privileges
+GRANT ALL PRIVILEGES ON DATABASE atlas TO atlas_user;
+
+# Exit
+\q
+```
+
+### 3. Configure AtlasOS
+
+Update your systemd service file (`/etc/systemd/system/atlas-api.service`):
+
+```ini
+[Service]
+Environment="ATLAS_DB_CONN=postgres://atlas_user:your_secure_password@localhost:5432/atlas?sslmode=disable"
+```
+
+Or update `/etc/atlas/atlas.conf`:
+
+```bash
+# PostgreSQL connection string
+ATLAS_DB_CONN=postgres://atlas_user:your_secure_password@localhost:5432/atlas?sslmode=disable
+```
+
+### 4. Restart Service
+
+```bash
+sudo systemctl daemon-reload
+sudo systemctl restart atlas-api
+```
+
+## Migration from SQLite to PostgreSQL
+
+### Option 1: Fresh Start (Recommended for new installations)
+
+1. Set up PostgreSQL database (see above)
+2. Update connection string
+3. Restart service - tables will be created automatically
+
+### Option 2: Data Migration
+
+If you have existing SQLite data:
+
+1. **Export from SQLite:**
+   ```bash
+   sqlite3 /var/lib/atlas/atlas.db .dump > atlas_backup.sql
+   ```
+
+2. **Convert SQL to PostgreSQL format:**
+   - Replace `INTEGER` with `BOOLEAN` for boolean fields
+   - Replace `TEXT` with `VARCHAR(255)` or `TEXT` as appropriate
+   - Update timestamp formats
+
+3. **Import to PostgreSQL:**
+   ```bash
+   psql -U atlas_user -d atlas < converted_backup.sql
+   ```
+
+## Rebuilding the Application
+
+### 1. Install PostgreSQL Development Libraries
+
+**Ubuntu/Debian:**
+```bash
+sudo apt-get install libpq-dev
+```
+
+**CentOS/RHEL:**
+```bash
+sudo yum install postgresql-devel
+```
+
+### 2. Update Dependencies
+
+```bash
+go mod tidy
+```
+
+### 3. Build
+
+```bash
+go build -o atlas-api ./cmd/atlas-api
+go build -o atlas-tui ./cmd/atlas-tui
+```
+
+Or use the installer:
+
+```bash
+sudo ./installer/install.sh
+```
+
+## Environment Variables
+
+| Variable | Description | Example |
+|----------|-------------|---------|
+| `ATLAS_DB_CONN` | Database connection string (takes precedence) | `postgres://user:pass@host:5432/db` |
+| `ATLAS_DB_PATH` | SQLite database path (fallback if `ATLAS_DB_CONN` not set) | `/var/lib/atlas/atlas.db` |
+
+## Troubleshooting
+
+### Connection Refused
+
+- Check PostgreSQL is running: `sudo systemctl status postgresql`
+- Verify connection string format
+- Check firewall rules for port 5432
+
+### Authentication Failed
+
+- Verify username and password
+- Check `pg_hba.conf` for authentication settings
+- Ensure user has proper permissions
+
+### Database Not Found
+
+- Verify database exists: `psql -l`
+- Check database name in connection string
+
+### SSL Mode Errors
+
+- For local connections, use `?sslmode=disable`
+- For production, configure SSL properly
+
+## Performance Considerations
+
+### PostgreSQL Advantages
+
+- Better concurrency (multiple writers)
+- Advanced query optimization
+- Better for high-traffic scenarios
+- Supports replication and clustering
+
+### SQLite Advantages
+
+- Zero configuration
+- Single file deployment
+- Lower resource usage
+- Perfect for small deployments
+
+## Schema Differences
+
+The application automatically handles schema differences:
+
+- **SQLite**: Uses `INTEGER` for booleans, `TEXT` for strings
+- **PostgreSQL**: Uses `BOOLEAN` for booleans, `VARCHAR/TEXT` for strings
+
+The migration system creates the appropriate schema based on the database type.

