gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(secubox): Add KISS README for all 46 remaining packages

Browse Source 
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
CyberMind-FR 2026-02-03 07:34:06 +01:00
parent b516609bcc
commit 62f2f6a7a8
47 changed files with 2108 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
package/secubox/luci-app-cyberfeed/README.md Normal file
View File

@ -0,0 +1,46 @@
# LuCI CyberFeed Dashboard
RSS feed aggregator with social media support via RSS-Bridge integration.
## Installation
```bash
opkg install luci-app-cyberfeed
```
## Access
LuCI menu: **Services -> CyberFeed**
## Tabs
- **Dashboard** -- Feed status, item count, last sync time
- **Feeds** -- Add, remove, and manage RSS/Atom feed sources
- **Preview** -- Browse fetched feed items
- **Settings** -- Refresh interval, cache TTL, RSS-Bridge config
## RPCD Methods
Backend: `luci.cyberfeed`
| Method | Description |
|--------|-------------|
| `get_status` | Service status and feed statistics |
| `get_feeds` | List configured feeds |
| `get_items` | Get fetched feed items |
| `add_feed` | Add a new feed source |
| `delete_feed` | Remove a feed |
| `sync_feeds` | Trigger feed synchronization |
| `get_config` | Get current settings |
| `save_config` | Save settings |
| `rssbridge_status` | RSS-Bridge service status |
| `rssbridge_install` | Install RSS-Bridge |
| `rssbridge_control` | Start/stop RSS-Bridge |
## Dependencies
- `secubox-app-cyberfeed`
## License
Apache-2.0

43
package/secubox/luci-app-dnsguard/README.md Normal file
View File

@ -0,0 +1,43 @@
# SecuBox DNS Guard
Privacy DNS manager with curated provider feed and DoH/DoT support.
## Installation
```bash
opkg install luci-app-dnsguard
```
## Access
LuCI menu: **SecuBox -> Security -> DNS Guard**
## Features
- Curated list of privacy-focused DNS providers (FDN, Quad9, Mullvad, Cloudflare, AdGuard, etc.)
- One-click provider switching with automatic dnsmasq configuration
- DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) support
- Smart config recommendations based on category (privacy, security, adblock, family)
- Built-in DNS resolution tester
## RPCD Methods
Backend: `luci.dnsguard`
| Method | Description |
|--------|-------------|
| `status` | Current DNS mode, active provider, and primary/secondary servers |
| `get_providers` | List all available DNS providers |
| `get_config` | Get dnsmasq and AdGuard Home configuration |
| `set_provider` | Switch to a specific DNS provider |
| `smart_config` | Get smart configuration recommendations |
| `test_dns` | Test DNS resolution against a server |
| `apply` | Apply pending DNS changes |
## Dependencies
- `luci-base`
## License
Apache-2.0

47
package/secubox/luci-app-exposure/README.md Normal file
View File

@ -0,0 +1,47 @@
# LuCI SecuBox Service Exposure Manager
Unified interface for exposing local services via Tor hidden services and HAProxy SSL reverse proxy, with port conflict detection.
## Installation
```bash
opkg install luci-app-exposure
```
## Access
LuCI menu: **SecuBox -> Network -> Service Exposure**
## Tabs
- **Overview** -- Scan listening services, detect port conflicts
- **Services** -- Manage exposed service ports
- **Tor Hidden** -- Create and manage .onion hidden services
- **SSL Proxy** -- Configure HAProxy SSL reverse proxy entries
## RPCD Methods
Backend: `luci.exposure`
| Method | Description |
|--------|-------------|
| `scan` | Scan all listening services and ports |
| `conflicts` | Detect port conflicts between services |
| `status` | Get exposure manager status |
| `tor_list` | List Tor hidden services |
| `ssl_list` | List SSL reverse proxy entries |
| `get_config` | Get exposure configuration |
| `fix_port` | Reassign a conflicting service port |
| `tor_add` | Add a Tor hidden service |
| `tor_remove` | Remove a Tor hidden service |
| `ssl_add` | Add an SSL reverse proxy entry |
| `ssl_remove` | Remove an SSL reverse proxy entry |
## Dependencies
- `luci-base`
- `secubox-app-exposure`
## License
Apache-2.0

