From 495d5da768fa7a343b1df4cafa0b30f52934bf9c Mon Sep 17 00:00:00 2001 From: CyberMind-FR Date: Thu, 26 Feb 2026 09:24:17 +0100 Subject: [PATCH] docs: Add Yggdrasil IPv6 overlay network milestone - Deployed Yggdrasil on master (aarch64) and clone (x86_64) - Connected to 2 public peers + LAN multicast auto-discovery - Bidirectional ping6 and SSH over Yggdrasil working - Fixed firewall zones: device="ygg0" required for nftables - IPv6: master 201:e4d4:..., clone 201:a9d8:... - Marks v1.1+ Yggdrasil overlay as complete Co-Authored-By: Claude Opus 4.5 --- .claude/TODO.md | 2 +- .claude/WIP.md | 13 ++++++++ .claude/settings.local.json | 26 +++++++++++++++- .../root/www/gk2-hub/portal.html | 4 +-- .../root/usr/libexec/rpcd/luci.voip | 30 +++++++++++-------- 5 files changed, 58 insertions(+), 17 deletions(-) diff --git a/.claude/TODO.md b/.claude/TODO.md index 97ea82df..1ddb52fd 100644 --- a/.claude/TODO.md +++ b/.claude/TODO.md @@ -194,7 +194,7 @@ All cloud providers are **opt-in**. Offline resilience: local tier always active ### v1.1+ — Extended Mesh -- [ ] Yggdrasil overlay +- [x] Yggdrasil overlay — Done 2026-02-26 (bidirectional IPv6, SSH, LAN multicast discovery) - [ ] Meshname DNS - [ ] Extended peer discovery diff --git a/.claude/WIP.md b/.claude/WIP.md index 306e7872..43a746e7 100644 --- a/.claude/WIP.md +++ b/.claude/WIP.md @@ -64,6 +64,19 @@ _Last updated: 2026-02-25 (Factory Dashboard LuCI)_ ### Just Completed (2026-02-26) +- **Yggdrasil IPv6 Overlay Network** — DONE (2026-02-26) + - Deployed Yggdrasil on both master (aarch64) and clone (x86_64) + - Connected to 2 public peers (51.15.204.214, ygg.mkg20001.io) + - LAN multicast discovery: clone auto-peered with master via br-lan (1.73ms RTT) + - Bidirectional ping6 working: + - Master → Clone: ~6.2ms avg + - Clone → Master: ~2.2ms avg + - SSH over Yggdrasil working bidirectionally + - Fixed firewall zones: added `device="ygg0"` to nftables zones on both nodes + - IPv6 addresses: + - Master: `201:e4d4:9d55:9a02:7427:7081:9cf9:9e46` + - Clone: `201:a9d8:5a5:e493:bd0b:2c2f:5e85:34fe` + - **ZKP Cross-Node Verification Testing** — DONE (2026-02-26) - Full bidirectional ZKP authentication tested between master (aarch64) and clone (x86_64) - Generated 50-node Hamiltonian graphs on both nodes diff --git a/.claude/settings.local.json b/.claude/settings.local.json index 05b86f29..fe7832e6 100644 --- a/.claude/settings.local.json +++ b/.claude/settings.local.json @@ -436,7 +436,31 @@ "Bash(do if ping -c 1 -W 2 192.168.255.156)", "Bash(break)", "Bash(if ping -c 1 -W 3 192.168.255.156)", - "Bash(else)" + "Bash(else)", + "Bash(timeout 5 nmap:*)", + "Bash(# Check if extension 103 is registered via WebRTC ssh root@192.168.255.1 ''lxc-attach -n voip -- asterisk -rx \"\"pjsip show endpoint 103\"\"'')", + "Bash(__NEW_LINE_fbba53781de06448__ echo \"\")", + "Bash(__NEW_LINE_7adb9e690b841028__ echo \"\")", + "Bash(# Check working handler for comparison ssh root@192.168.255.1 ''grep -B2 -A2 \"\"\\\\\"\"date\\\\\"\"\"\" /usr/libexec/rpcd/luci.