gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(mitmproxy): Fix HAProxy backend route sync for new-style UCI configs

Browse Source 
The sync-routes command was failing to generate routes for most vhosts due to:
- Subshell bug: pipe in while loop caused variable changes to be lost
- Only supported old-style backends (inline .server field)
- Did not support new-style backends with separate =server sections

Changes:
- Rewrite sync-routes to avoid subshell by using temp file
- Add support for both backend styles (inline and separate server sections)
- Use original_backend field when vhosts are in inspection mode
- Skip luci/fallback/mitmproxy_inspector backends in route generation

Now properly generates 13+ routes for HAProxy backend inspection.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
CyberMind-FR 2026-01-31 16:17:29 +01:00
parent 2b8d786a72
commit 0dd6b28d1a
5 changed files with 121 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

138
package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages
View File

@ -8,7 +8,7 @@ Architecture: all
Installed-Size: 71680
Description: Comprehensive authentication and session management with captive portal, OAuth2/OIDC integration, voucher system, and time-based access control
Filename: luci-app-auth-guardian_0.4.0-r3_all.ipk
Size: 12078
Size: 12079
Package: luci-app-bandwidth-manager
Version: 0.5.0-r2
@ -44,7 +44,7 @@ Architecture: all
Installed-Size: 307200
Description: Network Access Control with client monitoring, zone management, captive portal, parental controls, and SMS/email alerts
Filename: luci-app-client-guardian_0.4.0-r7_all.ipk
Size: 57044
Size: 57042
Package: luci-app-crowdsec-dashboard
Version: 0.7.0-r29
@ -56,7 +56,7 @@ Architecture: all
Installed-Size: 296960
Description: Real-time security monitoring dashboard for CrowdSec on OpenWrt
Filename: luci-app-crowdsec-dashboard_0.7.0-r29_all.ipk
Size: 55583
Size: 55585
Package: luci-app-cyberfeed
Version: 0.1.1-r1
@ -80,7 +80,7 @@ Architecture: all
Installed-Size: 153600
Description: LuCI SecuBox Service Exposure Manager
Filename: luci-app-exposure_1.0.0-r3_all.ipk
Size: 20535
Size: 20532
Package: luci-app-gitea
Version: 1.0.0-r2
@ -92,7 +92,7 @@ Architecture: all
Installed-Size: 92160
Description: Modern dashboard for Gitea Platform management on OpenWrt
Filename: luci-app-gitea_1.0.0-r2_all.ipk
Size: 15585
Size: 15584
Package: luci-app-glances
Version: 1.0.0-r2
@ -104,7 +104,7 @@ Architecture: all
Installed-Size: 40960
Description: Modern dashboard for Glances system monitoring with SecuBox theme
Filename: luci-app-glances_1.0.0-r2_all.ipk
Size: 6969
Size: 6967
Package: luci-app-haproxy
Version: 1.0.0-r8
@ -116,7 +116,7 @@ Architecture: all
Installed-Size: 204800
Description: Web interface for managing HAProxy load balancer with vhosts, SSL certificates, and backend routing
Filename: luci-app-haproxy_1.0.0-r8_all.ipk
Size: 34169
Size: 34166
Package: luci-app-hexojs
Version: 1.0.0-r3
@ -128,7 +128,7 @@ Architecture: all
Installed-Size: 215040
Description: Modern dashboard for Hexo static site generator on OpenWrt
Filename: luci-app-hexojs_1.0.0-r3_all.ipk
Size: 32976
Size: 32981
Package: luci-app-jitsi
Version: 1.0.0-r1
@ -140,7 +140,7 @@ Architecture: all
