gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(secubox-app-webapp): Add SecuBox Dashboard web application

Browse Source 
Single-page dashboard for SecuBox/OpenWrt with:
- Native OpenWrt authentication via rpcd/ubus
- Real-time system monitoring (CPU, RAM, Disk, Network)
- CrowdSec security integration
- Service management
- Network interface control

Access via: http://<router-ip>/secubox-dashboard/

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
CyberMind-FR 2026-01-21 10:28:09 +01:00
parent e2a78b0a9c
commit 3908080a03
5 changed files with 3305 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
package/secubox/secubox-app-webapp/Makefile Normal file
View File

@ -0,0 +1,72 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=secubox-app-webapp
PKG_VERSION:=1.0.0
PKG_RELEASE:=1
PKG_LICENSE:=MIT
PKG_MAINTAINER:=CyberMind.FR <contact@cybermind.fr>
include $(INCLUDE_DIR)/package.mk
define Package/secubox-app-webapp
SECTION:=secubox
CATEGORY:=SecuBox
TITLE:=SecuBox Dashboard Web Application
DEPENDS:=+uhttpd +uhttpd-mod-ubus +rpcd +rpcd-mod-file
PKGARCH:=all
endef
define Package/secubox-app-webapp/description
SecuBox Control Center Dashboard - A web-based dashboard for monitoring
and managing SecuBox/OpenWrt systems. Features include:
- Native OpenWrt authentication via rpcd/ubus
- Real-time system monitoring (CPU, RAM, Disk, Network)
- CrowdSec security integration
- Service management
- Network interface control
endef
define Package/secubox-app-webapp/conffiles
/etc/config/secubox-webapp
endef
define Build/Compile
endef
define Package/secubox-app-webapp/install
$(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/etc/config/secubox-webapp $(1)/etc/config/secubox-webapp
$(INSTALL_DIR) $(1)/www/secubox-dashboard
$(INSTALL_DATA) ./files/www/secubox-dashboard/index.html $(1)/www/secubox-dashboard/index.html
$(INSTALL_DIR) $(1)/usr/share/rpcd/acl.d
$(INSTALL_DATA) ./files/usr/share/rpcd/acl.d/secubox-dashboard.json $(1)/usr/share/rpcd/acl.d/secubox-dashboard.json
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) ./files/usr/sbin/secubox-webapp-setup $(1)/usr/sbin/secubox-webapp-setup
endef
define Package/secubox-app-webapp/postinst
#!/bin/sh
[ -n "$${IPKG_INSTROOT}" ] && exit 0
# Enable ubus in uhttpd if not already
if ! uci -q get uhttpd.main.ubus_prefix >/dev/null; then
uci set uhttpd.main.ubus_prefix='/ubus'
fi
# Enable CORS for external access
uci set uhttpd.main.ubus_cors='1'
uci commit uhttpd
# Restart services
/etc/init.d/rpcd restart
/etc/init.d/uhttpd restart
echo "SecuBox Dashboard installed at /www/secubox-dashboard/"
echo "Access via: http://<router-ip>/secubox-dashboard/"
exit 0
endef
$(eval $(call BuildPackage,secubox-app-webapp))

9
package/secubox/secubox-app-webapp/files/etc/config/secubox-webapp Normal file
View File

@ -0,0 +1,9 @@
config webapp 'main'
option enabled '1'
option title 'SecuBox Control Center'
option refresh_interval '10'
option session_timeout '3600'
config access 'cors'
option enabled '1'
option allow_origin '*'

167
package/secubox/secubox-app-webapp/files/usr/sbin/secubox-webapp-setup Normal file
View File

