diff --git a/package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages b/package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages index e40740e0..94918e5e 100644 --- a/package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages +++ b/package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages @@ -8,7 +8,7 @@ Architecture: all Installed-Size: 71680 Description: Comprehensive authentication and session management with captive portal, OAuth2/OIDC integration, voucher system, and time-based access control Filename: luci-app-auth-guardian_0.4.0-r3_all.ipk -Size: 12078 +Size: 12079 Package: luci-app-bandwidth-manager Version: 0.5.0-r2 @@ -20,7 +20,7 @@ Architecture: all Installed-Size: 378880 Description: Advanced bandwidth management with QoS rules, client quotas, and SQM integration Filename: luci-app-bandwidth-manager_0.5.0-r2_all.ipk -Size: 66974 +Size: 66965 Package: luci-app-cdn-cache Version: 0.5.0-r3 @@ -32,7 +32,7 @@ Architecture: all Installed-Size: 122880 Description: Dashboard for managing local CDN caching proxy on OpenWrt Filename: luci-app-cdn-cache_0.5.0-r3_all.ipk -Size: 23188 +Size: 23187 Package: luci-app-client-guardian Version: 0.4.0-r7 @@ -44,7 +44,7 @@ Architecture: all Installed-Size: 307200 Description: Network Access Control with client monitoring, zone management, captive portal, parental controls, and SMS/email alerts Filename: luci-app-client-guardian_0.4.0-r7_all.ipk -Size: 57046 +Size: 57042 Package: luci-app-crowdsec-dashboard Version: 0.7.0-r29 @@ -56,7 +56,7 @@ Architecture: all Installed-Size: 296960 Description: Real-time security monitoring dashboard for CrowdSec on OpenWrt Filename: luci-app-crowdsec-dashboard_0.7.0-r29_all.ipk -Size: 55584 +Size: 55580 Package: luci-app-cyberfeed Version: 0.1.1-r1 @@ -68,7 +68,7 @@ Architecture: all Installed-Size: 71680 Description: Cyberpunk-themed RSS feed aggregator dashboard with social media support Filename: luci-app-cyberfeed_0.1.1-r1_all.ipk -Size: 12839 +Size: 12835 Package: luci-app-exposure Version: 1.0.0-r3 @@ -80,7 +80,7 @@ Architecture: all Installed-Size: 153600 Description: LuCI SecuBox Service Exposure Manager Filename: luci-app-exposure_1.0.0-r3_all.ipk -Size: 20536 +Size: 20532 Package: luci-app-gitea Version: 1.0.0-r2 @@ -104,7 +104,7 @@ Architecture: all Installed-Size: 40960 Description: Modern dashboard for Glances system monitoring with SecuBox theme Filename: luci-app-glances_1.0.0-r2_all.ipk -Size: 6969 +Size: 6965 Package: luci-app-haproxy Version: 1.0.0-r8 @@ -116,7 +116,7 @@ Architecture: all Installed-Size: 204800 Description: Web interface for managing HAProxy load balancer with vhosts, SSL certificates, and backend routing Filename: luci-app-haproxy_1.0.0-r8_all.ipk -Size: 34168 +Size: 34165 Package: luci-app-hexojs Version: 1.0.0-r3 @@ -128,7 +128,19 @@ Architecture: all Installed-Size: 215040 Description: Modern dashboard for Hexo static site generator on OpenWrt Filename: luci-app-hexojs_1.0.0-r3_all.ipk -Size: 32977 +Size: 32974 + +Package: luci-app-jitsi +Version: 1.0.0-r1 +Depends: secubox-app-jitsi +License: Apache-2.0 +Section: luci +Maintainer: OpenWrt LuCI community +Architecture: all +Installed-Size: 30720 +Description: LuCI Jitsi Meet Configuration +Filename: luci-app-jitsi_1.0.0-r1_all.ipk +Size: 5140 Package: luci-app-ksm-manager Version: 0.4.0-r2 @@ -140,7 +152,7 @@ Architecture: all Installed-Size: 112640 Description: Centralized cryptographic key management with hardware security module (HSM) support for Nitrokey and YubiKey devices. Provides secure key storage, certificate management, SSH key handling, and secret storage with audit logging. Filename: luci-app-ksm-manager_0.4.0-r2_all.ipk -Size: 18725 +Size: 18719 Package: luci-app-localai Version: 0.1.0-r15 @@ -152,7 +164,7 @@ Architecture: all Installed-Size: 81920 Description: Modern dashboard for LocalAI LLM management on OpenWrt Filename: luci-app-localai_0.1.0-r15_all.ipk -Size: 14367 +Size: 14358 Package: luci-app-lyrion Version: 1.0.0-r1 @@ -164,7 +176,7 @@ Architecture: all Installed-Size: 40960 Description: LuCI support for Lyrion Music Server Filename: luci-app-lyrion_1.0.0-r1_all.ipk -Size: 6733 +Size: 6724 Package: luci-app-magicmirror2 Version: 0.4.0-r6 @@ -176,7 +188,7 @@ Architecture: all Installed-Size: 71680 Description: Modern dashboard for MagicMirror2 smart display platform with module manager and SecuBox theme Filename: luci-app-magicmirror2_0.4.0-r6_all.ipk -Size: 12277 +Size: 12278 Package: luci-app-mailinabox Version: 1.0.0-r1 @@ -188,7 +200,7 @@ Architecture: all Installed-Size: 30720 Description: LuCI support for Mail-in-a-Box Filename: luci-app-mailinabox_1.0.0-r1_all.ipk -Size: 5487 +Size: 5482 Package: luci-app-media-flow Version: 0.6.4-r1 @@ -200,7 +212,7 @@ Architecture: all Installed-Size: 102400 Description: Real-time detection and monitoring of streaming services (Netflix, YouTube, Spotify, etc.) with quality estimation, history tracking, and alerts. Supports nDPId local DPI and netifyd. Filename: luci-app-media-flow_0.6.4-r1_all.ipk -Size: 19127 +Size: 19111 Package: luci-app-metablogizer Version: 1.0.0-r3 @@ -212,7 +224,7 @@ Architecture: all Installed-Size: 112640 Description: LuCI support for MetaBlogizer Static Site Publisher Filename: luci-app-metablogizer_1.0.0-r3_all.ipk -Size: 23504 +Size: 23505 Package: luci-app-metabolizer Version: 1.0.0-r2 @@ -224,7 +236,7 @@ Architecture: all Installed-Size: 30720 Description: LuCI support for Metabolizer CMS Filename: luci-app-metabolizer_1.0.0-r2_all.ipk -Size: 4756 +Size: 4754 Package: luci-app-mitmproxy Version: 0.4.0-r6 @@ -236,7 +248,7 @@ Architecture: all Installed-Size: 102400 Description: Modern dashboard for mitmproxy HTTPS traffic inspection with SecuBox theme Filename: luci-app-mitmproxy_0.4.0-r6_all.ipk -Size: 18935 +Size: 18932 Package: luci-app-mmpm Version: 0.2.0-r3 @@ -248,7 +260,7 @@ Architecture: all Installed-Size: 51200 Description: Web interface for MMPM - MagicMirror Package Manager Filename: luci-app-mmpm_0.2.0-r3_all.ipk -Size: 7902 +Size: 7903 Package: luci-app-mqtt-bridge Version: 0.4.0-r4 @@ -260,7 +272,7 @@ Architecture: all Installed-Size: 122880 Description: USB-to-MQTT IoT hub with SecuBox theme Filename: luci-app-mqtt-bridge_0.4.0-r4_all.ipk -Size: 22779 +Size: 22775 Package: luci-app-ndpid Version: 1.1.2-r2 @@ -272,7 +284,7 @@ Architecture: all Installed-Size: 122880 Description: Modern dashboard for nDPId