docs/SMB_LDAP_AD_INTEGRATION.md

@@ -0,0 +1,305 @@
+# SMB/CIFS Shares - LDAP/Active Directory Integration
+
+## Skema Autentikasi Saat Ini
+
+### Implementasi Current (v0.1.0-dev)
+
+1. **Samba Configuration:**
+   - `security = user` - User-based authentication
+   - User management terpisah antara:
+     - **Atlas Web UI**: In-memory `UserStore` (untuk login web)
+     - **Samba**: User harus dibuat manual di sistem Linux menggunakan `smbpasswd` atau `pdbedit`
+   
+2. **Masalah yang Ada:**
+   - ❌ User Atlas (web UI) ≠ User Samba (SMB access)
+   - ❌ Tidak ada sinkronisasi user antara Atlas dan Samba
+   - ❌ User harus dibuat manual di sistem untuk akses SMB
+   - ❌ Tidak ada integrasi dengan LDAP/AD
+   - ❌ `ValidUsers` di SMB share hanya berupa list username string, tidak terintegrasi dengan sistem user management
+
+3. **Arsitektur Saat Ini:**
+   ```
+   Atlas Web UI (UserStore) ──┐
+                              ├──> Tidak terhubung
+   Samba (smbpasswd/pdbedit) ─┘
+   ```
+
+## Feasibility untuk LDAP/AD Integration
+
+### ✅ **SANGAT FEASIBLE**
+
+Samba memiliki dukungan native untuk LDAP dan Active Directory:
+
+1. **Samba Security Modes:**
+   - `security = ads` - Active Directory Domain Services (recommended untuk AD)
+   - `security = domain` - NT4 Domain (legacy)
+   - `passdb backend = ldapsam` - LDAP backend untuk user database
+
+2. **Keuntungan Integrasi LDAP/AD:**
+   - ✅ Single Sign-On (SSO) - user login sekali untuk semua service
+   - ✅ Centralized user management - tidak perlu manage user di multiple tempat
+   - ✅ Group-based access control - bisa assign share berdasarkan AD groups
+   - ✅ Enterprise-ready - sesuai dengan best practices enterprise storage
+   - ✅ Audit trail yang lebih baik - semua akses ter-track di AD
+
+## Rekomendasi Implementasi
+
+### Phase 1: LDAP/AD Configuration Support (Priority: High)
+
+**1. Tambahkan Configuration Model:**
+```go
+// internal/models/config.go
+type LDAPConfig struct {
+    Enabled     bool   `json:"enabled"`
+    Type        string `json:"type"`        // "ldap" or "ad"
+    Server      string `json:"server"`      // LDAP/AD server FQDN or IP
+    BaseDN      string `json:"base_dn"`     // Base DN for searches
+    BindDN      string `json:"bind_dn"`     // Service account DN
+    BindPassword string `json:"bind_password"` // Service account password
+    UserDN      string `json:"user_dn"`     // User DN template (e.g., "CN=Users,DC=example,DC=com")
+    GroupDN     string `json:"group_dn"`    // Group DN template
+    Realm       string `json:"realm"`       // AD realm (e.g., "EXAMPLE.COM")
+    Workgroup   string `json:"workgroup"`  // Workgroup name
+}
+```
+
+**2. Update SMB Service untuk Support LDAP/AD:**
+```go
+// internal/services/smb.go
+func (s *SMBService) generateConfig(shares []models.SMBShare, ldapConfig *models.LDAPConfig) (string, error) {
+    var b strings.Builder
+    
+    b.WriteString("[global]\n")
+    b.WriteString("  server string = AtlasOS Storage Server\n")
+    b.WriteString("  dns proxy = no\n")
+    
+    if ldapConfig != nil && ldapConfig.Enabled {
+        if ldapConfig.Type == "ad" {
+            // Active Directory mode
+            b.WriteString("  security = ads\n")
+            b.WriteString(fmt.Sprintf("  realm = %s\n", ldapConfig.Realm))
+            b.WriteString(fmt.Sprintf("  workgroup = %s\n", ldapConfig.Workgroup))
