gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: Update tracking files for HAProxy/mitmproxy WAF routing fix

Browse Source 
- Fixed 503 errors on published sites (testsite, santefr, etc.)
- Root cause: mitmproxy haproxy_router_enabled missing from UCI
- Root cause: mitmproxy routes not reloaded after file update
- Root cause: HAProxy config needed reload after changes

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
CyberMind-FR 2026-03-17 10:56:14 +01:00
parent c8a5e1c19a
commit 3127986fbc
2 changed files with 24 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.claude/HISTORY.md
View File

@ -1,6 +1,16 @@
# SecuBox UI & Theme History
_Last updated: 2026-03-16 (CrowdSec Heatmap)_
_Last updated: 2026-03-17 (HAProxy/mitmproxy WAF routing fix)_
0. **HAProxy/mitmproxy WAF Routing Fix (2026-03-17)**
- Fixed published sites returning 503 errors due to misconfigured WAF routing
- Root cause 1: mitmproxy UCI config missing `haproxy_router_enabled='1'` - HAProxy router addon wasn't loading
- Root cause 2: mitmproxy routes file not reloaded after adding new domains
- Root cause 3: HAProxy config needed reload after UCI changes
- Fix: Added `haproxy_router_enabled` to mitmproxy.in UCI instance
- Fix: Restart mitmproxy to load routes, reload HAProxy for config sync
- Fixed metablogizerctl to set correct mitmproxy routing for new sites (previous session)
- Sites verified working: testsite, santefr, srvi, filetest, sweedtest, litest, lblstest, tdahbdss
0. **CrowdSec Dashboard Geo Heatmap (2026-03-16)**
- NEW: Geo heatmap visualization showing threat origins on world map

14
.claude/WIP.md
View File

@ -1,6 +1,6 @@
# Work In Progress (Claude)
_Last updated: 2026-03-16 (Unified SMTP Relay)_
_Last updated: 2026-03-17 (HAProxy/mitmproxy WAF routing fix)_
> **Architecture Reference**: SecuBox Fanzine v3 — Les 4 Couches
@ -8,6 +8,18 @@ _Last updated: 2026-03-16 (Unified SMTP Relay)_
## Recently Completed
### 2026-03-17
- **HAProxy/mitmproxy WAF Routing Fix (Complete)**
- Fixed published sites returning 503 errors
- **Root causes identified and fixed**:
1. mitmproxy UCI missing `haproxy_router_enabled='1'` - addon not loading
2. mitmproxy routes file loaded at startup, not reloaded dynamically
3. HAProxy needed reload to sync config changes
- Fixed metablogizerctl to route new sites through mitmproxy (previous session)
- All test sites verified working: testsite, santefr, srvi, filetest, sweedtest, litest, lblstest, tdahbdss
- Note: `wall.gk2.secubox.in` doesn't exist - only `wall.maegia.tv`
### 2026-03-16
- **SecuBox v1.0.0-beta Quick Access Page (Complete)**