deep packet inspection on OpenWrt Filename: luci-app-ndpid_1.1.2-r2_all.ipk -Size: 22458 +Size: 22453 Package: luci-app-netdata-dashboard Version: 0.5.0-r2 @@ -284,7 +296,7 @@ Architecture: all Installed-Size: 133120 Description: Real-time system monitoring dashboard with Netdata integration for OpenWrt Filename: luci-app-netdata-dashboard_0.5.0-r2_all.ipk -Size: 22401 +Size: 22400 Package: luci-app-network-modes Version: 0.5.0-r3 @@ -296,7 +308,7 @@ Architecture: all Installed-Size: 307200 Description: Configure OpenWrt for different network modes: Sniffer, Access Point, Relay, Router Filename: luci-app-network-modes_0.5.0-r3_all.ipk -Size: 55613 +Size: 55610 Package: luci-app-network-tweaks Version: 1.0.0-r7 @@ -308,7 +320,7 @@ Architecture: all Installed-Size: 81920 Description: Unified network services dashboard with DNS/hosts sync, CDN cache control, and WPAD auto-proxy configuration Filename: luci-app-network-tweaks_1.0.0-r7_all.ipk -Size: 15464 +Size: 15459 Package: luci-app-nextcloud Version: 1.0.0-r1 @@ -320,7 +332,7 @@ Architecture: all Installed-Size: 30720 Description: LuCI support for Nextcloud Filename: luci-app-nextcloud_1.0.0-r1_all.ipk -Size: 6482 +Size: 6481 Package: luci-app-ollama Version: 0.1.0-r1 @@ -344,7 +356,7 @@ Architecture: all Installed-Size: 51200 Description: Modern dashboard for PicoBrew Server management on OpenWrt Filename: luci-app-picobrew_1.0.0-r1_all.ipk -Size: 9978 +Size: 9979 Package: luci-app-secubox Version: 0.7.1-r4 @@ -356,7 +368,7 @@ Architecture: all Installed-Size: 266240 Description: Central control hub for all SecuBox modules. Provides unified dashboard, module status, system health monitoring, and quick actions. Filename: luci-app-secubox_0.7.1-r4_all.ipk -Size: 49902 +Size: 49897 Package: luci-app-secubox-admin Version: 1.0.0-r19 @@ -367,7 +379,7 @@ Architecture: all Installed-Size: 337920 Description: Unified admin control center for SecuBox appstore plugins with system monitoring Filename: luci-app-secubox-admin_1.0.0-r19_all.ipk -Size: 57098 +Size: 57097 Package: luci-app-secubox-crowdsec Version: 1.0.0-r3 @@ -379,7 +391,7 @@ Architecture: all Installed-Size: 81920 Description: LuCI SecuBox CrowdSec Dashboard Filename: luci-app-secubox-crowdsec_1.0.0-r3_all.ipk -Size: 13922 +Size: 13919 Package: luci-app-secubox-netdiag Version: 1.0.0-r1 @@ -391,7 +403,7 @@ Architecture: all Installed-Size: 61440 Description: Real-time DSA switch port statistics, error monitoring, and network health diagnostics Filename: luci-app-secubox-netdiag_1.0.0-r1_all.ipk -Size: 11996 +Size: 11999 Package: luci-app-secubox-netifyd Version: 1.2.1-r1 @@ -403,7 +415,7 @@ Architecture: all Installed-Size: 215040 Description: Complete LuCI interface for netifyd DPI engine with real-time flow monitoring, application detection, network analytics, and flow action plugins Filename: luci-app-secubox-netifyd_1.2.1-r1_all.ipk -Size: 39503 +Size: 39497 Package: luci-app-secubox-p2p Version: 0.1.0-r1 @@ -415,7 +427,7 @@ Architecture: all Installed-Size: 215040 Description: LuCI SecuBox P2P Hub Filename: luci-app-secubox-p2p_0.1.0-r1_all.ipk -Size: 39260 +Size: 39256 Package: luci-app-secubox-portal Version: 0.7.0-r2 @@ -427,7 +439,7 @@ Architecture: all Installed-Size: 122880 Description: Unified entry point for all SecuBox applications with tabbed navigation Filename: luci-app-secubox-portal_0.7.0-r2_all.ipk -Size: 24557 +Size: 24555 Package: luci-app-secubox-security-threats Version: 1.0.0-r4 @@ -439,7 +451,7 @@ Architecture: all Installed-Size: 71680 Description: Unified dashboard integrating netifyd DPI threats with CrowdSec intelligence for real-time threat monitoring and automated blocking Filename: luci-app-secubox-security-threats_1.0.0-r4_all.ipk -Size: 13910 +Size: 13904 Package: luci-app-service-registry Version: 1.0.0-r1 @@ -451,7 +463,7 @@ Architecture: all Installed-Size: 194560 Description: Unified service aggregation with HAProxy vhosts, Tor hidden services, and QR-coded landing page Filename: luci-app-service-registry_1.0.0-r1_all.ipk -Size: 39827 +Size: 39821 Package: luci-app-streamlit Version: 1.0.0-r9 @@ -463,7 +475,7 @@ Architecture: all Installed-Size: 122880 Description: Modern dashboard for Streamlit Platform management on OpenWrt Filename: luci-app-streamlit_1.0.0-r9_all.ipk -Size: 20473 +Size: 20469 Package: luci-app-system-hub Version: 0.5.1-r4 @@ -475,7 +487,7 @@ Architecture: all Installed-Size: 358400 Description: Central system control with monitoring, services, logs, and backup Filename: luci-app-system-hub_0.5.1-r4_all.ipk -Size: 66351 +Size: 66343 Package: luci-app-tor-shield Version: 1.0.0-r10 @@ -487,7 +499,7 @@ Architecture: all Installed-Size: 133120 Description: Modern dashboard for Tor anonymization on OpenWrt Filename: luci-app-tor-shield_1.0.0-r10_all.ipk -Size: 24536 +Size: 24532 Package: luci-app-traffic-shaper Version: 0.4.0-r2 @@ -499,7 +511,7 @@ Architecture: all Installed-Size: 92160 Description: Advanced traffic shaping with TC/CAKE for precise bandwidth control Filename: luci-app-traffic-shaper_0.4.0-r2_all.ipk -Size: 15634 +Size: 15631 Package: luci-app-vhost-manager Version: 0.5.0-r5 @@ -511,7 +523,7 @@ Architecture: all Installed-Size: 153600 Description: Nginx reverse proxy manager with Let's Encrypt SSL certificates, authentication, and WebSocket support Filename: luci-app-vhost-manager_0.5.0-r5_all.ipk -Size: 26200 +Size: 26197 Package: luci-app-wireguard-dashboard Version: 0.7.0-r5 @@ -523,7 +535,7 @@ Architecture: all Installed-Size: 235520 Description: Modern dashboard for WireGuard VPN monitoring on OpenWrt Filename: luci-app-wireguard-dashboard_0.7.0-r5_all.ipk -Size: 45373 +Size: 45363 Package: luci-app-zigbee2mqtt Version: 1.0.0-r2 @@ -535,7 +547,7 @@ Architecture: all Installed-Size: 40960 Description: Graphical interface for managing the Zigbee2MQTT docker application. Filename: luci-app-zigbee2mqtt_1.0.0-r2_all.ipk -Size: 7090 +Size: 7084 Package: luci-theme-secubox Version: 0.4.7-r1 @@ -547,7 +559,7 @@ Architecture: all Installed-Size: 460800 Description: Global CyberMood design system (CSS/JS/i18n) shared by all SecuBox dashboards. Filename: luci-theme-secubox_0.4.7-r1_all.ipk -Size: 111797 +Size: 111791 Package: secubox-app Version: 1.0.0-r2 @@ -558,7 +570,7 @@ Installed-Size: 92160 Description: Command line helper for SecuBox App Store manifests. Installs /usr/sbin/secubox-app and ships the default manifests under /usr/share/secubox/plugins/. Filename: secubox-app_1.0.0-r2_all.ipk -Size: 11188 +Size: 11180 Package: secubox-app-adguardhome Version: 1.0.0-r2 @@ -572,7 +584,7 @@ Description: Installer, configuration, and service manager for running AdGuard inside Docker on SecuBox-powered OpenWrt systems. Network-wide ad blocker with DNS-over-HTTPS/TLS support and detailed analytics. Filename: secubox-app-adguardhome_1.0.0-r2_all.ipk -Size: 2877 +Size: 2878 Package: secubox-app-auth-logger Version: 1.2.2-r1 @@ -590,7 +602,7 @@ Description: Logs authentication failures from LuCI/rpcd and Dropbear SSH - JavaScript hook to intercept login failures - CrowdSec parser and bruteforce scenario Filename: secubox-app-auth-logger_1.2.2-r1_all.ipk -Size: 9380 +Size: 9374 Package: secubox-app-crowdsec-custom Version: 1.1.0-r1 @@ -613,7 +625,7 @@ Description: Custom CrowdSec configurations for SecuBox web interface protectio - Webapp generic auth bruteforce protection - Whitelist for trusted networks Filename: secubox-app-crowdsec-custom_1.1.0-r1_all.ipk -Size: 5764 +Size: 5759 Package: secubox-app-cs-firewall-bouncer Version: 0.0.31-r4 @@ -640,7 +652,7 @@ Description: SecuBox CrowdSec Firewall Bouncer for OpenWrt. - Automatic restart on firewall reload - procd service management Filename: secubox-app-cs-firewall-bouncer_0.0.31-r4_aarch64_cortex-a72.ipk -Size: 5049324 +Size: 5049323 Package: secubox-app-cyberfeed Version: 0.2.1-r1 @@ -654,7 +666,7 @@ Description: Cyberpunk-themed RSS feed aggregator for OpenWrt/SecuBox. Features emoji injection, neon styling, and RSS-Bridge support for social media feeds (Facebook, Twitter, Mastodon). Filename: secubox-app-cyberfeed_0.2.1-r1_all.ipk -Size: 12451 +Size: 12449 Package: secubox-app-domoticz Version: 1.0.0-r2 @@ -667,7 +679,7 @@ Installed-Size: 10240 Description: Installer, configuration, and service manager for running Domoticz inside Docker on SecuBox-powered OpenWrt systems. Filename: secubox-app-domoticz_1.0.0-r2_all.ipk -Size: 2552 +Size: 2546 Package: secubox-app-exposure Version: 1.0.0-r1 @@ -682,7 +694,7 @@ Description: Unified service exposure manager for SecuBox. - Dynamic Tor hidden service management - HAProxy SSL reverse proxy configuration Filename: secubox-app-exposure_1.0.0-r1_all.ipk -Size: 6828 +Size: 6832 Package: secubox-app-gitea Version: 1.0.0-r5 @@ -705,7 +717,7 @@ Description: Gitea Git Platform - Self-hosted lightweight Git service Runs in LXC container with Alpine Linux. Configure in /etc/config/gitea. Filename: secubox-app-gitea_1.0.0-r5_all.ipk -Size: 9406 +Size: 9405 Package: secubox-app-glances Version: 1.0.0-r1 @@ -728,7 +740,7 @@ Description: Glances - Cross-platform system monitoring tool for SecuBox. Runs in LXC container for isolation and security. Configure in /etc/config/glances. Filename: secubox-app-glances_1.0.0-r1_all.ipk -Size: 5535 +Size: 5531 Package: secubox-app-haproxy Version: 1.0.0-r23 @@ -748,7 +760,7 @@ Description: HAProxy load balancer and reverse proxy running in an LXC containe - Stats dashboard - Rate limiting and ACLs Filename: secubox-app-haproxy_1.0.0-r23_all.ipk -Size: 15683 +Size: 15674 Package: secubox-app-hexojs Version: 1.0.0-r8 @@ -772,7 +784,32 @@ Description: Hexo CMS - Self-hosted static blog generator for OpenWrt Runs in LXC container with Alpine Linux. Configure in /etc/config/hexojs. Filename: secubox-app-hexojs_1.0.0-r8_all.ipk -Size: 94937 +Size: 94931 + +Package: secubox-app-jitsi +Version: 1.0.0-r1 +Depends: docker, docker-compose, wget, openssl-util +License: Apache-2.0 +Section: utils +Maintainer: CyberMind Studio +Architecture: all +Installed-Size: 40960 +Description: Jitsi Meet - Secure, fully featured video conferencing for SecuBox. + + Features: + - End-to-end encrypted video conferences + - No account required for guests + - Screen sharing and recording + - Chat, reactions, and virtual backgrounds + - Mobile app support (iOS/Android) + - WebRTC-based, works in any browser + - Self-hosted for complete privacy + + Runs via Docker containers for easy deployment. + Integrates with HAProxy for SSL termination. + Configure in /etc/config/jitsi. +Filename: secubox-app-jitsi_1.0.0-r1_all.ipk +Size: 8908 Package: secubox-app-localai Version: 2.25.0-r1 @@ -794,7 +831,7 @@ Description: LocalAI native binary package for OpenWrt. API: http://:8081/v1 Filename: secubox-app-localai_2.25.0-r1_all.ipk -Size: 5712 +Size: 5714 Package: secubox-app-localai-wb Version: 2.25.0-r1 @@ -818,7 +855,7 @@ Description: LocalAI native binary package for OpenWrt. API: http://:8080/v1 Filename: secubox-app-localai-wb_2.25.0-r1_all.ipk -Size: 7954 +Size: 7942 Package: secubox-app-lyrion Version: 2.0.2-r1 @@ -838,7 +875,7 @@ Description: Lyrion Media Server (formerly Logitech Media Server / Squeezebox S Auto-detects available runtime, preferring LXC for lower resource usage. Configure runtime in /etc/config/lyrion. Filename: secubox-app-lyrion_2.0.2-r1_all.ipk -Size: 7284 +Size: 7275 Package: secubox-app-magicmirror2 Version: 0.4.0-r8 @@ -860,7 +897,7 @@ Description: MagicMirror² - Open source modular smart mirror platform for Secu Runs in LXC container for isolation and security. Configure in /etc/config/magicmirror2. Filename: secubox-app-magicmirror2_0.4.0-r8_all.ipk -Size: 9250 +Size: 9247 Package: secubox-app-mailinabox Version: 2.0.0-r1 @@ -885,7 +922,7 @@ Description: Complete email server solution using docker-mailserver for SecuBox Commands: mailinaboxctl --help Filename: secubox-app-mailinabox_2.0.0-r1_all.ipk -Size: 7570 +Size: 7571 Package: secubox-app-metabolizer Version: 1.0.0-r3 @@ -906,7 +943,7 @@ Description: Metabolizer Blog Pipeline - Integrated CMS with Git-based workflow Pipeline: Edit in Streamlit -> Push to Gitea -> Build with Hexo -> Publish Filename: secubox-app-metabolizer_1.0.0-r3_all.ipk -Size: 13979 +Size: 13980 Package: secubox-app-mitmproxy Version: 0.4.0-r16 @@ -927,7 +964,7 @@ Description: mitmproxy - Interactive HTTPS proxy for SecuBox-powered OpenWrt sy Runs in LXC container for isolation and security. Configure in /etc/config/mitmproxy. Filename: secubox-app-mitmproxy_0.4.0-r16_all.ipk -Size: 10213 +Size: 10208 Package: secubox-app-mmpm Version: 0.2.0-r5 @@ -948,7 +985,7 @@ Description: MMPM (MagicMirror Package Manager) for SecuBox. Runs inside the MagicMirror2 LXC container. Filename: secubox-app-mmpm_0.2.0-r5_all.ipk -Size: 3976 +Size: 3977 Package: secubox-app-nextcloud Version: 1.0.0-r2 @@ -962,7 +999,7 @@ Description: Installer, configuration, and service manager for running Nextclou inside Docker on SecuBox-powered OpenWrt systems. Self-hosted file sync and share with calendar, contacts, and collaboration. Filename: secubox-app-nextcloud_1.0.0-r2_all.ipk -Size: 2960 +Size: 2956 Package: secubox-app-ollama Version: 0.1.0-r1 @@ -984,7 +1021,7 @@ Description: Ollama - Simple local LLM runtime for SecuBox-powered OpenWrt syst Runs in Docker/Podman container. Configure in /etc/config/ollama. Filename: secubox-app-ollama_0.1.0-r1_all.ipk -Size: 5742 +Size: 5734 Package: secubox-app-picobrew Version: 1.0.0-r7 @@ -1006,7 +1043,7 @@ Description: PicoBrew Server - Self-hosted brewing controller for PicoBrew devi Runs in LXC container with Python/Flask backend. Configure in /etc/config/picobrew. Filename: secubox-app-picobrew_1.0.0-r7_all.ipk -Size: 5539 +Size: 5541 Package: secubox-app-streamlit Version: 1.0.0-r5 @@ -1033,7 +1070,7 @@ Description: Streamlit App Platform - Self-hosted Python data app platform Configure in /etc/config/streamlit. Filename: secubox-app-streamlit_1.0.0-r5_all.ipk -Size: 11719 +Size: 11718 Package: secubox-app-tor Version: 1.0.0-r1 @@ -1090,13 +1127,13 @@ Filename: secubox-app-zigbee2mqtt_1.0.0-r3_all.ipk Size: 3544 Package: secubox-core -Version: 0.10.0-r9 +Version: 0.10.0-r11 Depends: jq, jsonfilter License: GPL-2.0 Section: admin Maintainer: SecuBox Team Architecture: all -Installed-Size: 450560 +Installed-Size: 481280 Description: SecuBox Core Framework provides the foundational infrastructure for the modular SecuBox system including: - Module/AppStore management @@ -1106,8 +1143,8 @@ Description: SecuBox Core Framework provides the foundational infrastructure fo - Diagnostics and health checks - Unified CLI interface - ubus RPC backend -Filename: secubox-core_0.10.0-r9_all.ipk -Size: 80068 +Filename: secubox-core_0.10.0-r11_all.ipk +Size: 87807 Package: secubox-p2p Version: 0.6.0-r1 @@ -1126,5 +1163,5 @@ Description: SecuBox P2P Hub backend providing peer discovery, mesh networking and MirrorBox NetMesh Catalog for cross-chain distributed service registry with HAProxy vhost discovery and multi-endpoint access URLs. Filename: secubox-p2p_0.6.0-r1_all.ipk -Size: 40190 +Size: 40189 diff --git a/package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages.gz b/package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages.gz index a8fd8f4f..f25a8783 100644 Binary files a/package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages.gz and b/package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages.gz differ diff --git a/package/secubox/secubox-app-bonus/root/www/secubox-feed/luci-app-jitsi_1.0.0-r1_all.ipk b/package/secubox/secubox-app-bonus/root/www/secubox-feed/luci-app-jitsi_1.0.0-r1_all.ipk new file mode 100644 index 00000000..41ab2200 Binary files /dev/null and b/package/secubox/secubox-app-bonus/root/www/secubox-feed/luci-app-jitsi_1.0.0-r1_all.ipk differ diff --git a/package/secubox/secubox-app-bonus/root/www/secubox-feed/secubox-app-jitsi_1.0.0-r1_all.ipk b/package/secubox/secubox-app-bonus/root/www/secubox-feed/secubox-app-jitsi_1.0.0-r1_all.ipk new file mode 100644 index 00000000..a210d9f9 Binary files /dev/null and b/package/secubox/secubox-app-bonus/root/www/secubox-feed/secubox-app-jitsi_1.0.0-r1_all.ipk differ diff --git a/package/secubox/secubox-app-bonus/root/www/secubox-feed/secubox-core_0.10.0-r11_all.ipk b/package/secubox/secubox-app-bonus/root/www/secubox-feed/secubox-core_0.10.0-r11_all.ipk new file mode 100644 index 00000000..fa1133ef Binary files /dev/null and b/package/secubox/secubox-app-bonus/root/www/secubox-feed/secubox-core_0.10.0-r11_all.ipk differ diff --git a/package/secubox/secubox-core/Makefile b/package/secubox/secubox-core/Makefile index f0c36c0a..7ded8fda 100644 --- a/package/secubox/secubox-core/Makefile +++ b/package/secubox/secubox-core/Makefile @@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=secubox-core PKG_VERSION:=0.10.0 -PKG_RELEASE:=9 +PKG_RELEASE:=11 PKG_ARCH:=all PKG_LICENSE:=GPL-2.0 PKG_MAINTAINER:=SecuBox Team @@ -85,6 +85,14 @@ define Package/secubox-core/install $(INSTALL_BIN) ./root/usr/sbin/secubox-feed-manager $(1)/usr/sbin/ $(INSTALL_BIN) ./root/usr/sbin/secubox-skill $(1)/usr/sbin/ $(INSTALL_BIN) ./root/usr/sbin/secubox-feedback $(1)/usr/sbin/ + $(INSTALL_BIN) ./root/usr/sbin/secubox-tftp-recovery $(1)/usr/sbin/ + + # TFTP Recovery init script + $(INSTALL_BIN) ./root/etc/init.d/secubox-tftp-recovery $(1)/etc/init.d/ + + # TFTP Mesh library + $(INSTALL_DIR) $(1)/usr/lib/secubox + $(INSTALL_DATA) ./root/usr/lib/secubox/tftp-mesh.sh $(1)/usr/lib/secubox/ # WAN Access hotplug for interface events $(INSTALL_DIR) $(1)/etc/hotplug.d/iface diff --git a/package/secubox/secubox-core/root/usr/sbin/secubox-swiss b/package/secubox/secubox-core/root/usr/sbin/secubox-swiss old mode 100644 new mode 100755 index 7909a841..788e8f73 --- a/package/secubox/secubox-core/root/usr/sbin/secubox-swiss +++ b/package/secubox/secubox-core/root/usr/sbin/secubox-swiss @@ -1,345 +1,829 @@ #!/bin/sh -# ============================================================================ -# SecuBox Swiss Army Knife - Unified Management & Recovery Tool -# Combines: mesh, recover, console, monitoring, and self-enhancement -# ============================================================================ +# SecuBox Swiss Army Knife - Unified CLI Tool +# KISS modular self-enhancing architecture +# +# Usage: +# secubox-swiss # Interactive menu +# secubox-swiss # Direct command +# secubox-swiss help # Show all commands VERSION="1.0.0" -SCRIPT_PATH="$(readlink -f "$0")" -SECUBOX_DIR="/srv/secubox" +SCRIPT_NAME="secubox-swiss" -# Colors -C_CYAN='\033[0;36m' -C_GREEN='\033[0;32m' -C_YELLOW='\033[1;33m' -C_RED='\033[0;31m' -C_BOLD='\033[1m' -C_NC='\033[0m' +# Colors - use printf for BusyBox compatibility +RED=$(printf '\033[0;31m') +GREEN=$(printf '\033[0;32m') +YELLOW=$(printf '\033[1;33m') +BLUE=$(printf '\033[0;34m') +CYAN=$(printf '\033[0;36m') +BOLD=$(printf '\033[1m') +NC=$(printf '\033[0m') -banner() { - echo "${C_CYAN}" - cat << 'BANNER' - _____ _____ _____ _ _ ____ _____ __ - / ____| ____/ ____| | | | _ \ / _ \ \/ / - | (___ | _|| | | | | | |_) | | | \ / - \___ \| |__| | | |_| | _ <| |_| / \ - ____) |____| |____| |_| | |_) \___/_/\_\ - |_____/______\_____|_____|____/ - SWISS -BANNER - echo "${C_NC}" - echo "${C_BOLD}SecuBox Swiss Army Knife v$VERSION${C_NC}" - echo "Unified