+            b.WriteString("  idmap config * : backend = tdb\n")
+            b.WriteString("  idmap config * : range = 10000-20000\n")
+            b.WriteString("  winbind enum users = yes\n")
+            b.WriteString("  winbind enum groups = yes\n")
+        } else {
+            // LDAP mode
+            b.WriteString("  security = user\n")
+            b.WriteString("  passdb backend = ldapsam:ldap://" + ldapConfig.Server + "\n")
+            b.WriteString(fmt.Sprintf("  ldap admin dn = %s\n", ldapConfig.BindDN))
+            b.WriteString(fmt.Sprintf("  ldap suffix = %s\n", ldapConfig.BaseDN))
+            b.WriteString(fmt.Sprintf("  ldap user suffix = %s\n", ldapConfig.UserDN))
+            b.WriteString(fmt.Sprintf("  ldap group suffix = %s\n", ldapConfig.GroupDN))
+        }
+    } else {
+        // Default: user mode (current implementation)
+        b.WriteString("  security = user\n")
+        b.WriteString("  map to guest = Bad User\n")
+    }
+    
+    // ... rest of share configuration
+}
+```
+
+**3. Tambahkan API Endpoints untuk LDAP/AD Config:**
+```go
+// internal/httpapp/api_handlers.go
+// GET /api/v1/config/ldap - Get LDAP/AD configuration
+// PUT /api/v1/config/ldap - Update LDAP/AD configuration
+// POST /api/v1/config/ldap/test - Test LDAP/AD connection
+```
+
+### Phase 2: User Sync & Group Support (Priority: Medium)
+
+**1. LDAP/AD User Sync Service:**
+```go
+// internal/services/ldap.go
+type LDAPService struct {
+    config *models.LDAPConfig
+    conn   *ldap.Conn
+}
+
+func (s *LDAPService) SyncUsers() ([]LDAPUser, error) {
+    // Query LDAP/AD untuk get users
+    // Return list of users dengan attributes
+}
+
+func (s *LDAPService) SyncGroups() ([]LDAPGroup, error) {
+    // Query LDAP/AD untuk get groups
+    // Return list of groups dengan members
+}
+
+func (s *LDAPService) Authenticate(username, password string) (*LDAPUser, error) {
+    // Authenticate user against LDAP/AD
+}
+```
+
+**2. Update SMB Share Model untuk Support Groups:**
+```go
+// internal/models/storage.go
+type SMBShare struct {
+    // ... existing fields
+    ValidUsers  []string `json:"valid_users"`   // Username list
+    ValidGroups []string `json:"valid_groups"`   // Group name list (NEW)
+}
+```
+
+**3. Update Samba Config untuk Support Groups:**
+```go
+if len(share.ValidUsers) > 0 {
+    b.WriteString(fmt.Sprintf("  valid users = %s\n", strings.Join(share.ValidUsers, ", ")))
+}
+if len(share.ValidGroups) > 0 {
+    b.WriteString(fmt.Sprintf("  valid groups = %s\n", strings.Join(share.ValidGroups, ", ")))
+}
+```
+
+### Phase 3: UI Integration (Priority: Medium)
+
+**1. LDAP/AD Configuration Page:**
+- Form untuk configure LDAP/AD connection
+- Test connection button
+- Display sync status
+- Manual sync button
+
+**2. Update SMB Share Creation UI:**
+- Dropdown untuk select users dari LDAP/AD (bukan manual input)
+- Dropdown untuk select groups dari LDAP/AD
+- Auto-complete untuk username/group search
+
+## Implementation Steps
+
+### Step 1: Add LDAP Library Dependency
+```bash
+go get github.com/go-ldap/ldap/v3
+```
+
+### Step 2: Create LDAP Service
+- Implement `internal/services/ldap.go`
+- Support both LDAP and AD protocols
+- Handle connection, authentication, and queries
+
+### Step 3: Update SMB Service
+- Modify `generateConfig()` to accept LDAP config
+- Support both `security = ads` and `passdb backend = ldapsam`
+
+### Step 4: Add Configuration Storage