58
package/secubox/luci-app-gitea/README.md Normal file
View File

@ -0,0 +1,58 @@
# LuCI Gitea Dashboard
Git hosting service management dashboard for Gitea.
## Installation
```bash
opkg install luci-app-gitea
```
## Access
LuCI menu: **Services -> Gitea**
## Tabs
- **Overview** -- Service status, container health, storage usage
- **Repositories** -- Browse and create Git repositories
- **Users** -- Manage users and admin accounts
- **Settings** -- HTTP/SSH ports, domain, data path, memory limit, registration policy
## RPCD Methods
Backend: `luci.gitea`
| Method | Description |
|--------|-------------|
| `get_status` | Service and container status |
| `get_stats` | Repository and user statistics |
| `get_config` | Get Gitea configuration |
| `save_config` | Save configuration |
| `start` | Start Gitea |
| `stop` | Stop Gitea |
| `restart` | Restart Gitea |
| `install` | Install Gitea container |
| `uninstall` | Remove Gitea container |
| `update` | Update Gitea to latest version |
| `get_logs` | Fetch service logs |
| `list_repos` | List all repositories |
| `get_repo` | Get repository details |
| `list_users` | List all users |
| `create_admin` | Create an admin account |
| `create_user` | Create a user account |
| `generate_token` | Generate API access token |
| `create_repo` | Create a new repository |
| `create_backup` | Create a data backup |
| `list_backups` | List available backups |
| `restore_backup` | Restore from backup |
| `get_install_progress` | Check installation progress |
## Dependencies
- `luci-base`
- `secubox-app-gitea`
## License
Apache-2.0

44
package/secubox/luci-app-glances/README.md Normal file
View File

@ -0,0 +1,44 @@
# LuCI Glances Dashboard
System monitoring dashboard powered by Glances with embedded Web UI.
## Installation
```bash
opkg install luci-app-glances
```
## Access
LuCI menu: **SecuBox -> Monitoring -> Glances**
## Tabs
- **Dashboard** -- CPU, memory, disk, and network metrics at a glance
- **Web UI** -- Embedded Glances web interface with SecuBox theme
- **Settings** -- Monitoring intervals, alert thresholds, service control
## RPCD Methods
Backend: `luci.glances`
| Method | Description |
|--------|-------------|
| `get_status` | Service status and basic metrics |
| `get_config` | Get Glances configuration |
| `get_monitoring_config` | Get monitoring parameters |
| `get_alerts_config` | Get alert threshold settings |
| `get_web_url` | Get Glances Web UI URL |
| `service_start` | Start Glances |
| `service_stop` | Stop Glances |
| `service_restart` | Restart Glances |
| `set_config` | Update a configuration key |
## Dependencies
- `luci-base`
- `secubox-app-glances`
## License
Apache-2.0

45
package/secubox/luci-app-jitsi/README.md Normal file
View File

@ -0,0 +1,45 @@
# LuCI Jitsi Meet Configuration
Video conferencing service management for self-hosted Jitsi Meet.
## Installation
```bash
opkg install luci-app-jitsi
```
## Access
LuCI menu: **Services -> Jitsi Meet**
## Features
- Docker container orchestration (web, prosody, jicofo, jvb)
- Conference and participant statistics via JVB API
- User management for authenticated meetings
- Service logs viewer
## RPCD Methods
Backend: `luci.jitsi`
| Method | Description |
|--------|-------------|
| `status` | Container states, conference/participant stats |
| `start` | Start Jitsi containers |
| `stop` | Stop Jitsi containers |
| `restart` | Restart all containers |
| `install` | Install Jitsi stack |
| `generate_config` | Generate Jitsi configuration files |
| `add_user` | Add an authenticated user |
| `remove_user` | Remove a user |
| `list_users` | List registered users |
| `logs` | Fetch service logs |
## Dependencies
- `secubox-app-jitsi`
## License
Apache-2.0

48
package/secubox/luci-app-localai/README.md Normal file
View File

@ -0,0 +1,48 @@
# LuCI LocalAI Dashboard
Local LLM inference server management with OpenAI-compatible API.
## Installation
```bash
opkg install luci-app-localai
```
## Access
LuCI menu: **Services -> LocalAI**
## Tabs
- **Dashboard** -- Service health, loaded models, API endpoint status
- **Models** -- Install, remove, and manage LLM models
- **Chat** -- Interactive chat interface for testing models
- **Settings** -- API port, memory limits, runtime configuration
## RPCD Methods
Backend: `luci.localai`
| Method | Description |
|--------|-------------|
| `status` | Service status and runtime info |
| `models` | List installed models |
| `config` | Get configuration |
| `health` | API health check |
| `metrics` | Inference metrics and stats |
| `start` | Start LocalAI |
| `stop` | Stop LocalAI |
| `restart` | Restart LocalAI |
| `model_install` | Install a model by name |
| `model_remove` | Remove an installed model |
| `chat` | Send chat completion request |
| `complete` | Send text completion request |
## Dependencies
- `luci-base`
- `secubox-app-localai`
## License
Apache-2.0