Installed-Size: 30720
Description: LuCI Jitsi Meet Configuration
Filename: luci-app-jitsi_1.0.0-r1_all.ipk
Size: 5135
Size: 5137
Package: luci-app-ksm-manager
Version: 0.4.0-r2
@ -152,7 +152,7 @@ Architecture: all
Installed-Size: 112640
Description: Centralized cryptographic key management with hardware security module (HSM) support for Nitrokey and YubiKey devices. Provides secure key storage, certificate management, SSH key handling, and secret storage with audit logging.
Filename: luci-app-ksm-manager_0.4.0-r2_all.ipk
Size: 18721
Size: 18720
Package: luci-app-localai
Version: 0.1.0-r15
@ -164,7 +164,7 @@ Architecture: all
Installed-Size: 81920
Description: Modern dashboard for LocalAI LLM management on OpenWrt
Filename: luci-app-localai_0.1.0-r15_all.ipk
Size: 14361
Size: 14362
Package: luci-app-lyrion
Version: 1.0.0-r1
@ -176,7 +176,7 @@ Architecture: all
Installed-Size: 40960
Description: LuCI support for Lyrion Music Server
Filename: luci-app-lyrion_1.0.0-r1_all.ipk
Size: 6726
Size: 6724
Package: luci-app-magicmirror2
Version: 0.4.0-r6
@ -188,7 +188,7 @@ Architecture: all
Installed-Size: 71680
Description: Modern dashboard for MagicMirror2 smart display platform with module manager and SecuBox theme
Filename: luci-app-magicmirror2_0.4.0-r6_all.ipk
Size: 12278
Size: 12273
Package: luci-app-mailinabox
Version: 1.0.0-r1
@ -200,7 +200,7 @@ Architecture: all
Installed-Size: 30720
Description: LuCI support for Mail-in-a-Box
Filename: luci-app-mailinabox_1.0.0-r1_all.ipk
Size: 5482
Size: 5480
Package: luci-app-media-flow
Version: 0.6.4-r1
@ -212,7 +212,7 @@ Architecture: all
Installed-Size: 102400
Description: Real-time detection and monitoring of streaming services (Netflix, YouTube, Spotify, etc.) with quality estimation, history tracking, and alerts. Supports nDPId local DPI and netifyd.
Filename: luci-app-media-flow_0.6.4-r1_all.ipk
Size: 19126
Size: 19113
Package: luci-app-metablogizer
Version: 1.0.0-r3
@ -224,7 +224,7 @@ Architecture: all
Installed-Size: 112640
Description: LuCI support for MetaBlogizer Static Site Publisher
Filename: luci-app-metablogizer_1.0.0-r3_all.ipk
Size: 23506
Size: 23503
Package: luci-app-metabolizer
Version: 1.0.0-r2
@ -236,7 +236,7 @@ Architecture: all
Installed-Size: 30720
Description: LuCI support for Metabolizer CMS
Filename: luci-app-metabolizer_1.0.0-r2_all.ipk
Size: 4760
Size: 4755
Package: luci-app-mitmproxy
Version: 0.5.0-r1
@ -245,10 +245,10 @@ License: Apache-2.0
Section: luci
Maintainer: OpenWrt LuCI community
Architecture: all
Installed-Size: 112640
Installed-Size: 51200
Description: Modern dashboard for mitmproxy HTTPS traffic inspection with SecuBox theme
Filename: luci-app-mitmproxy_0.5.0-r1_all.ipk
Size: 20408
Size: 8555
Package: luci-app-mmpm
Version: 0.2.0-r3
@ -260,7 +260,7 @@ Architecture: all
Installed-Size: 51200
Description: Web interface for MMPM - MagicMirror Package Manager
Filename: luci-app-mmpm_0.2.0-r3_all.ipk
Size: 7903
Size: 7902
Package: luci-app-mqtt-bridge
Version: 0.4.0-r4
@ -272,7 +272,7 @@ Architecture: all
Installed-Size: 122880
Description: USB-to-MQTT IoT hub with SecuBox theme
Filename: luci-app-mqtt-bridge_0.4.0-r4_all.ipk
Size: 22780
Size: 22777
Package: luci-app-ndpid
Version: 1.1.2-r2