Management • Recovery • Mesh • Self-Enhancement" +# ============================================================================ +# Helper Functions +# ============================================================================ + +print_header() { + echo "" + echo "${CYAN}╔══════════════════════════════════════════════════════════════════╗${NC}" + echo "${CYAN}║${NC} ${BOLD}SecuBox Swiss Army Knife${NC} v${VERSION} ${CYAN}║${NC}" + echo "${CYAN}║${NC} KISS modular self-enhancing architecture ${CYAN}║${NC}" + echo "${CYAN}╚══════════════════════════════════════════════════════════════════╝${NC}" echo "" } -# ============================================================================ -# Tool Dispatch -# ============================================================================ -tool_mesh() { - exec /usr/sbin/secubox-mesh "$@" +print_section() { + echo "${YELLOW}━━━ $1 ━━━${NC}" } -tool_recover() { - exec /usr/sbin/secubox-recover "$@" +cmd_exists() { + command -v "$1" >/dev/null 2>&1 } -tool_console() { - if [ -f /usr/lib/secubox-console/secubox_console.py ]; then - exec python3 /usr/lib/secubox-console/secubox_console.py "$@" +run_or_warn() { + local cmd="$1" + shift + if cmd_exists "$cmd"; then + "$cmd" "$@" else - echo "Console not installed. Install with: opkg install secubox-console" - exit 1 + echo "${RED}[!] Command not found: $cmd${NC}" + echo " Install with: opkg install " + return 1 fi } -tool_mitm() { - exec /usr/sbin/secubox-mitm-logs "$@" -} - # ============================================================================ -# Quick Actions +# Status & Info Commands # ============================================================================ -action_status() { - echo "${C_CYAN}=== SecuBox Status ===${C_NC}" - echo "" - # System - echo "${C_BOLD}System:${C_NC}" - echo " Hostname: $(uci get system.@system[0].hostname 2>/dev/null || hostname)" - echo " Version: $(cat /etc/secubox-version 2>/dev/null || echo 'unknown')" - echo " Uptime: $(uptime | cut -d',' -f1 | cut -d' ' -f4-)" - echo "" +cmd_status() { + print_section "System Status" - # Mesh - echo "${C_BOLD}Mesh:${C_NC}" - if [ -f /srv/secubox/mesh/node.id ]; then - echo " Node ID: $(cat /srv/secubox/mesh/node.id)" - echo " Peers: $(cat /srv/secubox/mesh/peers.json 2>/dev/null | jsonfilter -e '@.peers[*]' 2>/dev/null | wc -l)" - echo " Blocks: $(find /srv/secubox/mesh/blocks -type f 2>/dev/null | wc -l)" - else - echo " Not initialized. Run: secubox-swiss mesh init" - fi - echo "" + # Node info + local node_id=$(cat /etc/secubox-node-id 2>/dev/null || echo "unknown") + local hostname=$(uci -q get system.@system[0].hostname || hostname) + local version=$(cat /etc/secubox-version 2>/dev/null || echo "unknown") + local uptime_info=$(uptime | sed 's/.*up //' | sed 's/,.*//') - # Recovery - echo "${C_BOLD}Recovery:${C_NC}" - echo " Snapshots: $(ls /srv/secubox/recover/archives/*.tar.gz 2>/dev/null | wc -l)" - echo " Profiles: $(ls /srv/secubox/recover/profiles/*.json 2>/dev/null | wc -l)" - echo "" - - # Services - echo "${C_BOLD}Key Services:${C_NC}" - for svc in haproxy crowdsec mitmproxy; do - if pgrep -x "$svc" >/dev/null 2>&1; then - echo " $svc: ${C_GREEN}running${C_NC}" - else - echo " $svc: ${C_RED}stopped${C_NC}" - fi - done -} - -action_backup() { - local name="${1:-backup-$(date +%Y%m%d-%H%M%S)}" - echo "${C_CYAN}Creating backup: $name${C_NC}" - /usr/sbin/secubox-recover snapshot "$name" -} - -action_reborn() { - local output="${1:-/tmp/secubox-reborn.sh}" - echo "${C_CYAN}Generating reborn script: $output${C_NC}" - /usr/sbin/secubox-recover reborn "$output" - echo "" - echo "${C_GREEN}Reborn script ready!${C_NC}" - echo "Copy to any machine and run to restore SecuBox." -} - -action_sync() { - echo "${C_CYAN}Syncing mesh...${C_NC}" - /usr/sbin/secubox-mesh sync - echo "" - echo "${C_CYAN}Syncing recovery catalog...${C_NC}" - /usr/sbin/secubox-recover apps-sync -} - -action_health() { - echo "${C_CYAN}=== Health Check ===${C_NC}" - echo "" - - # Disk - echo "${C_BOLD}Disk Usage:${C_NC}" - df -h / /srv /opt 2>/dev/null | grep -v "^Filesystem" + echo "${BOLD}Node:${NC} $hostname (${node_id:0:12})" + echo "${BOLD}Version:${NC} $version" + echo "${BOLD}Uptime:${NC} $uptime_info" echo "" # Memory - echo "${C_BOLD}Memory:${C_NC}" - free -m 2>/dev/null || cat /proc/meminfo | head -3 + local mem_info=$(free | grep Mem) + local mem_total=$(echo "$mem_info" | awk '{print int($2/1024)}') + local mem_used=$(echo "$mem_info" | awk '{print int($3/1024)}') + local mem_pct=$((mem_used * 100 / mem_total)) + echo "${BOLD}Memory:${NC} ${mem_used}MB / ${mem_total}MB (${mem_pct}%)" + + # Disk + local disk_info=$(df /overlay 2>/dev/null | tail -1) + local disk_pct=$(echo "$disk_info" | awk '{print $5}') + echo "${BOLD}Disk:${NC} ${disk_pct} used" echo "" - # Network - echo "${C_BOLD}Network:${C_NC}" - echo " WAN IP: $(curl -s --connect-timeout 2 ifconfig.me 2>/dev/null || echo 'unavailable')" - echo " LAN IP: $(uci get network.lan.ipaddr 2>/dev/null)" + # Services + print_section "Core Services" + for svc in crowdsec haproxy dockerd nginx uhttpd dnsmasq; do + if pgrep "$svc" >/dev/null 2>&1; then + echo " ${GREEN}●${NC} $svc" + elif [ -f "/etc/init.d/$svc" ]; then + echo " ${RED}●${NC} $svc (stopped)" + fi + done echo "" - # Security - echo "${C_BOLD}Security:${C_NC}" - if [ -f /var/log/secubox-access.log ]; then - scans=$(grep -c '"is_scan":true' /var/log/secubox-access.log 2>/dev/null || echo 0) - auths=$(grep -c '"is_auth_attempt":true' /var/log/secubox-access.log 2>/dev/null || echo 0) - echo " Scan attempts: $scans" - echo " Auth attempts: $auths" - else - echo " MITM logging not active" + # Docker containers + if cmd_exists docker; then + local containers=$(docker ps --format '{{.Names}}' 2>/dev/null | wc -l) + if [ "$containers" -gt 0 ]; then + print_section "Docker Containers" + docker ps --format ' {{.Names}}: {{.Status}}' 2>/dev/null + echo "" + fi + fi + + # Mesh status + if [ -f /tmp/secubox-p2p-status.json ]; then + print_section "Mesh Network" + local peers=$(jsonfilter -i /tmp/secubox-p2p-status.json -e '@.peers_online' 2>/dev/null || echo "0") + local services=$(jsonfilter -i /tmp/secubox-p2p-status.json -e '@.services_count' 2>/dev/null || echo "0") + echo " Peers online: $peers" + echo " Services: $services" fi } -action_logs() { - local component="${1:-all}" +cmd_info() { + print_section "System Information" - case "$component" in - mitm) - /usr/sbin/secubox-mitm-logs tail + echo "${BOLD}Hardware:${NC}" + echo " Model: $(cat /tmp/sysinfo/model 2>/dev/null || uname -m)" + echo " CPU: $(grep -c processor /proc/cpuinfo) cores" + echo " Arch: $(uname -m)" + echo "" + + echo "${BOLD}Network:${NC}" + local wan_ip=$(ip -4 addr show wan 2>/dev/null | grep inet | awk '{print $2}' | cut -d/ -f1) + local lan_ip=$(uci -q get network.lan.ipaddr || echo "192.168.255.1") + echo " LAN IP: $lan_ip" + [ -n "$wan_ip" ] && echo " WAN IP: $wan_ip" + + # WireGuard + if cmd_exists wg; then + local wg_peers=$(wg show all peers 2>/dev/null | wc -l) + [ "$wg_peers" -gt 0 ] && echo " WG Peers: $wg_peers" + fi + echo "" + + echo "${BOLD}SecuBox:${NC}" + echo " Version: $(cat /etc/secubox-version 2>/dev/null || echo 'unknown')" + echo " Node ID: $(cat /etc/secubox-node-id 2>/dev/null || echo 'unknown')" + echo " Feed: $(opkg list-installed | grep -c secubox) packages" +} + +# ============================================================================ +# Mesh & P2P Commands +# ============================================================================ + +cmd_mesh() { + local subcmd="${1:-status}" + shift 2>/dev/null + + case "$subcmd" in + status) + run_or_warn secubox-p2p status ;; - mesh) - cat /srv/secubox/mesh/chain.json 2>/dev/null | jsonfilter -e '@.blocks[-5:]' 2>/dev/null + peers) + run_or_warn secubox-p2p peers ;; - security) - /usr/sbin/secubox-mitm-logs scan + discover) + run_or_warn secubox-p2p discover "$@" + ;; + sync) + run_or_warn secubox-p2p sync + ;; + services) + run_or_warn secubox-p2p shared-services + ;; + broadcast) + run_or_warn secubox-p2p broadcast "$@" ;; *) - echo "${C_CYAN}=== Recent Logs ===${C_NC}" - logread -l 30 2>/dev/null || tail -30 /var/log/messages 2>/dev/null + echo "Usage: $SCRIPT_NAME mesh " + ;; + esac +} + +cmd_factory() { + local subcmd="${1:-status}" + + case "$subcmd" in + status) + curl -s "http://127.0.0.1:7331/api/factory/status" 2>/dev/null | jsonfilter -e '@' || echo "Factory API not available" + ;; + catalog) + curl -s "http://127.0.0.1:7331/api/factory/catalog" 2>/dev/null | jsonfilter -e '@' || echo "Catalog not available" + ;; + open) + local ip=$(uci -q get network.lan.ipaddr || echo "192.168.255.1") + echo "Factory Dashboard: http://$ip:7331/factory/" + ;; + *) + echo "Usage: $SCRIPT_NAME factory " ;; esac } # ============================================================================ -# Self-Enhancement +# Recovery Commands # ============================================================================ -action_self_update() { - echo "${C_CYAN}Checking for updates...${C_NC}" - # Check mesh peers for newer version - local peers=$(cat /srv/secubox/mesh/peers.json 2>/dev/null | jsonfilter -e '@.peers[*].addr' 2>/dev/null) +cmd_recover() { + local subcmd="${1:-help}" + shift 2>/dev/null - for peer in $peers; do - echo " Checking peer: $peer" - local remote_ver=$(curl -s --connect-timeout 3 "http://$peer:7331/api/version" 2>/dev/null | jsonfilter -e '@.swiss' 2>/dev/null) + case "$subcmd" in + snapshot) + run_or_warn secubox-recover snapshot "$@" + ;; + list) + run_or_warn secubox-recover list + ;; + restore) + run_or_warn secubox-recover restore "$@" + ;; + reborn) + run_or_warn secubox-recover reborn + ;; + profile) + run_or_warn secubox-recover profile "$@" + ;; + help|*) + echo "Usage: $SCRIPT_NAME recover " + echo "" + echo " snapshot [name] Create configuration snapshot" + echo " list List available snapshots" + echo " restore Restore from snapshot" + echo " reborn Generate self-restore script" + echo " profile Profile management" + ;; + esac +} - if [ -n "$remote_ver" ] && [ "$remote_ver" != "$VERSION" ]; then - echo " ${C_YELLOW}Update available: $remote_ver${C_NC}" +cmd_backup() { + local target="${1:-/tmp/secubox-backup-$(date +%Y%m%d-%H%M%S).tar.gz}" - # Fetch and verify - local update_hash=$(curl -s "http://$peer:7331/api/update/swiss/hash" 2>/dev/null) - curl -s "http://$peer:7331/api/update/swiss" -o /tmp/secubox-swiss.new 2>/dev/null + print_section "Creating Backup" + echo "Target: $target" + echo "" - local local_hash=$(sha256sum /tmp/secubox-swiss.new 2>/dev/null | cut -d' ' -f1) + # Create backup + tar czf "$target" \ + /etc/config \ + /etc/secubox* \ + /etc/dropbear \ + /etc/haproxy 2>/dev/null - if [ "$local_hash" = "$update_hash" ]; then - echo " ${C_GREEN}Hash verified. Installing...${C_NC}" - chmod +x /tmp/secubox-swiss.new - mv /tmp/secubox-swiss.new "$SCRIPT_PATH" - echo " ${C_GREEN}Updated to $remote_ver${C_NC}" - exit 0 - else - echo " ${C_RED}Hash mismatch. Skipping.${C_NC}" - fi - fi - done - - echo " ${C_GREEN}Already up to date: $VERSION${C_NC}" + if [ -f "$target" ]; then + local size=$(ls -lh "$target" | awk '{print $5}') + echo "${GREEN}✓${NC} Backup created: $target ($size)" + else + echo "${RED}✗${NC} Backup failed" + return 1 + fi } # ============================================================================ -# Interactive Mode +# Apps & Services Commands # ============================================================================ + +cmd_apps() { + local subcmd="${1:-list}" + shift 2>/dev/null + + case "$subcmd" in + list) + run_or_warn secubox-app list + ;; + install) + run_or_warn secubox-app install "$@" + ;; + remove) + run_or_warn secubox-app remove "$@" + ;; + status) + run_or_warn secubox-app status "$@" + ;; + store) + run_or_warn secubox-appstore list + ;; + *) + echo "Usage: $SCRIPT_NAME apps " + ;; + esac +} + +cmd_service() { + local svc="$1" + local action="${2:-status}" + + if [ -z "$svc" ]; then + echo "Usage: $SCRIPT_NAME service " + echo "" + echo "Available services:" + ls /etc/init.d/ | grep -E "^(crowdsec|haproxy|jitsi|gitea|docker|nginx)" | sed 's/^/ /' + return + fi + + case "$action" in + start|stop|restart|enable|disable) + /etc/init.d/"$svc" "$action" + ;; + status) + if pgrep "$svc" >/dev/null 2>&1; then + echo "${GREEN}●${NC} $svc is running" + pgrep -a "$svc" | head -3 + else + echo "${RED}●${NC} $svc is stopped" + fi + ;; + *) + echo "Unknown action: $action" + ;; + esac +} + +# ============================================================================ +# Security Commands +# ============================================================================ + +cmd_security() { + local subcmd="${1:-status}" + + case "$subcmd" in + status) + print_section "Security Status" + + # CrowdSec + if pgrep crowdsec >/dev/null 2>&1; then + echo "${GREEN}●${NC} CrowdSec: running" + local decisions=$(cscli decisions list -o json 2>/dev/null | jsonfilter -e '@[*]' 2>/dev/null | wc -l) + echo " Active decisions: $decisions" + else + echo "${RED}●${NC} CrowdSec: stopped" + fi + + # Firewall + local fw_rules=$(iptables -L INPUT 2>/dev/null | wc -l) + echo "${GREEN}●${NC} Firewall: $fw_rules rules" + + # Tor + if pgrep tor >/dev/null 2>&1; then + echo "${GREEN}●${NC} Tor: running" + fi + ;; + + scan) + print_section "Security Scan" + run_or_warn secubox-exposure scan + ;; + + threats) + run_or_warn cscli alerts list -l 10 + ;; + + block) + if [ -n "$2" ]; then + cscli decisions add -i "$2" -d 24h -r "manual block via swiss" + echo "${GREEN}✓${NC} Blocked: $2" + else + echo "Usage: $SCRIPT_NAME security block " + fi + ;; + + unblock) + if [ -n "$2" ]; then + cscli decisions delete -i "$2" + echo "${GREEN}✓${NC} Unblocked: $2" + else + echo "Usage: $SCRIPT_NAME security unblock " + fi + ;; + + *) + echo "Usage: $SCRIPT_NAME security " + ;; + esac +} + +# ============================================================================ +# Network Commands +# ============================================================================ + +cmd_network() { + local subcmd="${1:-status}" + + case "$subcmd" in + status) + print_section "Network Status" + + # Interfaces + echo "${BOLD}Interfaces:${NC}" + ip -br addr show | grep -v "^lo" | while read -r line; do + iface=$(echo "$line" | awk '{print $1}') + state=$(echo "$line" | awk '{print $2}') + addr=$(echo "$line" | awk '{print $3}') + + if [ "$state" = "UP" ]; then + echo " ${GREEN}●${NC} $iface: $addr" + else + echo " ${RED}●${NC} $iface: $state" + fi + done + echo "" + + # DNS + echo "${BOLD}DNS:${NC}" + grep nameserver /tmp/resolv.conf.d/resolv.conf.auto 2>/dev/null | head -3 | sed 's/^/ /' + echo "" + + # WireGuard + if cmd_exists wg && wg show interfaces | grep -q .; then + echo "${BOLD}WireGuard:${NC}" + wg show all | grep -E "^(interface|peer|endpoint)" | sed 's/^/ /' + fi + ;; + + diag) + print_section "Network Diagnostics" + run_or_warn secubox-diagnostics network + ;; + + ports) + print_section "Listening Ports" + netstat -tlnp 2>/dev/null | grep LISTEN | awk '{print " " $4 " " $7}' | sort -t: -k2 -n + ;; + + connections) + print_section "Active Connections" + netstat -tn 2>/dev/null | grep ESTABLISHED | awk '{print " " $5}' | sort | uniq -c | sort -rn | head -10 + ;; + + *) + echo "Usage: $SCRIPT_NAME network " + ;; + esac +} + +# ============================================================================ +# Docker Commands +# ============================================================================ + +cmd_docker() { + local subcmd="${1:-ps}" + shift 2>/dev/null + + if ! cmd_exists docker; then + echo "${RED}Docker not installed${NC}" + return 1 + fi + + case "$subcmd" in + ps) + docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}" + ;; + logs) + docker logs --tail 50 "$@" + ;; + restart) + docker restart "$@" + ;; + stats) + docker stats --no-stream + ;; + prune) + echo "Cleaning unused Docker resources..." + docker system prune -f + ;; + *) + echo "Usage: $SCRIPT_NAME docker " + ;; + esac +} + +# ============================================================================ +# HAProxy Commands +# ============================================================================ + +cmd_haproxy() { + local subcmd="${1:-status}" + + case "$subcmd" in + status) + if pgrep haproxy >/dev/null 2>&1; then + echo "${GREEN}●${NC} HAProxy is running" + run_or_warn haproxyctl status 2>/dev/null || true + else + echo "${RED}●${NC} HAProxy is stopped" + fi + ;; + + vhosts) + print_section "Virtual Hosts" + uci show haproxy 2>/dev/null | grep "\.domain=" | sed "s/haproxy\./ /" | sed "s/\.domain=/: /" + ;; + + reload) + run_or_warn haproxyctl reload + ;; + + stats) + local ip=$(uci -q get network.lan.ipaddr || echo "192.168.255.1") + echo "HAProxy Stats: http://$ip:8404/stats" + echo "Auth: admin / secubox" + ;; + + *) + echo "Usage: $SCRIPT_NAME haproxy " + ;; + esac +} + +# ============================================================================ +# Feed Commands +# ============================================================================ + +cmd_feed() { + local subcmd="${1:-list}" + shift 2>/dev/null + + case "$subcmd" in + list) + run_or_warn secubox-feed list + ;; + update) + run_or_warn secubox-feed update + ;; + sync) + run_or_warn secubox-feed sync + ;; + install) + run_or_warn secubox-feed install "$@" + ;; + *) + echo "Usage: $SCRIPT_NAME feed " + ;; + esac +} + +# ============================================================================ +# Console (Remote Management) +# ============================================================================ + +cmd_console() { + if [ -f /usr/lib/secubox-console/secubox_console.py ]; then + python3 /usr/lib/secubox-console/secubox_console.py "$@" + else + echo "SecuBox Console not installed." + echo "Install with: opkg install secubox-console" + fi +} + +# ============================================================================ +# Quick Actions +# ============================================================================ + +cmd_logs() { + local service="${1:-all}" + local lines="${2:-50}" + + case "$service" in + crowdsec) + tail -n "$lines" /var/log/crowdsec.log 2>/dev/null || logread -l "$lines" | grep -i crowdsec + ;; + haproxy) + logread -l "$lines" | grep -i haproxy + ;; + system) + logread -l "$lines" + ;; + all|*) + logread -l "$lines" + ;; + esac +} + +cmd_restart() { + local target="${1:-services}" + + case "$target" in + services) + echo "Restarting core services..." + for svc in haproxy crowdsec uhttpd rpcd; do + [ -f "/etc/init.d/$svc" ] && /etc/init.d/"$svc" restart + done + echo "${GREEN}✓${NC} Services restarted" + ;; + network) + echo "Restarting network..." + /etc/init.d/network restart + ;; + docker) + echo "Restarting Docker containers..." + docker restart $(docker ps -q) 2>/dev/null + ;; + all) + cmd_restart services + cmd_restart docker + ;; + *) + echo "Usage: $SCRIPT_NAME restart " + ;; + esac +} + +# ============================================================================ +# Interactive Menu +# ============================================================================ + +show_menu() { + print_header + + echo "${BOLD}Quick Actions:${NC}" + echo " ${CYAN}1${NC}) Status overview" + echo " ${CYAN}2${NC}) Mesh status & peers" + echo " ${CYAN}3${NC}) Security status" + echo " ${CYAN}4${NC}) Docker containers" + echo " ${CYAN}5${NC}) HAProxy vhosts" + echo " ${CYAN}6${NC}) View logs" + echo " ${CYAN}7${NC}) Create backup" + echo " ${CYAN}8${NC}) Network diagnostics" + echo " ${CYAN}9${NC}) Factory dashboard" + echo "" + echo " ${CYAN}h${NC}) Help - all commands" + echo " ${CYAN}q${NC}) Quit" + echo "" + printf "Select: " +} + interactive_menu() { while true; do - clear - banner - echo "Quick Actions:" - echo " ${C_CYAN}1${C_NC}) Status - System overview" - echo " ${C_CYAN}2${C_NC}) Backup - Create snapshot" - echo " ${C_CYAN}3${C_NC}) Reborn - Generate recovery script" - echo " ${C_CYAN}4${C_NC}) Sync - Sync mesh & catalog" - echo " ${C_CYAN}5${C_NC}) Health - Health check" - echo " ${C_CYAN}6${C_NC}) Logs - View logs" - echo " ${C_CYAN}7${C_NC}) Update - Self-update" + show_menu + read -r choice echo "" - echo "Tools:" - echo " ${C_CYAN}m${C_NC}) Mesh - P2P mesh management" - echo " ${C_CYAN}r${C_NC}) Recover - Recovery system" - echo " ${C_CYAN}c${C_NC}) Console - Remote management (Python)" - echo " ${C_CYAN}s${C_NC}) Security - MITM/Security logs" - echo "" - echo " ${C_CYAN}q${C_NC}) Quit" - echo "" - printf "Choice: " - read choice case "$choice" in - 1) action_status; read -p "Press Enter..." ;; - 2) action_backup; read -p "Press Enter..." ;; - 3) action_reborn; read -p "Press Enter..." ;; - 4) action_sync; read -p "Press Enter..." ;; - 5) action_health; read -p "Press Enter..." ;; - 6) action_logs; read -p "Press Enter..." ;; - 7) action_self_update; read -p "Press Enter..." ;; - m) tool_mesh; break ;; - r) tool_recover; break ;; - c) tool_console; break ;; - s) tool_mitm; break ;; - q|Q) exit 0 ;; - *) echo "Invalid choice" ;; + 1) cmd_status ;; + 2) cmd_mesh status ;; + 3) cmd_security status ;; + 4) cmd_docker ps ;; + 5) cmd_haproxy vhosts ;; + 6) cmd_logs ;; + 7) cmd_backup ;; + 8) cmd_network diag ;; + 9) cmd_factory open ;; + h) cmd_help ;; + q|Q) echo "Bye!"; exit 0 ;; + *) echo "Invalid option" ;; esac + + echo "" + printf "Press Enter to continue..." + read -r _ + clear done } # ============================================================================ -# Main +# Help # ============================================================================ -case "$1" in - # Quick actions - status) - action_status - ;; - backup) - shift - action_backup "$@" - ;; - reborn) - shift - action_reborn "$@" - ;; - sync) - action_sync - ;; - health) - action_health - ;; - logs) - shift - action_logs "$@" - ;; - update) - action_self_update - ;; - # Tool dispatch - mesh) - shift - tool_mesh "$@" - ;; - recover) - shift - tool_recover "$@" - ;; - console) - shift - tool_console "$@" - ;; - mitm|security) - shift - tool_mitm "$@" - ;; +cmd_help() { + print_header - # Version - -v|--version|version) - echo "SecuBox Swiss v$VERSION" - ;; + cat << 'HELPEOF' +USAGE: + secubox-swiss Interactive menu + secubox-swiss [args] Direct command - # Help - -h|--help|help) - banner - echo "Usage: secubox-swiss [command] [args]" - echo "" - echo "Quick Actions:" - echo " status System overview" - echo " backup [name] Create snapshot" - echo " reborn [file] Generate recovery script" - echo " sync Sync mesh & catalog" - echo " health Health check" - echo " logs [component] View logs (mitm|mesh|security|all)" - echo " update Self-update from mesh" - echo "" - echo "Tools:" - echo " mesh P2P mesh (init|peer-add|sync|...)" - echo " recover Recovery (snapshot|restore|profile-*|...)" - echo " console Remote management console" - echo " mitm Security/MITM logs" - echo "" - echo "Run without arguments for interactive menu." - ;; +COMMANDS: + status System status overview + info Detailed system information - # Interactive - "") - interactive_menu - ;; + mesh Mesh network operations + status Mesh status + peers List peers + discover Discover new peers + sync Sync with peers + services Shared services + broadcast Execute on all peers - *) - echo "Unknown command: $1" - echo "Run 'secubox-swiss help' for usage." - exit 1 - ;; -esac + factory Factory dashboard + status Factory API status + catalog Service catalog + open Show dashboard URL + + recover Backup & recovery + snapshot [name] Create snapshot + list List snapshots + restore Restore snapshot + reborn Generate restore script + + backup [path] Quick backup to file + + apps Application management + list List installed apps + install Install app + remove Remove app + store Browse app store + + service Service control + start/stop/restart/status/enable/disable + + security Security operations + status Security status + scan Port/exposure scan + threats Recent threats + block Block IP + unblock Unblock IP + + network Network operations + status Network status + diag Run diagnostics + ports Listening ports + connections Active connections + + docker Docker operations + ps List containers + logs Container logs + restart Restart container + stats Resource usage + prune Clean unused + + haproxy HAProxy operations + status HAProxy status + vhosts List virtual hosts + reload Reload config + stats Stats URL + + feed Package feed + list List packages + update Update index + sync Sync to opkg + install Install package + + console [args] Remote management console + logs [svc] [lines] View logs + restart Restart services/docker/all + help Show this help + +HELPEOF +} + +# ============================================================================ +# Main Entry Point +# ============================================================================ + +main() { + case "${1:-menu}" in + menu|"") + interactive_menu + ;; + status) + cmd_status + ;; + info) + cmd_info + ;; + mesh) + shift + cmd_mesh "$@" + ;; + factory) + shift + cmd_factory "$@" + ;; + recover|recovery) + shift + cmd_recover "$@" + ;; + backup) + shift + cmd_backup "$@" + ;; + apps|app) + shift + cmd_apps "$@" + ;; + service|svc) + shift + cmd_service "$@" + ;; + security|sec) + shift + cmd_security "$@" + ;; + network|net) + shift + cmd_network "$@" + ;; + docker) + shift + cmd_docker "$@" + ;; + haproxy|ha) + shift + cmd_haproxy "$@" + ;; + feed) + shift + cmd_feed "$@" + ;; + console) + shift + cmd_console "$@" + ;; + logs|log) + shift + cmd_logs "$@" + ;; + restart) + shift + cmd_restart "$@" + ;; + help|-h|--help) + cmd_help + ;; + version|-v|--version) + echo "secubox-swiss v$VERSION" + ;; + *) + echo "Unknown command: $1" + echo "Run 'secubox-swiss help' for usage" + exit 1 + ;; + esac +} + +main "$@"