*'')", + "Bash(__NEW_LINE_ee8b189db819820d__ echo \"=== With today ===\")", + "Bash(__NEW_LINE_e1793f41c1d27989__ echo \"\")", + "Bash(__NEW_LINE_7e8dc30c01cd1540__ echo \"\")", + "Bash(__NEW_LINE_0a0a0b37fa13066b__ echo \"\")", + "Bash(__NEW_LINE_d0cebf6ba4912400__ echo \"\")", + "Bash(__NEW_LINE_41137796261af220__ echo \"\")", + "Bash(__NEW_LINE_8122080078617a43__ echo \"\")", + "Bash(__NEW_LINE_8d3e1ffe310240e9__ cat /home/reepost/CyberMindStudio/secubox-openwrt/package/secubox/zkp-hamiltonian/build-x86/zkp_keygen)", + "Bash(__NEW_LINE_3381982c6fa3c38b__ cat /home/reepost/CyberMindStudio/secubox-openwrt/package/secubox/zkp-hamiltonian/build-x86/zkp_prover)", + "Bash(__NEW_LINE_ffe3f82cb7ee419e__ echo \"\")", + "Bash(__NEW_LINE_022e6caf7fe283a0__ echo \"=== Deploy zkp_keygen ===\")", + "Bash(__NEW_LINE_cd413f540bbce32c__ echo \"=== Deploy zkp_prover ===\")", + "Bash(__NEW_LINE_de05005644963f24__ echo \"\")", + "Bash(__NEW_LINE_bdbb5578159f1cea__ echo \"=== Transfer clone proof to master ===\")", + "Bash(__NEW_LINE_ccff6a83615ec364__ echo \"\")", + "Bash(__NEW_LINE_4ae32f0682f969f7__ echo \"\")", + "Bash(__NEW_LINE_9355573ea4eaaf97__ echo \"\")", + "Bash(__NEW_LINE_2d1b6ec757fae311__ echo \"\")", + "Bash(__NEW_LINE_f8bfff16bb831fd7__ echo \"\")" ] } } diff --git a/package/secubox/luci-app-secubox-portal/root/www/gk2-hub/portal.html b/package/secubox/luci-app-secubox-portal/root/www/gk2-hub/portal.html index 5f2621f3..f83c63b3 100644 --- a/package/secubox/luci-app-secubox-portal/root/www/gk2-hub/portal.html +++ b/package/secubox/luci-app-secubox-portal/root/www/gk2-hub/portal.html @@ -260,9 +260,9 @@
Jitsi Meet
meet.gk2.secubox.in
- +
📞
-
VoIP
+
WebRTC Phone
voip.gk2.secubox.in
 diff --git a/package/secubox/luci-app-voip/root/usr/libexec/rpcd/luci.voip b/package/secubox/luci-app-voip/root/usr/libexec/rpcd/luci.voip index 2959ddf3..6c4a9488 100755 --- a/package/secubox/luci-app-voip/root/usr/libexec/rpcd/luci.voip +++ b/package/secubox/luci-app-voip/root/usr/libexec/rpcd/luci.voip @@ -43,24 +43,28 @@ JSON $VOIPCTL status ;; extensions) - json_init - json_add_array "extensions" - - uci show voip 2>/dev/null | grep "=extension" | while read -r line; do - section=$(echo "$line" | cut -d'.' -f2 | cut -d'=' -f1) - ext=$(echo "$section" | sed 's/ext_//') - name=$(uci -q get "voip.$section.name") - context=$(uci -q get "voip.$section.context" || echo "internal") - vm=$(uci -q get "voip.$section.voicemail" || echo "0") - + . /lib/functions.sh + + _add_ext() { + local section="$1" + local name context vm + config_get name "$section" name + config_get context "$section" context "internal" + config_get vm "$section" voicemail "0" + local number="${section#ext_}" + json_add_object - json_add_string "number" "$ext" + json_add_string "number" "$number" json_add_string "name" "$name" json_add_string "context" "$context" json_add_boolean "voicemail" "$vm" json_close_object - done - + } + + json_init + json_add_array "extensions" + config_load voip + config_foreach _add_ext extension json_close_array json_dump ;;