@ -284,7 +284,7 @@ Architecture: all
Installed-Size: 122880
Description: Modern dashboard for nDPId deep packet inspection on OpenWrt
Filename: luci-app-ndpid_1.1.2-r2_all.ipk
Size: 22455
Size: 22454
Package: luci-app-netdata-dashboard
Version: 0.5.0-r2
@ -308,7 +308,7 @@ Architecture: all
Installed-Size: 307200
Description: Configure OpenWrt for different network modes: Sniffer, Access Point, Relay, Router
Filename: luci-app-network-modes_0.5.0-r3_all.ipk
Size: 55610
Size: 55609
Package: luci-app-network-tweaks
Version: 1.0.0-r7
@ -320,7 +320,7 @@ Architecture: all
Installed-Size: 81920
Description: Unified network services dashboard with DNS/hosts sync, CDN cache control, and WPAD auto-proxy configuration
Filename: luci-app-network-tweaks_1.0.0-r7_all.ipk
Size: 15461
Size: 15457
Package: luci-app-nextcloud
Version: 1.0.0-r1
@ -344,7 +344,7 @@ Architecture: all
Installed-Size: 71680
Description: Modern dashboard for Ollama LLM management on OpenWrt
Filename: luci-app-ollama_0.1.0-r1_all.ipk
Size: 11994
Size: 11993
Package: luci-app-picobrew
Version: 1.0.0-r1
@ -356,7 +356,7 @@ Architecture: all
Installed-Size: 51200
Description: Modern dashboard for PicoBrew Server management on OpenWrt
Filename: luci-app-picobrew_1.0.0-r1_all.ipk
Size: 9975
Size: 9979
Package: luci-app-secubox
Version: 0.7.1-r4
@ -368,7 +368,7 @@ Architecture: all
Installed-Size: 266240
Description: Central control hub for all SecuBox modules. Provides unified dashboard, module status, system health monitoring, and quick actions.
Filename: luci-app-secubox_0.7.1-r4_all.ipk
Size: 49902
Size: 49900
Package: luci-app-secubox-admin
Version: 1.0.0-r19
@ -379,7 +379,7 @@ Architecture: all
Installed-Size: 337920
Description: Unified admin control center for SecuBox appstore plugins with system monitoring
Filename: luci-app-secubox-admin_1.0.0-r19_all.ipk
Size: 57096
Size: 57097
Package: luci-app-secubox-crowdsec
Version: 1.0.0-r3
@ -391,7 +391,7 @@ Architecture: all
Installed-Size: 81920
Description: LuCI SecuBox CrowdSec Dashboard
Filename: luci-app-secubox-crowdsec_1.0.0-r3_all.ipk
Size: 13920
Size: 13919
Package: luci-app-secubox-netdiag
Version: 1.0.0-r1
@ -415,7 +415,7 @@ Architecture: all
Installed-Size: 215040
Description: Complete LuCI interface for netifyd DPI engine with real-time flow monitoring, application detection, network analytics, and flow action plugins
Filename: luci-app-secubox-netifyd_1.2.1-r1_all.ipk
Size: 39499
Size: 39498
Package: luci-app-secubox-p2p
Version: 0.1.0-r1
@ -427,7 +427,7 @@ Architecture: all
Installed-Size: 215040
Description: LuCI SecuBox P2P Hub
Filename: luci-app-secubox-p2p_0.1.0-r1_all.ipk
Size: 39256
Size: 39257
Package: luci-app-secubox-portal
Version: 0.7.0-r2
@ -439,7 +439,7 @@ Architecture: all
Installed-Size: 122880
Description: Unified entry point for all SecuBox applications with tabbed navigation
Filename: luci-app-secubox-portal_0.7.0-r2_all.ipk
Size: 24555
Size: 24554
Package: luci-app-secubox-security-threats
Version: 1.0.0-r4
@ -451,7 +451,7 @@ Architecture: all
Installed-Size: 71680
Description: Unified dashboard integrating netifyd DPI threats with CrowdSec intelligence for real-time threat monitoring and automated blocking
Filename: luci-app-secubox-security-threats_1.0.0-r4_all.ipk