42
package/secubox/luci-app-lyrion/README.md Normal file
View File

@ -0,0 +1,42 @@
# LuCI Lyrion Music Server
Management dashboard for Lyrion Music Server (formerly Logitech Media Server / Squeezebox Server).
## Installation
```bash
opkg install luci-app-lyrion
```
## Access
LuCI menu: **Services -> Lyrion**
## Tabs
- **Overview** -- Service status, web UI link, player count
- **Settings** -- Port, data/media paths, memory limit, timezone, runtime
## RPCD Methods
Backend: `luci.lyrion`
| Method | Description |
|--------|-------------|
| `status` | Service and container status |
| `get_config` | Get current configuration |
| `save_config` | Save configuration |
| `install` | Install Lyrion container |
| `start` | Start Lyrion |
| `stop` | Stop Lyrion |
| `restart` | Restart Lyrion |
| `update` | Update to latest version |
| `logs` | Fetch service logs |
## Dependencies
- `luci-base`
## License
Apache-2.0

41
package/secubox/luci-app-mailinabox/README.md Normal file
View File

@ -0,0 +1,41 @@
# LuCI Mail-in-a-Box
Self-hosted mail server management dashboard (SMTP, IMAP, webmail).
## Installation
```bash
opkg install luci-app-mailinabox
```
## Access
LuCI menu: **Services -> Mail Server**
## Tabs
- **Overview** -- Service status, container health, domain configuration
- **Settings** -- Hostname, domain, service control
## RPCD Methods
Backend: `luci.mailinabox`
| Method | Description |
|--------|-------------|
| `status` | Service and container status |
| `get_config` | Get mail server configuration |
| `save_config` | Save hostname and domain settings |
| `install` | Install Mail-in-a-Box container |
| `start` | Start mail services |
| `stop` | Stop mail services |
| `restart` | Restart mail services |
| `logs` | Fetch service logs |
## Dependencies
- `luci-base`
## License
Apache-2.0

41
package/secubox/luci-app-metabolizer/README.md Normal file
View File

@ -0,0 +1,41 @@
# LuCI Metabolizer CMS
Content management system dashboard with Gitea integration and static site publishing.
## Installation
```bash
opkg install luci-app-metabolizer
```
## Access
LuCI menu: **Services -> Metabolizer CMS**
## Tabs
- **Overview** -- Service status, post count, Gitea sync state
- **Settings** -- CMS configuration
## RPCD Methods
Backend: `luci.metabolizer`
| Method | Description |
|--------|-------------|
| `status` | Service status and content statistics |
| `list_posts` | List published posts |
| `gitea_status` | Gitea repository sync status |
| `sync` | Sync content from source |
| `build` | Build static site |
| `publish` | Publish built site |
| `gitea_sync` | Sync with Gitea repository |
## Dependencies
- `luci-base`
- `secubox-app-metabolizer`
## License
Apache-2.0

33
package/secubox/luci-app-mmpm/README.md Normal file
View File

@ -0,0 +1,33 @@
# LuCI MMPM Dashboard
LuCI web interface for managing MagicMirror modules via MMPM (MagicMirror Package Manager).
## Installation
```bash
opkg install luci-app-mmpm
```
## Access
LuCI > Services > MMPM
## Tabs
- **Dashboard** -- Service status and MagicMirror overview
- **Modules** -- Search, install, update, and remove MagicMirror modules
- **Web GUI** -- Embedded MMPM web interface
- **Settings** -- MMPM and MagicMirror configuration
## RPCD Methods
Service: `luci.mmpm`
## Dependencies
- `luci-base`
- `secubox-app-mmpm`
## License
Apache-2.0

40
package/secubox/luci-app-ndpid/README.md Normal file
View File

@ -0,0 +1,40 @@
# LuCI nDPId Dashboard
LuCI web interface for nDPId deep packet inspection -- real-time traffic analysis and protocol detection.
## Installation
```bash
opkg install luci-app-ndpid
```
## Access
LuCI > SecuBox > nDPId Intelligence
## Tabs
- **Dashboard** -- Live traffic statistics and protocol breakdown
- **Flows** -- Active network flows with detected application protocols
- **Settings** -- nDPId daemon configuration
## Helper Scripts
- `ndpid-compat` -- Compatibility layer for nDPId integration
- `ndpid-flow-actions` -- Flow event processing and actions
- `ndpid-collector` -- Traffic data collection and aggregation
## RPCD Methods
Service: `luci.ndpid`
## Dependencies
- `luci-base`
- `ndpid`
- `socat`
- `jq`
## License
Apache-2.0

30
package/secubox/luci-app-nextcloud/README.md Normal file
View File

@ -0,0 +1,30 @@
# LuCI Nextcloud
LuCI web interface for managing a self-hosted Nextcloud instance -- file sync, calendar, and contacts.
## Installation
```bash
opkg install luci-app-nextcloud
```
## Access
LuCI > Services > Nextcloud
## Tabs
- **Overview** -- Nextcloud service status and instance information
- **Settings** -- Instance configuration and management
## RPCD Methods
Service: `luci.nextcloud`
## Dependencies
- `luci-base`
## License
Apache-2.0