@ -0,0 +1,167 @@
#!/bin/sh
#
# SecuBox Dashboard - Configuration utility
# Copyright (C) 2025-2026 CyberMind.FR
#
CONFIG="secubox-webapp"
usage() {
cat <<'EOF'
Usage: secubox-webapp-setup <command>
Commands:
status Show dashboard configuration status
enable Enable CORS and ubus access
disable Disable CORS access
check Check rpcd/uhttpd configuration
info Show access URLs
Dashboard URL: http://<router-ip>/secubox-dashboard/
EOF
}
log_info() { echo "[INFO] $*"; }
log_warn() { echo "[WARN] $*" >&2; }
log_error() { echo "[ERROR] $*" >&2; }
cmd_status() {
echo "=== SecuBox Dashboard Status ==="
echo ""
# Check uhttpd ubus
local ubus_prefix=$(uci -q get uhttpd.main.ubus_prefix)
local ubus_cors=$(uci -q get uhttpd.main.ubus_cors)
if [ -n "$ubus_prefix" ]; then
echo "UBUS endpoint: $ubus_prefix (enabled)"
else
echo "UBUS endpoint: not configured"
fi
if [ "$ubus_cors" = "1" ]; then
echo "CORS: enabled"
else
echo "CORS: disabled"
fi
# Check rpcd
if /etc/init.d/rpcd status >/dev/null 2>&1; then
echo "rpcd: running"
else
echo "rpcd: not running"
fi
# Check ACL
if [ -f /usr/share/rpcd/acl.d/secubox-dashboard.json ]; then
echo "ACL: installed"
else
echo "ACL: not found"
fi
# Check dashboard files
if [ -f /www/secubox-dashboard/index.html ]; then
echo "Dashboard: installed"
else
echo "Dashboard: not found"
fi
echo ""
echo "=== Access URL ==="
local lan_ip=$(uci -q get network.lan.ipaddr || echo "192.168.1.1")
echo "http://$lan_ip/secubox-dashboard/"
}
cmd_enable() {
log_info "Enabling SecuBox Dashboard access..."
# Configure uhttpd
uci set uhttpd.main.ubus_prefix='/ubus'
uci set uhttpd.main.ubus_cors='1'
uci commit uhttpd
# Restart services
/etc/init.d/rpcd restart
/etc/init.d/uhttpd restart
log_info "Dashboard access enabled"
}
cmd_disable() {
log_info "Disabling CORS access..."
uci set uhttpd.main.ubus_cors='0'
uci commit uhttpd
/etc/init.d/uhttpd restart
log_info "CORS disabled (local access still works)"
}
cmd_check() {
echo "=== Configuration Check ==="
echo ""
# Check packages
echo "Packages:"
for pkg in uhttpd uhttpd-mod-ubus rpcd rpcd-mod-file; do
if opkg list-installed | grep -q "^$pkg "; then
echo " ✓ $pkg"
else
echo " ✗ $pkg (missing)"
fi
done
echo ""
echo "Services:"
if /etc/init.d/uhttpd status >/dev/null 2>&1; then
echo " ✓ uhttpd running"
else
echo " ✗ uhttpd not running"
fi
if /etc/init.d/rpcd status >/dev/null 2>&1; then
echo " ✓ rpcd running"
else
echo " ✗ rpcd not running"
fi
echo ""
echo "UBUS test:"
if command -v curl >/dev/null 2>&1; then
local result=$(curl -s -X POST http://127.0.0.1/ubus -d '{"jsonrpc":"2.0","id":1,"method":"list"}' 2>/dev/null)
if echo "$result" | grep -q "jsonrpc"; then
echo " ✓ UBUS responding"
else
echo " ✗ UBUS not responding"
fi
else
echo " ? curl not available for test"
fi
}
cmd_info() {
local lan_ip=$(uci -q get network.lan.ipaddr || echo "192.168.1.1")
echo "╔════════════════════════════════════════════════════════════╗"
echo "║ SecuBox Dashboard - Access Information ║"
echo "╠════════════════════════════════════════════════════════════╣"
echo "║ ║"
printf "║ Dashboard: %-46s ║\n" "http://$lan_ip/secubox-dashboard/"
printf "║ UBUS API: %-46s ║\n" "http://$lan_ip/ubus"
echo "║ ║"
echo "║ Login: Use OpenWrt root credentials ║"
echo "║ ║"
echo "╚════════════════════════════════════════════════════════════╝"
}
# Main
case "${1:-}" in
status) cmd_status ;;
enable) cmd_enable ;;
disable) cmd_disable ;;
check) cmd_check ;;
info) cmd_info ;;
help|--help|-h|'') usage ;;
*) echo "Unknown command: $1" >&2; usage >&2; exit 1 ;;
esac

35
package/secubox/secubox-app-webapp/files/usr/share/rpcd/acl.d/secubox-dashboard.json Normal file
View File

@ -0,0 +1,35 @@
{
"secubox-dashboard": {
"description": "SecuBox Dashboard full access",
"read": {
"ubus": {
"session": ["access", "get", "list"],
"system": ["board", "info"],
"network": ["get_proto_handlers"],
"network.interface": ["dump", "status"],
"network.device": ["status"],
"network.wireless": ["status"],
"service": ["list"],
"file": ["list", "read", "stat", "exec"],
"luci": ["getLocaltime", "getTimezones", "getInitList", "getRealtimeStats"],
"luci-rpc": ["getBoardJSON", "getNetworkDevices", "getDHCPLeases"]
},
"file": {
"/etc/crowdsec/*": ["read"],
"/var/log/*": ["read"],
"/tmp/*": ["read"]
}
},
"write": {
"ubus": {
"file": ["exec"],
"service": ["signal", "delete"],
"system": ["reboot"],
"network.interface": ["up", "down", "renew"]
},
"file": {
"/tmp/*": ["write"]
}
}
}
}

3022
package/secubox/secubox-app-webapp/files/www/secubox-dashboard/index.html Normal file
View File

File diff suppressed because it is too large Load Diff