diff --git a/package/secubox/secubox-app-crowdsec/Makefile b/package/secubox/secubox-app-crowdsec/Makefile index 6e1b81e7..887957f1 100644 --- a/package/secubox/secubox-app-crowdsec/Makefile +++ b/package/secubox/secubox-app-crowdsec/Makefile @@ -42,7 +42,86 @@ GO_PKG_LDFLAGS_X:=$(CWD_VERSION_PKG).Version=$(CWD_BUILD_VERSION) \ $(CWD_VERSION_PKG).GoVersion=$(CWD_BUILD_GOVERSION) include $(INCLUDE_DIR)/package.mk -include ../../lang/golang/golang-package.mk +include $(TOPDIR)/feeds/packages/lang/golang/golang-package.mk + +# Keep Go in module mode so it honors our local replacements. +GO_MOD_ARGS+=-mod=mod + +CWD_GO_CSLIB_VERSION:=v0.0.24 +CWD_GO_VENDOR_ROOT:=secubox-vendor +CWD_GO_VENDOR_MODULES:= \ + github.com/crowdsecurity/go-cs-lib@$(CWD_GO_CSLIB_VERSION) \ + github.com/crowdsecurity/time@v0.13.0-crowdsec.20250912 \ + github.com/moby/moby/api@v1.52.1-0.20251116162601-e9ff10bf365a \ + github.com/moby/moby/client@v0.1.1-0.20251116162601-e9ff10bf365a \ + golang.org/x/crypto@v0.42.0 \ + golang.org/x/mod@v0.28.0 \ + golang.org/x/net@v0.44.0 \ + golang.org/x/sync@v0.17.0 \ + golang.org/x/sys@v0.37.0 \ + golang.org/x/term@v0.35.0 \ + golang.org/x/text@v0.29.0 \ + golang.org/x/tools@v0.37.0 \ + golang.org/x/telemetry@v0.0.0-20250908211612-aef8a434d053 + +define CWD/EnsureModuleSource + if [ ! -d "$(DL_DIR)/go-mod-cache/$(1)@$(2)" ]; then \ + $(INSTALL_DIR) "$(DL_DIR)/go-mod-cache/cache/download/$(1)/@v"; \ + wget -q -O "$(DL_DIR)/go-mod-cache/cache/download/$(1)/@v/$(2).zip" \ + "https://proxy.golang.org/$(1)/@v/$(2).zip"; \ + unzip -q -d "$(DL_DIR)/go-mod-cache" \ + "$(DL_DIR)/go-mod-cache/cache/download/$(1)/@v/$(2).zip"; \ + fi +endef + +define CWD/StageVendorModule + $(call CWD/EnsureModuleSource,$(1),$(2)) + rm -rf $(PKG_BUILD_DIR)/$(CWD_GO_VENDOR_ROOT)/$(1) + $(INSTALL_DIR) $(PKG_BUILD_DIR)/$(CWD_GO_VENDOR_ROOT)/$(1) + $(CP) \ + $(DL_DIR)/go-mod-cache/$(1)@$(2)/. \ + $(PKG_BUILD_DIR)/$(CWD_GO_VENDOR_ROOT)/$(1)/ + if [ -f $(PKG_BUILD_DIR)/$(CWD_GO_VENDOR_ROOT)/$(1)/go.mod ]; then \ + $(SED) 's,^go 1\.[2-9][0-9]*.*,go 1.23,' \ + $(PKG_BUILD_DIR)/$(CWD_GO_VENDOR_ROOT)/$(1)/go.mod; \ + fi +endef + +define Build/Prepare + $(call Build/Prepare/Default) + # CrowdSec upstream requires Go 1.25+, but our SDK ships 1.23.x. + # Force the go.mod directive down so the stock toolchain can build it. + $(SED) 's,go 1\.[2-9][0-9]*.*,go 1.23,' $(PKG_BUILD_DIR)/go.mod + # Stage Go modules that require newer compilers so we can pin them locally and drop their go directive. + $(call CWD/StageVendorModule,github.com/crowdsecurity/go-cs-lib,$(CWD_GO_CSLIB_VERSION)) + $(call CWD/StageVendorModule,github.com/crowdsecurity/time,v0.13.0-crowdsec.20250912) + $(call CWD/StageVendorModule,github.com/moby/moby/api,v1.52.1-0.20251116162601-e9ff10bf365a) + $(call CWD/StageVendorModule,github.com/moby/moby/client,v0.1.1-0.20251116162601-e9ff10bf365a) + $(call CWD/StageVendorModule,golang.org/x/crypto,v0.42.0) + $(call CWD/StageVendorModule,golang.org/x/mod,v0.28.0) + $(call CWD/StageVendorModule,golang.org/x/net,v0.44.0) + $(call CWD/StageVendorModule,golang.org/x/sync,v0.17.0) + $(call CWD/StageVendorModule,golang.org/x/sys,v0.37.0) + $(call CWD/StageVendorModule,golang.org/x/term,v0.35.0) + $(call CWD/StageVendorModule,golang.org/x/text,v0.29.0) + $(call CWD/StageVendorModule,golang.org/x/tools,v0.37.0) + $(call CWD/StageVendorModule,golang.org/x/telemetry,v0.0.0-20250908211612-aef8a434d053) + $(SED) 's@for line := range strings.SplitSeq@for _, line := range strings.SplitSeq@g' \ + $(PKG_BUILD_DIR)/pkg/appsec/appsec_rules_collection.go + $(SED) 's@for f := range strings.SplitSeq@for _, f := range strings.SplitSeq@g' \ + $(PKG_BUILD_DIR)/pkg/parser/runtime.go + $(SED) 's,strings.SplitSeq,strings.Split,g' \ + $(PKG_BUILD_DIR)/pkg/appsec/appsec_rules_collection.go + $(SED) 's,strings.SplitSeq,strings.Split,g' \ + $(PKG_BUILD_DIR)/pkg/parser/runtime.go + + $(SED) 's@for line := range strings.SplitSeq(description, "\\n") {@for _, line := range strings.Split(description, "\\n") {@g' \ + $(PKG_BUILD_DIR)/$(CWD_GO_VENDOR_ROOT)/golang.org/x/tools/internal/mcp/generate.go + $(SED) 's@for field := range strings.FieldsSeq(line) {@for _, field := range strings.Fields(line) {@g' \ + $(PKG_BUILD_DIR)/$(CWD_GO_VENDOR_ROOT)/golang.org/x/tools/internal/mcp/generate.go + $(SED) 's@for line := range strings.SplitSeq(stdout.String(), "\\n") {@for _, line := range strings.Split(stdout.String(), "\\n") {@g' \ + $(PKG_BUILD_DIR)/$(CWD_GO_VENDOR_ROOT)/golang.org/x/tools/internal/stdlib/generate.go +endef define Package/crowdsec/Default SECTION:=net diff --git a/package/secubox/secubox-app-crowdsec/patches/002-use-vendored-go-cs-lib.patch b/package/secubox/secubox-app-crowdsec/patches/002-use-vendored-go-cs-lib.patch new file mode 100644 index 00000000..12f2b088 --- /dev/null +++ b/package/secubox/secubox-app-crowdsec/patches/002-use-vendored-go-cs-lib.patch @@ -0,0 +1,19 @@ +--- a/go.mod ++++ b/go.mod +@@ -257,3 +257,13 @@ replace golang.org/x/time => github.com/crowdsecurity/time v0.13.0-crowdsec.2025 +-replace golang.org/x/time => github.com/crowdsecurity/time v0.13.0-crowdsec.20250912 +- +-replace github.com/corazawaf/coraza/v3 => github.com/crowdsecurity/coraza/v3 v3.3.3-crowdsec.20251113 ++replace golang.org/x/time => ./secubox-vendor/github.com/crowdsecurity/time ++ ++replace github.com/corazawaf/coraza/v3 => github.com/crowdsecurity/coraza/v3 v3.3.3-crowdsec.20251113 ++replace github.com/crowdsecurity/go-cs-lib => ./secubox-vendor/github.com/crowdsecurity/go-cs-lib ++replace github.com/moby/moby/api => ./secubox-vendor/github.com/moby/moby/api ++replace github.com/moby/moby/client => ./secubox-vendor/github.com/moby/moby/client ++replace golang.org/x/crypto => ./secubox-vendor/golang.org/x/crypto ++replace golang.org/x/mod => ./secubox-vendor/golang.org/x/mod ++replace golang.org/x/net => ./secubox-vendor/golang.org/x/net ++replace golang.org/x/sync => ./secubox-vendor/golang.org/x/sync ++replace golang.org/x/sys => ./secubox-vendor/golang.org/x/sys ++replace golang.org/x/term => ./secubox-vendor/golang.org/x/term ++replace golang.org/x/text => ./secubox-vendor/golang.org/x/text diff --git a/package/secubox/secubox-app-crowdsec/patches/003-add-x-tools-replace.patch b/package/secubox/secubox-app-crowdsec/patches/003-add-x-tools-replace.patch new file mode 100644 index 00000000..fa4aee60 --- /dev/null +++ b/package/secubox/secubox-app-crowdsec/patches/003-add-x-tools-replace.patch @@ -0,0 +1,6 @@ +--- a/go.mod ++++ b/go.mod +@@ -269,1 +269,3 @@ + replace golang.org/x/text => ./secubox-vendor/golang.org/x/text ++replace golang.org/x/tools => ./secubox-vendor/golang.org/x/tools ++replace golang.org/x/telemetry => ./secubox-vendor/golang.org/x/telemetry diff --git a/package/secubox/netifyd/BUILD-INSTRUCTIONS.md b/package/secubox/secubox-app-netifyd/BUILD-INSTRUCTIONS.md similarity index 94% rename from package/secubox/netifyd/BUILD-INSTRUCTIONS.md rename to package/secubox/secubox-app-netifyd/BUILD-INSTRUCTIONS.md index 05af4b67..4512f730 100644 --- a/package/secubox/netifyd/BUILD-INSTRUCTIONS.md +++ b/package/secubox/secubox-app-netifyd/BUILD-INSTRUCTIONS.md @@ -7,7 +7,7 @@ Complete build instructions for integrating official Netifyd 5.2.1 into SecuBox ## Package Structure ``` -package/secubox/netifyd/ +package/secubox/secubox-app-netifyd/ ├── Makefile # OpenWrt package Makefile ├── Config.in # Package configuration options ├── README.md # Package documentation @@ -64,7 +64,7 @@ sudo apt-get install -y \ ### Option 1: Automated Build Test ```bash -cd /path/to/secubox-openwrt/package/secubox/netifyd +cd /path/to/secubox-openwrt/package/secubox/secubox-app-netifyd ./test-build.sh ``` @@ -94,10 +94,10 @@ make menuconfig # SecuBox > <*> luci-app-secubox-netifyd # 4. Download source -make package/secubox/netifyd/download V=s +make package/secubox/secubox-app-netifyd/download V=s # 5. Build package -make package/secubox/netifyd/compile V=s +make package/secubox/secubox-app-netifyd/compile V=s # 6. Build LuCI app make package/secubox/luci-app-secubox-netifyd/compile V=s @@ -151,7 +151,7 @@ make download V=s make toolchain/compile V=s # Build netifyd package -make package/secubox/netifyd/compile V=s +make package/secubox/secubox-app-netifyd/compile V=s # Build LuCI app make package/secubox/luci-app-secubox-netifyd/compile V=s @@ -289,8 +289,8 @@ cd .. ```bash # Clean and retry -make package/secubox/netifyd/clean -make package/secubox/netifyd/compile V=s 2>&1 | tee build.log +make package/secubox/secubox-app-netifyd/clean +make package/secubox/secubox-app-netifyd/compile V=s 2>&1 | tee build.log # Check build.log for errors @@ -360,7 +360,7 @@ for arch in $TARGET_ARCHS; do echo "Building for $arch..." make clean # Set target in menuconfig first - make package/secubox/netifyd/compile V=s + make package/secubox/secubox-app-netifyd/compile V=s mkdir -p releases/$arch cp bin/packages/*/secubox/netifyd_*.ipk releases/$arch/ done @@ -370,7 +370,7 @@ done ```bash # Build all packages -make package/secubox/netifyd/compile V=s +make package/secubox/secubox-app-netifyd/compile V=s make package/secubox/luci-app-secubox-netifyd/compile V=s # Create release directory @@ -409,7 +409,7 @@ jobs: sudo apt-get install -y build-essential ... - name: Build package run: | - cd package/secubox/netifyd + cd package/secubox/secubox-app-netifyd ./test-build.sh - name: Upload artifacts uses: actions/upload-artifact@v3 diff --git a/package/secubox/netifyd/BUILDROOT-BUILD.md b/package/secubox/secubox-app-netifyd/BUILDROOT-BUILD.md similarity index 100% rename from package/secubox/netifyd/BUILDROOT-BUILD.md rename to package/secubox/secubox-app-netifyd/BUILDROOT-BUILD.md diff --git a/package/secubox/netifyd/Config.in b/package/secubox/secubox-app-netifyd/Config.in similarity index 100% rename from package/secubox/netifyd/Config.in rename to package/secubox/secubox-app-netifyd/Config.in diff --git a/package/secubox/netifyd/INTEGRATION.md b/package/secubox/secubox-app-netifyd/INTEGRATION.md similarity index 97% rename from package/secubox/netifyd/INTEGRATION.md rename to package/secubox/secubox-app-netifyd/INTEGRATION.md index 7ce36587..b6f57cf9 100644 --- a/package/secubox/netifyd/INTEGRATION.md +++ b/package/secubox/secubox-app-netifyd/INTEGRATION.md @@ -9,7 +9,7 @@ cd /path/to/secubox-openwrt # Build netifyd -make package/secubox/netifyd/compile V=s +make package/secubox/secubox-app-netifyd/compile V=s # Build LuCI app make package/secubox/luci-app-secubox-netifyd/compile V=s @@ -261,8 +261,8 @@ echo "Devices: $DEVICES" ```bash # Build new version -make package/secubox/netifyd/clean -make package/secubox/netifyd/compile V=s +make package/secubox/secubox-app-netifyd/clean +make package/secubox/secubox-app-netifyd/compile V=s # Install on device opkg remove netifyd diff --git a/package/secubox/netifyd/Makefile b/package/secubox/secubox-app-netifyd/Makefile similarity index 100% rename from package/secubox/netifyd/Makefile rename to