33
package/secubox/luci-app-ollama/README.md Normal file
View File

@ -0,0 +1,33 @@
# LuCI Ollama Dashboard
LuCI web interface for managing Ollama -- local large language model runtime.
## Installation
```bash
opkg install luci-app-ollama
```
## Access
LuCI > Services > Ollama
## Tabs
- **Dashboard** -- Service status and resource usage
- **Models** -- Pull, list, and remove LLM models
- **Chat** -- Interactive chat interface for loaded models
- **Settings** -- Ollama server configuration
## RPCD Methods
Service: `luci.ollama`
## Dependencies
- `luci-base`
- `secubox-app-ollama`
## License
Apache-2.0

31
package/secubox/luci-app-picobrew/README.md Normal file
View File

@ -0,0 +1,31 @@
# LuCI PicoBrew Dashboard
LuCI web interface for managing PicoBrew brewing controllers -- recipe and session monitoring.
## Installation
```bash
opkg install luci-app-picobrew
```
## Access
LuCI > Services > PicoBrew
## Tabs
- **Dashboard** -- Brewing session status, recipe overview, and controller state
- **Settings** -- PicoBrew service configuration
## RPCD Methods
Service: `luci.picobrew`
## Dependencies
- `luci-base`
- `secubox-app-picobrew`
## License
Apache-2.0

36
package/secubox/luci-app-secubox-admin/README.md Normal file
View File

@ -0,0 +1,36 @@
# LuCI SecuBox Admin Control Center
Unified administration dashboard for SecuBox appstore plugins with system monitoring and management.
## Installation
```bash
opkg install luci-app-secubox-admin
```
## Access
LuCI > SecuBox > Admin Control
## Tabs
- **Control Panel** -- Central admin dashboard
- **Cyber Console** -- Security-focused system console
- **Apps Manager** -- Install, update, and manage SecuBox applications
- **Updates** -- Available package and system updates
- **Profiles** -- User and device profile management
- **Skills** -- Automation skills configuration
- **Catalog Sources** -- App catalog feed management
- **Feedback** -- User feedback submission
- **App Settings** -- Per-application settings
- **System Health** -- Hardware and service health monitoring
- **System Logs** -- Centralized log viewer
- **Advanced Settings** -- Low-level system configuration
## Dependencies
Pure JavaScript/JSON package -- no additional runtime dependencies beyond LuCI.
## License
Apache-2.0

33
package/secubox/luci-app-secubox-p2p/README.md Normal file
View File

@ -0,0 +1,33 @@
# LuCI SecuBox P2P Hub
LuCI web interface for SecuBox peer-to-peer mesh management, peer discovery, and distributed services.
## Installation
```bash
opkg install luci-app-secubox-p2p
```
## Access
LuCI > SecuBox > MirrorBox
## Tabs
- **Overview** -- P2P network status summary
- **P2P Hub** -- Central hub management and connectivity
- **Peers** -- Discovered peers and connection status
- **Services** -- Distributed services across the mesh
- **Profiles** -- Peer identity and profile configuration
- **Mesh Network** -- Mesh topology and routing
- **Factory** -- Device provisioning and Gitea backup integration
- **Settings** -- P2P network configuration
## Dependencies
- `luci-base`
- `secubox-p2p`
## License
Apache-2.0

35
package/secubox/luci-app-secubox-portal/README.md Normal file
View File

@ -0,0 +1,35 @@
# SecuBox Portal
Unified web UI entry point for all SecuBox applications -- provides the top-level SecuBox navigation and tabbed dashboard.
## Installation
```bash
opkg install luci-app-secubox-portal
```
## Access
LuCI > SecuBox (top-level menu)
## Sections
- **Dashboard** -- Aggregated overview of all SecuBox services
- **Services** -- Container for service sub-menus
- **Apps** -- Application launcher and catalog
- **Settings** -- Global SecuBox settings
### Public Pages (no login required)
- Bug Bounty
- Crowdfunding Campaign
- Development Status
## Dependencies
- `luci-base`
- `luci-theme-secubox`
## License
Apache-2.0

33
package/secubox/luci-app-simplex/README.md Normal file
View File

@ -0,0 +1,33 @@
# LuCI SimpleX Chat Server
LuCI web interface for managing a self-hosted SimpleX Chat relay -- privacy-first messaging with SMP and XFTP servers.
## Installation
```bash
opkg install luci-app-simplex
```
## Access
LuCI > Services > SimpleX Chat
## Features
- SMP (SimpleX Messaging Protocol) server management
- XFTP file transfer server management
- Server address and fingerprint display
- Service start/stop/restart controls
- Connection status monitoring
## RPCD Methods
Service: `luci.simplex`
## Dependencies
- `secubox-app-simplex`
## License
Apache-2.0