+- Store LDAP/AD config (encrypted password)
+- Add API endpoints for config management
+
+### Step 5: Update UI
+- Add LDAP/AD configuration page
+- Update SMB share creation form
+- Add user/group selector with LDAP/AD integration
+
+## Dependencies & Requirements
+
+### System Packages:
+```bash
+# For AD integration
+sudo apt-get install winbind libnss-winbind libpam-winbind krb5-user
+
+# For LDAP integration
+sudo apt-get install libnss-ldap libpam-ldap ldap-utils
+
+# Samba packages (should already be installed)
+sudo apt-get install samba samba-common-bin
+```
+
+### Go Dependencies:
+```go
+// go.mod
+require (
+    github.com/go-ldap/ldap/v3 v3.4.6
+)
+```
+
+## Security Considerations
+
+1. **Password Storage:**
+   - Encrypt LDAP bind password di storage
+   - Use environment variables atau secret management untuk production
+
+2. **TLS/SSL:**
+   - Always use `ldaps://` (LDAP over TLS) untuk production
+   - Support certificate validation
+
+3. **Service Account:**
+   - Use dedicated service account dengan minimal permissions
+   - Read-only access untuk user/group queries
+
+4. **Network Security:**
+   - Firewall rules untuk LDAP/AD ports (389, 636, 88, 445)
+   - Consider VPN atau private network untuk LDAP/AD server
+
+## Testing Strategy
+
+1. **Unit Tests:**
+   - LDAP connection handling
+   - User/group query parsing
+   - Samba config generation dengan LDAP/AD
+
+2. **Integration Tests:**
+   - Test dengan LDAP server (OpenLDAP)
+   - Test dengan AD server (Windows Server atau Samba AD)
+   - Test user authentication flow
+
+3. **Manual Testing:**
+   - Create SMB share dengan AD user
+   - Create SMB share dengan AD group
+   - Test access dari Windows client
+   - Test access dari Linux client
+
+## Migration Path
+
+### For Existing Installations:
+
+1. **Backward Compatibility:**
+   - Keep support untuk `security = user` mode
+   - Existing shares tetap berfungsi
+   - LDAP/AD adalah optional enhancement
+
+2. **Gradual Migration:**
+   - Admin bisa enable LDAP/AD secara gradual
+   - Test dengan non-production shares dulu
+   - Migrate user-by-user atau group-by-group
+
+## Estimated Effort
+
+- **Phase 1 (LDAP/AD Config):** 2-3 days
+- **Phase 2 (User Sync & Groups):** 3-4 days
+- **Phase 3 (UI Integration):** 2-3 days
+- **Testing & Documentation:** 2-3 days
+
+**Total: ~10-13 days** untuk full LDAP/AD integration
+
+## Alternative: Hybrid Approach
+
+Jika full LDAP/AD integration terlalu kompleks untuk sekarang, bisa implement **hybrid approach**:
+
+1. **Keep current `security = user` mode**
+2. **Add manual user import from LDAP/AD:**
+   - Admin bisa sync users dari LDAP/AD ke local Samba
+   - Users tetap di-manage di Samba, tapi source of truth adalah LDAP/AD
+   - Periodic sync job untuk update users
+
+3. **Benefits:**
+   - Simpler implementation
+   - No need untuk complex Samba AD join
+   - Still provides centralized user management
+
+## Conclusion
+
+✅ **LDAP/AD integration sangat feasible dan recommended untuk enterprise storage solution**
+
+**Recommended Approach:**
+1. Start dengan **Phase 1** (LDAP/AD config support)
+2. Test dengan environment development
+3. Gradually implement Phase 2 dan 3
+4. Consider hybrid approach jika full integration terlalu complex
+
+**Priority:**
+- High untuk enterprise customers yang sudah punya AD/LDAP infrastructure
+- Medium untuk SMB customers yang mungkin belum punya AD/LDAP
+