Size: 13908
Size: 13906
Package: luci-app-service-registry
Version: 1.0.0-r1
@ -475,7 +475,7 @@ Architecture: all
Installed-Size: 122880
Description: Modern dashboard for Streamlit Platform management on OpenWrt
Filename: luci-app-streamlit_1.0.0-r9_all.ipk
Size: 20470
Size: 20469
Package: luci-app-system-hub
Version: 0.5.1-r4
@ -487,7 +487,7 @@ Architecture: all
Installed-Size: 358400
Description: Central system control with monitoring, services, logs, and backup
Filename: luci-app-system-hub_0.5.1-r4_all.ipk
Size: 66348
Size: 66347
Package: luci-app-tor-shield
Version: 1.0.0-r10
@ -499,7 +499,7 @@ Architecture: all
Installed-Size: 133120
Description: Modern dashboard for Tor anonymization on OpenWrt
Filename: luci-app-tor-shield_1.0.0-r10_all.ipk
Size: 24537
Size: 24532
Package: luci-app-traffic-shaper
Version: 0.4.0-r2
@ -511,7 +511,7 @@ Architecture: all
Installed-Size: 92160
Description: Advanced traffic shaping with TC/CAKE for precise bandwidth control
Filename: luci-app-traffic-shaper_0.4.0-r2_all.ipk
Size: 15637
Size: 15631
Package: luci-app-vhost-manager
Version: 0.5.0-r5
@ -523,7 +523,7 @@ Architecture: all
Installed-Size: 153600
Description: Nginx reverse proxy manager with Let's Encrypt SSL certificates, authentication, and WebSocket support
Filename: luci-app-vhost-manager_0.5.0-r5_all.ipk
Size: 26201
Size: 26198
Package: luci-app-wireguard-dashboard
Version: 0.7.0-r5
@ -535,7 +535,7 @@ Architecture: all
Installed-Size: 235520
Description: Modern dashboard for WireGuard VPN monitoring on OpenWrt
Filename: luci-app-wireguard-dashboard_0.7.0-r5_all.ipk
Size: 45371
Size: 45369
Package: luci-app-zigbee2mqtt
Version: 1.0.0-r2
@ -547,7 +547,7 @@ Architecture: all
Installed-Size: 40960
Description: Graphical interface for managing the Zigbee2MQTT docker application.
Filename: luci-app-zigbee2mqtt_1.0.0-r2_all.ipk
Size: 7091
Size: 7087
Package: luci-theme-secubox
Version: 0.4.7-r1
@ -559,7 +559,7 @@ Architecture: all
Installed-Size: 460800
Description: Global CyberMood design system (CSS/JS/i18n) shared by all SecuBox dashboards.
Filename: luci-theme-secubox_0.4.7-r1_all.ipk
Size: 111796
Size: 111794
Package: secubox-app
Version: 1.0.0-r2
@ -570,7 +570,7 @@ Installed-Size: 92160
Description: Command line helper for SecuBox App Store manifests. Installs /usr/sbin/secubox-app
and ships the default manifests under /usr/share/secubox/plugins/.
Filename: secubox-app_1.0.0-r2_all.ipk
Size: 11183
Size: 11181
Package: secubox-app-adguardhome
Version: 1.0.0-r2
@ -602,7 +602,7 @@ Description: Logs authentication failures from LuCI/rpcd and Dropbear SSH
- JavaScript hook to intercept login failures
- CrowdSec parser and bruteforce scenario
Filename: secubox-app-auth-logger_1.2.2-r1_all.ipk
Size: 9379
Size: 9376
Package: secubox-app-crowdsec-custom
Version: 1.1.0-r1
@ -625,7 +625,7 @@ Description: Custom CrowdSec configurations for SecuBox web interface protectio
- Webapp generic auth bruteforce protection
- Whitelist for trusted networks
Filename: secubox-app-crowdsec-custom_1.1.0-r1_all.ipk
Size: 5762
Size: 5759
Package: secubox-app-cs-firewall-bouncer
Version: 0.0.31-r4
@ -652,7 +652,7 @@ Description: SecuBox CrowdSec Firewall Bouncer for OpenWrt.