37
package/secubox/luci-app-streamlit/README.md Normal file
View File

@ -0,0 +1,37 @@
# LuCI Streamlit Dashboard
LuCI web interface for managing Streamlit application instances with Gitea integration.
## Installation
```bash
opkg install luci-app-streamlit
```
## Access
LuCI > Services > Streamlit
## Tabs
- **Dashboard** -- Running instances, status, and resource usage
- **Settings** -- Instance configuration and Gitea repository integration
## Features
- Multi-instance Streamlit management
- Deploy apps from Gitea repositories
- Per-instance start/stop controls
## RPCD Methods
Service: `luci.streamlit`
## Dependencies
- `luci-base`
- `secubox-app-streamlit`
## License
Apache-2.0

32
package/secubox/luci-secubox-dnsguard/README.md Normal file
View File

@ -0,0 +1,32 @@
# SecuBox DNS Guard
Alternate LuCI package for privacy-focused DNS management -- same functionality as `luci-app-dnsguard`, integrated under the SecuBox security menu.
## Installation
```bash
opkg install luci-secubox-dnsguard
```
## Access
LuCI > SecuBox > Security > DNS Guard
## Features
- DNS filtering and ad blocking configuration
- Upstream DNS provider selection
- Query logging and statistics dashboard
- Blocklist management
## RPCD Methods
Service: `luci.dnsguard`
## Dependencies
- `luci-base`
## License
Apache-2.0

48
package/secubox/secubox-app-adguardhome/README.md Normal file
View File

@ -0,0 +1,48 @@
# SecuBox AdGuard Home
Network-wide ad blocker running in Docker on SecuBox-powered OpenWrt systems, with DNS-over-HTTPS/TLS support and detailed analytics.
## Installation
```sh
opkg install secubox-app-adguardhome
```
## Configuration
UCI config file: `/etc/config/adguardhome`
```
config adguardhome 'main'
option enabled '0'
option port '3000'
```
## Usage
```sh
# Start / stop the service
/etc/init.d/adguardhome start
/etc/init.d/adguardhome stop
# Controller CLI
adguardhomectl status
adguardhomectl install
adguardhomectl remove
```
## Files
- `/etc/config/adguardhome` -- UCI configuration
- `/etc/init.d/adguardhome` -- init script
- `/usr/sbin/adguardhomectl` -- controller CLI
## Dependencies
- `dockerd`
- `docker`
- `containerd`
## License
Apache-2.0

40
package/secubox/secubox-app-auth-logger/README.md Normal file
View File

@ -0,0 +1,40 @@
# SecuBox Authentication Failure Logger for CrowdSec
Logs authentication failures from LuCI/rpcd and Dropbear SSH for CrowdSec detection.
## Installation
```sh
opkg install secubox-app-auth-logger
```
## Usage
```sh
# Enable and start the service
/etc/init.d/secubox-app-auth-logger enable
/etc/init.d/secubox-app-auth-logger start
```
The auth monitor runs as a background daemon watching for login failures.
## What It Ships
- SSH failure monitoring (OpenSSH/Dropbear)
- LuCI web interface auth failure logging via CGI hook
- CrowdSec parser and bruteforce scenario
- CrowdSec acquisition configuration
## Files
- `/etc/init.d/secubox-app-auth-logger` -- init script
- `/usr/lib/secubox/auth-monitor.sh` -- auth failure monitor daemon
## Dependencies
- `rpcd`
- `uhttpd`
## License
Apache-2.0

37
package/secubox/secubox-app-crowdsec-custom/README.md Normal file
View File

@ -0,0 +1,37 @@
# CrowdSec Custom Scenarios for SecuBox
Custom CrowdSec configurations for SecuBox web interface and service protection.
## Installation
```sh
opkg install secubox-app-crowdsec-custom
```
## Included Scenarios
- HTTP authentication bruteforce detection
- Path scanning / enumeration detection
- LuCI / uhttpd auth failure monitoring
- Nginx reverse proxy monitoring
- HAProxy backend protection and auth monitoring
- Gitea web, SSH, and API bruteforce detection
- Streamlit app flooding and auth protection
- Webapp generic auth bruteforce protection
- Whitelist enrichment for trusted networks
## What It Ships
- Parsers under `/etc/crowdsec/parsers/`
- Scenarios under `/etc/crowdsec/scenarios/`
- Acquisition configs under `/etc/crowdsec/acquis.d/`
- Whitelist enrichment profiles
## Dependencies
- `crowdsec`
- `crowdsec-firewall-bouncer`
## License
Apache-2.0

49
package/secubox/secubox-app-cs-firewall-bouncer/README.md Normal file
View File