go.mod

@@ -4,7 +4,9 @@ go 1.24.4
 
 require (
 	github.com/golang-jwt/jwt/v5 v5.3.0
+	github.com/lib/pq v1.10.9
 	golang.org/x/crypto v0.46.0
+	modernc.org/sqlite v1.40.1
 )
 
 require (
@@ -18,5 +20,4 @@ require (
 	modernc.org/libc v1.66.10 // indirect
 	modernc.org/mathutil v1.7.1 // indirect
 	modernc.org/memory v1.11.0 // indirect
-	modernc.org/sqlite v1.40.1 // indirect
 )

go.sum

@@ -2,8 +2,12 @@ github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkp
 github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
 github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
 github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
+github.com/google/pprof v0.0.0-20250317173921-a4b03ec1a45e h1:ijClszYn+mADRFY17kjQEVQ1XRhq2/JR1M3sGqeJoxs=
+github.com/google/pprof v0.0.0-20250317173921-a4b03ec1a45e/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
+github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
 github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
 github.com/ncruces/go-strftime v0.1.9 h1:bY0MQC28UADQmHmaF5dgpLmImcShSi2kHU9XLdhx/f4=
@@ -14,14 +18,38 @@ golang.org/x/crypto v0.46.0 h1:cKRW/pmt1pKAfetfu+RCEvjvZkA9RimPbh7bhFjGVBU=
 golang.org/x/crypto v0.46.0/go.mod h1:Evb/oLKmMraqjZ2iQTwDwvCtJkczlDuTmdJXoZVzqU0=
 golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b h1:M2rDM6z3Fhozi9O7NWsxAkg/yqS/lQJ6PmkyIV3YP+o=
 golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b/go.mod h1:3//PLf8L/X+8b4vuAfHzxeRUl04Adcb341+IGKfnqS8=
+golang.org/x/mod v0.27.0 h1:kb+q2PyFnEADO2IEF935ehFUXlWiNjJWtRNgBLSfbxQ=
+golang.org/x/mod v0.27.0/go.mod h1:rWI627Fq0DEoudcK+MBkNkCe0EetEaDSwJJkCcjpazc=
+golang.org/x/sync v0.16.0 h1:ycBJEhp9p4vXvUZNszeOq0kGTPghopOL8q0fq3vstxw=
+golang.org/x/sync v0.16.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk=
 golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
+golang.org/x/tools v0.36.0 h1:kWS0uv/zsvHEle1LbV5LE8QujrxB3wfQyxHfhOk0Qkg=
+golang.org/x/tools v0.36.0/go.mod h1:WBDiHKJK8YgLHlcQPYQzNCkUxUypCaa5ZegCVutKm+s=
+modernc.org/cc/v4 v4.26.5 h1:xM3bX7Mve6G8K8b+T11ReenJOT+BmVqQj0FY5T4+5Y4=
+modernc.org/cc/v4 v4.26.5/go.mod h1:uVtb5OGqUKpoLWhqwNQo/8LwvoiEBLvZXIQ/SmO6mL0=
+modernc.org/ccgo/v4 v4.28.1 h1:wPKYn5EC/mYTqBO373jKjvX2n+3+aK7+sICCv4Fjy1A=
+modernc.org/ccgo/v4 v4.28.1/go.mod h1:uD+4RnfrVgE6ec9NGguUNdhqzNIeeomeXf6CL0GTE5Q=
+modernc.org/fileutil v1.3.40 h1:ZGMswMNc9JOCrcrakF1HrvmergNLAmxOPjizirpfqBA=
+modernc.org/fileutil v1.3.40/go.mod h1:HxmghZSZVAz/LXcMNwZPA/DRrQZEVP9VX0V4LQGQFOc=
+modernc.org/gc/v2 v2.6.5 h1:nyqdV8q46KvTpZlsw66kWqwXRHdjIlJOhG6kxiV/9xI=
+modernc.org/gc/v2 v2.6.5/go.mod h1:YgIahr1ypgfe7chRuJi2gD7DBQiKSLMPgBQe9oIiito=
+modernc.org/goabi0 v0.2.0 h1:HvEowk7LxcPd0eq6mVOAEMai46V+i7Jrj13t4AzuNks=
+modernc.org/goabi0 v0.2.0/go.mod h1:CEFRnnJhKvWT1c1JTI3Avm+tgOWbkOu5oPA8eH8LnMI=
 modernc.org/libc v1.66.10 h1:yZkb3YeLx4oynyR+iUsXsybsX4Ubx7MQlSYEw4yj59A=
 modernc.org/libc v1.66.10/go.mod h1:8vGSEwvoUoltr4dlywvHqjtAqHBaw0j1jI7iFBTAr2I=
 modernc.org/mathutil v1.7.1 h1:GCZVGXdaN8gTqB1Mf/usp1Y/hSqgI2vAGGP4jZMCxOU=
 modernc.org/mathutil v1.7.1/go.mod h1:4p5IwJITfppl0G4sUEDtCr4DthTaT47/N3aT6MhfgJg=
 modernc.org/memory v1.11.0 h1:o4QC8aMQzmcwCK3t3Ux/ZHmwFPzE6hf2Y5LbkRs+hbI=
 modernc.org/memory v1.11.0/go.mod h1:/JP4VbVC+K5sU2wZi9bHoq2MAkCnrt2r98UGeSK7Mjw=
+modernc.org/opt v0.1.4 h1:2kNGMRiUjrp4LcaPuLY2PzUfqM/w9N23quVwhKt5Qm8=
+modernc.org/opt v0.1.4/go.mod h1:03fq9lsNfvkYSfxrfUhZCWPk1lm4cq4N+Bh//bEtgns=
+modernc.org/sortutil v1.2.1 h1:+xyoGf15mM3NMlPDnFqrteY07klSFxLElE2PVuWIJ7w=
+modernc.org/sortutil v1.2.1/go.mod h1:7ZI3a3REbai7gzCLcotuw9AC4VZVpYMjDzETGsSMqJE=
 modernc.org/sqlite v1.40.1 h1:VfuXcxcUWWKRBuP8+BR9L7VnmusMgBNNnBYGEe9w/iY=
 modernc.org/sqlite v1.40.1/go.mod h1:9fjQZ0mB1LLP0GYrp39oOJXx/I2sxEnZtzCmEQIKvGE=
+modernc.org/strutil v1.2.1 h1:UneZBkQA+DX2Rp35KcM69cSsNES9ly8mQWD71HKlOA0=
+modernc.org/strutil v1.2.1/go.mod h1:EHkiggD70koQxjVdSBM3JKM7k6L0FbGE5eymy9i3B9A=
+modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=
+modernc.org/token v1.1.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=