- Automatic restart on firewall reload
- procd service management
Filename: secubox-app-cs-firewall-bouncer_0.0.31-r4_aarch64_cortex-a72.ipk
Size: 5049320
Size: 5049323
Package: secubox-app-cyberfeed
Version: 0.2.1-r1
@ -679,7 +679,7 @@ Installed-Size: 10240
Description: Installer, configuration, and service manager for running Domoticz
inside Docker on SecuBox-powered OpenWrt systems.
Filename: secubox-app-domoticz_1.0.0-r2_all.ipk
Size: 2546
Size: 2547
Package: secubox-app-exposure
Version: 1.0.0-r1
@ -694,7 +694,7 @@ Description: Unified service exposure manager for SecuBox.
- Dynamic Tor hidden service management
- HAProxy SSL reverse proxy configuration
Filename: secubox-app-exposure_1.0.0-r1_all.ipk
Size: 6834
Size: 6831
Package: secubox-app-gitea
Version: 1.0.0-r5
@ -717,7 +717,7 @@ Description: Gitea Git Platform - Self-hosted lightweight Git service
Runs in LXC container with Alpine Linux.
Configure in /etc/config/gitea.
Filename: secubox-app-gitea_1.0.0-r5_all.ipk
Size: 9406
Size: 9405
Package: secubox-app-glances
Version: 1.0.0-r1
@ -740,7 +740,7 @@ Description: Glances - Cross-platform system monitoring tool for SecuBox.
Runs in LXC container for isolation and security.
Configure in /etc/config/glances.
Filename: secubox-app-glances_1.0.0-r1_all.ipk
Size: 5537
Size: 5538
Package: secubox-app-haproxy
Version: 1.0.0-r23
@ -760,7 +760,7 @@ Description: HAProxy load balancer and reverse proxy running in an LXC containe
- Stats dashboard
- Rate limiting and ACLs
Filename: secubox-app-haproxy_1.0.0-r23_all.ipk
Size: 15681
Size: 15682
Package: secubox-app-hexojs
Version: 1.0.0-r8
@ -784,7 +784,7 @@ Description: Hexo CMS - Self-hosted static blog generator for OpenWrt
Runs in LXC container with Alpine Linux.
Configure in /etc/config/hexojs.
Filename: secubox-app-hexojs_1.0.0-r8_all.ipk
Size: 94937
Size: 94939
Package: secubox-app-jitsi
Version: 1.0.0-r1
@ -809,7 +809,7 @@ Description: Jitsi Meet - Secure, fully featured video conferencing for SecuBox
Integrates with HAProxy for SSL termination.
Configure in /etc/config/jitsi.
Filename: secubox-app-jitsi_1.0.0-r1_all.ipk
Size: 8916
Size: 8918
Package: secubox-app-localai
Version: 2.25.0-r1
@ -831,7 +831,7 @@ Description: LocalAI native binary package for OpenWrt.
API: http://<router-ip>:8081/v1
Filename: secubox-app-localai_2.25.0-r1_all.ipk
Size: 5726
Size: 5719
Package: secubox-app-localai-wb
Version: 2.25.0-r1
@ -855,7 +855,7 @@ Description: LocalAI native binary package for OpenWrt.
API: http://<router-ip>:8080/v1
Filename: secubox-app-localai-wb_2.25.0-r1_all.ipk
Size: 7953
Size: 7957
Package: secubox-app-lyrion
Version: 2.0.2-r1
@ -875,7 +875,7 @@ Description: Lyrion Media Server (formerly Logitech Media Server / Squeezebox S
Auto-detects available runtime, preferring LXC for lower resource usage.
Configure runtime in /etc/config/lyrion.
Filename: secubox-app-lyrion_2.0.2-r1_all.ipk
Size: 7285
Size: 7293
Package: secubox-app-magicmirror2
Version: 0.4.0-r8
@ -897,7 +897,7 @@ Description: MagicMirror² - Open source modular smart mirror platform for Secu
Runs in LXC container for isolation and security.
Configure in /etc/config/magicmirror2.
Filename: secubox-app-magicmirror2_0.4.0-r8_all.ipk
Size: 9254
Size: 9248
Package: secubox-app-mailinabox