@ -0,0 +1,49 @@
# SecuBox CrowdSec Firewall Bouncer
CrowdSec firewall bouncer with native nftables integration for IPv4 and IPv6 on OpenWrt. Go binary, version 0.0.31.
## Installation
```sh
opkg install secubox-app-cs-firewall-bouncer
```
## Configuration
UCI config file: `/etc/config/crowdsec`
The bouncer registers with the local CrowdSec LAPI and manages nftables sets to block malicious IPs.
## Usage
```sh
# Start / stop the service
/etc/init.d/crowdsec-firewall-bouncer start
/etc/init.d/crowdsec-firewall-bouncer stop
# Check bouncer status
cs-firewall-bouncer -version
```
## Files
- `/etc/config/crowdsec` -- UCI configuration
- `/etc/init.d/crowdsec-firewall-bouncer` -- init script
- `/usr/sbin/cs-firewall-bouncer` -- Go binary
## Build Notes
This is a Go package with CGO. It must be built with the full OpenWrt toolchain, not the SDK:
```sh
cd secubox-tools/openwrt
make package/secubox-app-cs-firewall-bouncer/compile V=s
```
## Dependencies
- `nftables`
## License
MIT

53
package/secubox/secubox-app-cyberfeed/README.md Normal file
View File

@ -0,0 +1,53 @@
# CyberFeed - RSS Feed Aggregator
RSS feed aggregator for OpenWrt/SecuBox with RSS-Bridge support for social media feeds.
## Installation
```sh
opkg install secubox-app-cyberfeed
```
## Configuration
UCI config file: `/etc/config/cyberfeed`
Feed list: `/etc/cyberfeed/feeds.conf`
```
config cyberfeed 'main'
option enabled '1'
option refresh_interval '3600'
```
## Usage
```sh
# Fetch and update feeds
cyberfeed update
# List cached feeds
cyberfeed list
# Set up RSS-Bridge for social media feeds
rss-bridge-setup
```
Feed refresh runs automatically via cron when enabled.
## Files
- `/etc/config/cyberfeed` -- UCI configuration
- `/etc/cyberfeed/feeds.conf` -- feed URL list
- `/usr/bin/cyberfeed` -- main CLI
- `/usr/bin/rss-bridge-setup` -- RSS-Bridge installer
## Dependencies
- `wget-ssl`
- `jsonfilter`
- `coreutils-stat`
## License
MIT

48
package/secubox/secubox-app-domoticz/README.md Normal file
View File

@ -0,0 +1,48 @@
# SecuBox Domoticz
Home automation platform running in Docker on SecuBox-powered OpenWrt systems.
## Installation
```sh
opkg install secubox-app-domoticz
```
## Configuration
UCI config file: `/etc/config/domoticz`
```
config domoticz 'main'
option enabled '0'
option port '8080'
```
## Usage
```sh
# Start / stop the service
/etc/init.d/domoticz start
/etc/init.d/domoticz stop
# Controller CLI
domoticzctl status
domoticzctl install
domoticzctl remove
```
## Files
- `/etc/config/domoticz` -- UCI configuration
- `/etc/init.d/domoticz` -- init script
- `/usr/sbin/domoticzctl` -- controller CLI
## Dependencies
- `dockerd`
- `docker`
- `containerd`
## License
Apache-2.0

46
package/secubox/secubox-app-exposure/README.md Normal file
View File

@ -0,0 +1,46 @@
# SecuBox Service Exposure Manager
Unified backend for managing service exposure: port conflict detection, Tor hidden services, and HAProxy SSL reverse proxy configuration.
## Installation
```sh
opkg install secubox-app-exposure
```
## Configuration
UCI config file: `/etc/config/secubox-exposure`
```
config exposure 'main'
option enabled '1'
```
## Usage
```sh
# Check for port conflicts
secubox-exposure check-ports
# Manage Tor hidden services
secubox-exposure tor-add <service>
secubox-exposure tor-remove <service>
# Manage HAProxy reverse proxy entries
secubox-exposure haproxy-add <service>
secubox-exposure haproxy-remove <service>
```
## Files
- `/etc/config/secubox-exposure` -- UCI configuration
- `/usr/sbin/secubox-exposure` -- main CLI
## Dependencies
- `secubox-core`
## License
MIT

61
package/secubox/secubox-app-gitea/README.md Normal file
View File

@ -0,0 +1,61 @@
# SecuBox Gitea Platform
Self-hosted lightweight Git service running in an LXC container on SecuBox-powered OpenWrt systems.
## Installation
```sh
opkg install secubox-app-gitea
```
## Configuration
UCI config file: `/etc/config/gitea`
```
config gitea 'main'
option enabled '0'
option http_port '3000'
option ssh_port '2222'
```
## Usage
```sh
# Start / stop the service
/etc/init.d/gitea start
/etc/init.d/gitea stop
# Controller CLI
giteactl status
giteactl install
giteactl remove
giteactl backup
giteactl restore
```
## Features
- Git HTTP and SSH access
- Repository and user management via web UI
- SQLite database (embedded)
- Backup and restore support
- Runs in Alpine Linux LXC container
## Files
- `/etc/config/gitea` -- UCI configuration
- `/usr/sbin/giteactl` -- controller CLI
## Dependencies
- `jsonfilter`
- `wget-ssl`
- `tar`
- `lxc`
- `lxc-common`
- `git`
## License
MIT