installer/README.md

@@ -0,0 +1,51 @@
+# AtlasOS Installer
+
+This directory contains installation scripts for AtlasOS on Ubuntu 24.04.
+
+## Files
+
+- **`install.sh`** - Main installation script
+- **`bundle-downloader.sh`** - Downloads all packages for airgap installation
+- **`README.md`** - This file
+
+## Quick Start
+
+### Standard Installation (with internet)
+
+```bash
+# From repository root
+sudo ./installer/install.sh
+```
+
+### Airgap Installation (offline)
+
+**Step 1: Download bundle (on internet-connected system)**
+```bash
+sudo ./installer/bundle-downloader.sh ./atlas-bundle
+```
+
+**Step 2: Transfer bundle to airgap system**
+
+**Step 3: Install on airgap system**
+```bash
+sudo ./installer/install.sh --offline-bundle /path/to/atlas-bundle
+```
+
+## Options
+
+See help for all options:
+```bash
+sudo ./installer/install.sh --help
+```
+
+## Documentation
+
+- **Installation Guide**: `../docs/INSTALLATION.md`
+- **Airgap Installation**: `../docs/AIRGAP_INSTALLATION.md`
+
+## Requirements
+
+- Ubuntu 24.04 (Noble Numbat)
+- Root/sudo access
+- Internet connection (for standard installation)
+- Or offline bundle (for airgap installation)

installer/atlas-bundle-ubuntu24.04/MANIFEST.txt

@@ -0,0 +1,34 @@
+AtlasOS Bundle for Ubuntu 24.04 (Noble Numbat)
+Generated: 2025-12-15 14:23:10 UTC
+Packages: 21 main packages + dependencies
+
+Main Packages:
+build-essential
+git
+curl
+wget
+ca-certificates
+software-properties-common
+apt-transport-https
+zfsutils-linux
+zfs-zed
+zfs-initramfs
+samba
+samba-common-bin
+nfs-kernel-server
+rpcbind
+targetcli-fb
+sqlite3
+libsqlite3-dev
+golang-go
+openssl
+net-tools
+iproute2
+
+Total .deb files: 326
+
+Installation Instructions:
+1. Transfer this entire directory to your airgap system
+2. Run: sudo ./installer/install.sh --offline-bundle "/app/atlas/installer/atlas-bundle-ubuntu24.04"
+
+Note: Ensure all .deb files are present before transferring

installer/atlas-bundle-ubuntu24.04/README.md

@@ -0,0 +1,42 @@
+# AtlasOS Offline Bundle for Ubuntu 24.04
+
+This bundle contains all required packages and dependencies for installing AtlasOS on an airgap (offline) Ubuntu 24.04 system.
+
+## Contents
+
+- All required .deb packages with dependencies
+- Go binary (fallback, if needed)
+- Installation manifest
+
+## Usage
+
+1. Transfer this entire directory to your airgap system
+2. On the airgap system, run:
+   ```bash
+   sudo ./installer/install.sh --offline-bundle /path/to/this/directory
+   ```
+
+## Bundle Size
+
+The bundle typically contains:
+- ~100-200 .deb packages (including dependencies)
+- Total size: ~500MB - 1GB (depending on architecture)
+
+## Verification
+
+Before transferring, verify the bundle:
+```bash
+# Count .deb files
+find . -name "*.deb" | wc -l
+
+# Check manifest
+cat MANIFEST.txt
+```
+
+## Troubleshooting
+
+If installation fails:
+1. Check that all .deb files are present
+2. Verify you're on Ubuntu 24.04
+3. Check disk space (need at least 2GB free)
+4. Review installation logs