Version: 2.0.0-r1
@ -922,7 +922,7 @@ Description: Complete email server solution using docker-mailserver for SecuBox
Commands: mailinaboxctl --help
Filename: secubox-app-mailinabox_2.0.0-r1_all.ipk
Size: 7571
Size: 7573
Package: secubox-app-metabolizer
Version: 1.0.0-r3
@ -943,16 +943,16 @@ Description: Metabolizer Blog Pipeline - Integrated CMS with Git-based workflow
Pipeline: Edit in Streamlit -> Push to Gitea -> Build with Hexo -> Publish
Filename: secubox-app-metabolizer_1.0.0-r3_all.ipk
Size: 13979
Size: 13976
Package: secubox-app-mitmproxy
Version: 0.5.0-r17
Version: 0.5.0-r19
Depends: wget, tar
License: Apache-2.0
Section: utils
Maintainer: CyberMind Studio <contact@cybermind.fr>
Architecture: all
Installed-Size: 71680
Installed-Size: 92160
Description: mitmproxy - Interactive HTTPS proxy for SecuBox-powered OpenWrt systems.
Features:
@ -969,8 +969,8 @@ Description: mitmproxy - Interactive HTTPS proxy for SecuBox-powered OpenWrt sy
Runs in LXC container for isolation and security.
Configure in /etc/config/mitmproxy.
Filename: secubox-app-mitmproxy_0.5.0-r17_all.ipk
Size: 18508
Filename: secubox-app-mitmproxy_0.5.0-r19_all.ipk
Size: 22113
Package: secubox-app-mmpm
Version: 0.2.0-r5
@ -1005,7 +1005,7 @@ Description: Installer, configuration, and service manager for running Nextclou
inside Docker on SecuBox-powered OpenWrt systems. Self-hosted file
sync and share with calendar, contacts, and collaboration.
Filename: secubox-app-nextcloud_1.0.0-r2_all.ipk
Size: 2956
Size: 2962
Package: secubox-app-ollama
Version: 0.1.0-r1
@ -1027,7 +1027,7 @@ Description: Ollama - Simple local LLM runtime for SecuBox-powered OpenWrt syst
Runs in Docker/Podman container.
Configure in /etc/config/ollama.
Filename: secubox-app-ollama_0.1.0-r1_all.ipk
Size: 5735
Size: 5740
Package: secubox-app-picobrew
Version: 1.0.0-r7
@ -1049,7 +1049,7 @@ Description: PicoBrew Server - Self-hosted brewing controller for PicoBrew devi
Runs in LXC container with Python/Flask backend.
Configure in /etc/config/picobrew.
Filename: secubox-app-picobrew_1.0.0-r7_all.ipk
Size: 5543
Size: 5542
Package: secubox-app-streamlit
Version: 1.0.0-r5
@ -1099,7 +1099,7 @@ Description: SecuBox Tor Shield - One-click Tor anonymization for OpenWrt
Configure in /etc/config/tor-shield.
Filename: secubox-app-tor_1.0.0-r1_all.ipk
Size: 7377
Size: 7379
Package: secubox-app-webapp
Version: 1.5.0-r7
@ -1130,7 +1130,7 @@ Installed-Size: 20480
Description: Installer, configuration, and service manager for running Zigbee2MQTT
inside Docker on SecuBox-powered OpenWrt systems.
Filename: secubox-app-zigbee2mqtt_1.0.0-r3_all.ipk
Size: 3542
Size: 3544
Package: secubox-core
Version: 0.10.0-r11
@ -1150,7 +1150,7 @@ Description: SecuBox Core Framework provides the foundational infrastructure fo
- Unified CLI interface
- ubus RPC backend
Filename: secubox-core_0.10.0-r11_all.ipk
Size: 87809
Size: 87811
Package: secubox-p2p
Version: 0.6.0-r1
@ -1169,5 +1169,5 @@ Description: SecuBox P2P Hub backend providing peer discovery, mesh networking
and MirrorBox NetMesh Catalog for cross-chain distributed service
registry with HAProxy vhost discovery and multi-endpoint access URLs.
Filename: secubox-p2p_0.6.0-r1_all.ipk
Size: 40190
Size: 40191