55
package/secubox/secubox-app-glances/README.md Normal file
View File

@ -0,0 +1,55 @@
# SecuBox Glances System Monitor
Cross-platform system monitoring tool running in an LXC container, with web UI and RESTful API.
## Installation
```sh
opkg install secubox-app-glances
```
## Configuration
UCI config file: `/etc/config/glances`
```
config glances 'main'
option enabled '0'
option port '61208'
```
## Usage
```sh
# Start / stop the service
/etc/init.d/glances start
/etc/init.d/glances stop
# Controller CLI
glancesctl status
glancesctl install
glancesctl remove
```
## Features
- Real-time CPU, memory, disk, and network monitoring
- Process list with resource usage
- Docker/Podman container monitoring
- Web-based UI accessible from any device
- RESTful JSON API for integrations
- Alert system for threshold monitoring
## Files
- `/etc/config/glances` -- UCI configuration
- `/usr/sbin/glancesctl` -- controller CLI
## Dependencies
- `wget`
- `tar`
## License
LGPL-3.0

62
package/secubox/secubox-app-localai/README.md Normal file
View File

@ -0,0 +1,62 @@
# SecuBox LocalAI
Native LLM server with OpenAI-compatible REST API. Supports GGUF models on ARM64 and x86_64.
## Installation
```sh
opkg install secubox-app-localai
```
## Configuration
UCI config file: `/etc/config/localai`
```
config localai 'main'
option enabled '0'
option port '8080'
option models_path '/srv/localai/models'
```
## Usage
```sh
# Install the binary (downloaded on first run)
localaictl install
# Start / stop the service
localaictl start
localaictl stop
# Check status
localaictl status
# Download a model
localaictl model-pull <model-name>
```
The binary is downloaded from GitHub releases on first `localaictl install`.
## Features
- OpenAI-compatible REST API
- GGUF model support (LLaMA, Mistral, Phi, TinyLlama, etc.)
- ARM64 and x86_64 architectures
## Files
- `/etc/config/localai` -- UCI configuration
- `/usr/sbin/localaictl` -- controller CLI
- `/srv/localai/models/` -- model storage directory
## Dependencies
- `libstdcpp`
- `libpthread`
- `wget-ssl`
- `ca-certificates`
## License
MIT

48
package/secubox/secubox-app-lyrion/README.md Normal file
View File

@ -0,0 +1,48 @@
# SecuBox Lyrion Music Server
Lyrion Music Server (formerly Logitech Media Server / Squeezebox Server) for SecuBox-powered OpenWrt systems.
## Installation
```sh
opkg install secubox-app-lyrion
```
## Configuration
UCI config file: `/etc/config/lyrion`
```
config lyrion 'main'
option enabled '0'
option port '9000'
```
Supports Docker and LXC runtimes. The controller auto-detects the available runtime, preferring LXC for lower resource usage.
## Usage
```sh
# Start / stop the service
/etc/init.d/lyrion start
/etc/init.d/lyrion stop
# Controller CLI
lyrionctl status
lyrionctl install
lyrionctl remove
```
## Files
- `/etc/config/lyrion` -- UCI configuration
- `/usr/sbin/lyrionctl` -- controller CLI
## Dependencies
- `wget`
- `tar`
## License
Apache-2.0

56
package/secubox/secubox-app-magicmirror2/README.md Normal file
View File

@ -0,0 +1,56 @@
# SecuBox MagicMirror2
Open-source modular smart display platform running in an LXC container on SecuBox-powered OpenWrt systems.
## Installation
```sh
opkg install secubox-app-magicmirror2
```
## Configuration
UCI config file: `/etc/config/magicmirror2`
```
config magicmirror2 'main'
option enabled '0'
option port '8080'
```
## Usage
```sh
# Start / stop the service
/etc/init.d/magicmirror2 start
/etc/init.d/magicmirror2 stop
# Controller CLI
mm2ctl status
mm2ctl install
mm2ctl remove
```
## Features
- Modular architecture with hundreds of available modules
- Built-in module manager for easy installation
- Weather, calendar, news, and custom widgets
- Web-based configuration interface
- Kiosk mode for dedicated displays
## Files
- `/etc/config/magicmirror2` -- UCI configuration
- `/usr/sbin/mm2ctl` -- controller CLI
## Dependencies
- `wget`
- `tar`
- `jq`
- `zstd`
## License
Apache-2.0