package/secubox/secubox-app-netifyd/Makefile diff --git a/package/secubox/netifyd/README.md b/package/secubox/secubox-app-netifyd/README.md similarity index 98% rename from package/secubox/netifyd/README.md rename to package/secubox/secubox-app-netifyd/README.md index 8f398767..de2ade73 100644 --- a/package/secubox/netifyd/README.md +++ b/package/secubox/secubox-app-netifyd/README.md @@ -51,7 +51,7 @@ make menuconfig # Select: or <*> # Build package -make package/secubox/netifyd/compile V=s +make package/secubox/secubox-app-netifyd/compile V=s # Package will be in: bin/packages/*/secubox/netifyd_5.2.1-1_*.ipk ``` @@ -404,7 +404,7 @@ PKG_VERSION:=5.x.x PKG_HASH:= # Rebuild -make package/secubox/netifyd/{clean,compile} +make package/secubox/secubox-app-netifyd/{clean,compile} ``` ## Support diff --git a/package/secubox/netifyd/SDK-LIMITATION.md b/package/secubox/secubox-app-netifyd/SDK-LIMITATION.md similarity index 100% rename from package/secubox/netifyd/SDK-LIMITATION.md rename to package/secubox/secubox-app-netifyd/SDK-LIMITATION.md diff --git a/package/secubox/netifyd/files/functions.sh b/package/secubox/secubox-app-netifyd/files/functions.sh similarity index 100% rename from package/secubox/netifyd/files/functions.sh rename to package/secubox/secubox-app-netifyd/files/functions.sh diff --git a/package/secubox/netifyd/files/netifyd.config b/package/secubox/secubox-app-netifyd/files/netifyd.config similarity index 100% rename from package/secubox/netifyd/files/netifyd.config rename to package/secubox/secubox-app-netifyd/files/netifyd.config diff --git a/package/secubox/netifyd/files/netifyd.init b/package/secubox/secubox-app-netifyd/files/netifyd.init similarity index 100% rename from package/secubox/netifyd/files/netifyd.init rename to package/secubox/secubox-app-netifyd/files/netifyd.init diff --git a/package/secubox/netifyd/patches/001-fix-inline-static-maps.patch b/package/secubox/secubox-app-netifyd/patches/001-fix-inline-static-maps.patch similarity index 100% rename from package/secubox/netifyd/patches/001-fix-inline-static-maps.patch rename to package/secubox/secubox-app-netifyd/patches/001-fix-inline-static-maps.patch diff --git a/package/secubox/netifyd/patches/002-fix-ndpi-example-linking.patch b/package/secubox/secubox-app-netifyd/patches/002-fix-ndpi-example-linking.patch similarity index 100% rename from package/secubox/netifyd/patches/002-fix-ndpi-example-linking.patch rename to package/secubox/secubox-app-netifyd/patches/002-fix-ndpi-example-linking.patch diff --git a/package/secubox/netifyd/test-build.sh b/package/secubox/secubox-app-netifyd/test-build.sh similarity index 95% rename from package/secubox/netifyd/test-build.sh rename to package/secubox/secubox-app-netifyd/test-build.sh index 808322e8..a3c5ac99 100755 --- a/package/secubox/netifyd/test-build.sh +++ b/package/secubox/secubox-app-netifyd/test-build.sh @@ -79,7 +79,7 @@ fi echo "" echo "Step 5: Downloading source..." echo "================================" -make package/secubox/netifyd/download V=s +make package/secubox/secubox-app-netifyd/download V=s echo "" echo "Step 6: Checking source..." @@ -95,7 +95,7 @@ fi echo "" echo "Step 7: Cleaning previous build..." echo "================================" -make package/secubox/netifyd/clean V=s +make package/secubox/secubox-app-netifyd/clean V=s echo "" echo "Step 8: Building package..." @@ -103,7 +103,7 @@ echo "================================" echo "This may take several minutes..." echo "" -if make package/secubox/netifyd/compile V=s; then +if make package/secubox/secubox-app-netifyd/compile V=s; then echo "" echo "================================" echo "BUILD SUCCESSFUL!"