BIN
package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages.gz
View File

Binary file not shown.

BIN
package/secubox/secubox-app-bonus/root/www/secubox-feed/secubox-app-mitmproxy_0.5.0-r19_all.ipk Normal file
View File

Binary file not shown.

2
package/secubox/secubox-app-mitmproxy/Makefile
View File

@ -1,7 +1,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=secubox-app-mitmproxy
PKG_RELEASE:=18
PKG_RELEASE:=19
PKG_VERSION:=0.5.0
PKG_ARCH:=all
PKG_MAINTAINER:=CyberMind Studio <contact@cybermind.fr>

65
package/secubox/secubox-app-mitmproxy/files/usr/sbin/mitmproxyctl
View File

@ -921,43 +921,80 @@ cmd_sync_routes() {
local routes_file="$data_path/haproxy-routes.json"
local tmp_file="/tmp/haproxy-routes.tmp"
local count=0
# Start JSON
echo "{" > "$tmp_file"
local first=1
local count=0
# Get all vhosts - avoid subshell by using temp file
local vhosts_file="/tmp/haproxy-vhosts.tmp"
uci show haproxy 2>/dev/null | grep "=vhost" | cut -d'=' -f1 | cut -d'.' -f2 > "$vhosts_file"
while read vhost; do
[ -z "$vhost" ] && continue
# Get all vhosts and their backends
uci show haproxy 2>/dev/null | grep "=vhost" | while read line; do
local vhost=$(echo "$line" | cut -d'=' -f1 | cut -d'.' -f2)
local domain=$(uci -q get haproxy.$vhost.domain)
local backend=$(uci -q get haproxy.$vhost.backend)
# If currently using mitmproxy_inspector, use the stored original backend
if [ "$backend" = "mitmproxy_inspector" ]; then
backend=$(uci -q get haproxy.$vhost.original_backend)
fi
# Skip fallback, luci, and mitmproxy backends
case "$backend" in
fallback|luci|luci_default|mitmproxy_inspector|"") continue ;;
esac
if [ -n "$domain" ] && [ -n "$backend" ]; then
# Get backend server details
local ip=""
local port=""
# Method 1: Check for inline server field (old style)
local server=$(uci -q get haproxy.$backend.server)
if [ -n "$server" ]; then
# Parse server spec: "name ip:port check [options]"
local addr=$(echo "$server" | awk '{print $2}')
local ip=$(echo "$addr" | cut -d':' -f1)
local port=$(echo "$addr" | cut -d':' -f2)
ip=$(echo "$addr" | cut -d':' -f1)
port=$(echo "$addr" | cut -d':' -f2)
# Handle backends without explicit port
[ "$ip" = "$port" ] && port="80"
fi
if [ $first -eq 0 ]; then
# Method 2: Check for separate server section (new style)
if [ -z "$ip" ]; then
# Find server section that references this backend
local server_section=$(uci show haproxy 2>/dev/null | grep "\.backend='$backend'" | grep "=server" | head -1 | cut -d'=' -f1 | cut -d'.' -f2)
if [ -z "$server_section" ]; then
# Try pattern: backend_name_servername=server
server_section=$(uci show haproxy 2>/dev/null | grep "^haproxy\.${backend}_.*=server" | head -1 | cut -d'=' -f1 | cut -d'.' -f2)
fi
if [ -n "$server_section" ]; then
ip=$(uci -q get haproxy.$server_section.address)
port=$(uci -q get haproxy.$server_section.port)
fi
fi
# Only add route if we found valid ip:port
if [ -n "$ip" ] && [ -n "$port" ]; then
if [ $count -gt 0 ]; then
echo "," >> "$tmp_file"
fi
first=0
count=$((count + 1))
echo " \"$domain\": [\"$ip\", $port]" >> "$tmp_file"
log_info " $domain -> $ip:$port"
printf ' "%s": ["%s", %s]' "$domain" "$ip" "$port" >> "$tmp_file"
log_info " $domain -> $ip:$port (backend: $backend)"
else
log_warn " $domain: could not resolve backend '$backend'"
fi
fi
done
done < "$vhosts_file"
rm -f "$vhosts_file"
# Close JSON
echo "" >> "$tmp_file"
echo "}" >> "$tmp_file"
# Move to final location