52
package/secubox/secubox-app-mailinabox/README.md Normal file
View File

@ -0,0 +1,52 @@
# SecuBox Mail Server (docker-mailserver)
Full-featured mail server with SMTP, IMAP, POP3, spam filtering, antivirus, and automatic Let's Encrypt certificates. Runs docker-mailserver in a managed Docker container on OpenWrt.
## Installation
```bash
opkg install secubox-app-mailinabox
```
## Configuration
UCI config file: `/etc/config/mailinabox`
```bash
uci set mailinabox.main.enabled='1'
uci set mailinabox.main.hostname='mail.example.com'
uci set mailinabox.main.domain='example.com'
uci set mailinabox.main.ssl='letsencrypt'
uci commit mailinabox
```
## Usage
```bash
mailinaboxctl start # Start mail server
mailinaboxctl stop # Stop mail server
mailinaboxctl status # Show service status
mailinaboxctl user add <email> # Add mail user
mailinaboxctl user list # List mail users
mailinaboxctl user del <email> # Remove mail user
mailinaboxctl logs # View mail logs
```
## Features
- SMTP (25/587), IMAP (993), POP3 (995)
- SpamAssassin spam filtering
- ClamAV antivirus scanning
- DKIM/SPF/DMARC support
- Automatic Let's Encrypt TLS certificates
- User and alias management via CLI
## Dependencies
- `dockerd`
- `docker`
- `containerd`
## License
Apache-2.0

46
package/secubox/secubox-app-metablogizer/README.md Normal file
View File

@ -0,0 +1,46 @@
# MetaBlogizer - Static Site Publisher
Static site publisher with automatic virtual host creation. Supports uhttpd (native) and nginx (LXC) backends.
## Installation
```bash
opkg install secubox-app-metablogizer
```
## Configuration
UCI config file: `/etc/config/metablogizer`
```bash
uci set metablogizer.main.enabled='1'
uci set metablogizer.main.backend='uhttpd'
uci set metablogizer.main.web_root='/srv/www'
uci commit metablogizer
```
## Usage
```bash
metablogizerctl create <site> # Create a new site
metablogizerctl deploy <site> # Deploy/publish site
metablogizerctl list # List managed sites
metablogizerctl remove <site> # Remove a site
metablogizerctl vhost add <domain> # Add virtual host
metablogizerctl status # Show status
```
## Features
- Auto-vhost creation for new sites
- uhttpd (native OpenWrt) and nginx (LXC) backends
- Git-based content deployment
## Dependencies
- `git`
- `uhttpd`
## License
Apache-2.0

41
package/secubox/secubox-app-mmpm/README.md Normal file
View File

@ -0,0 +1,41 @@
# MMPM - MagicMirror Package Manager
Web-based GUI for managing MagicMirror modules. Provides a package manager interface for discovering, installing, and configuring MagicMirror2 modules.
## Installation
```bash
opkg install secubox-app-mmpm
```
Requires MagicMirror2 to be installed first.
## Configuration
UCI config file: `/etc/config/mmpm`
```bash
uci set mmpm.main.enabled='1'
uci set mmpm.main.port='7890'
uci commit mmpm
```
## Usage
```bash
mmpmctl start # Start MMPM service
mmpmctl stop # Stop MMPM service
mmpmctl status # Show service status
mmpmctl list # List installed modules
mmpmctl search <name> # Search available modules
mmpmctl install <mod> # Install a module
mmpmctl remove <mod> # Remove a module
```
## Dependencies
- `secubox-app-magicmirror2`
## License
Apache-2.0

55
package/secubox/secubox-app-ndpid/README.md Normal file
View File

@ -0,0 +1,55 @@
# nDPId - Deep Packet Inspection Daemon
Layer-7 deep packet inspection daemon based on nDPI. Identifies application protocols and classifies network traffic using a microservice architecture with bundled libndpi 5.x.
## Installation
```bash
opkg install secubox-app-ndpid
```
## Configuration
UCI config file: `/etc/config/ndpid`
Native config: `/etc/ndpid.conf`
```bash
uci set ndpid.main.enabled='1'
uci set ndpid.main.interface='br-lan'
uci commit ndpid
```
## Binaries
| Binary | Description |
|--------|-------------|
| `/usr/sbin/ndpid` | DPI capture daemon |
| `/usr/sbin/ndpisrvd` | JSON distributor service |
## Architecture
```
Network traffic --> ndpid (capture + classify) --> ndpisrvd (JSON distributor) --> consumers
```
ndpid captures packets, classifies protocols via libndpi, and sends detection events to ndpisrvd. Consumers connect to ndpisrvd for real-time flow data.
## Service Management
```bash
/etc/init.d/ndpid start
/etc/init.d/ndpid stop
/etc/init.d/ndpid status
```
## Dependencies
- `libpcap`
- `libjson-c`
- `libpthread`
- `zlib`
- `libstdcpp`
## License
GPL-3.0

50
package/secubox/secubox-app-nextcloud/README.md Normal file
View File

@ -0,0 +1,50 @@
# SecuBox Nextcloud
Self-hosted file sync and share platform running in Docker on OpenWrt. Provides calendar, contacts, collaborative editing, and file management.
## Installation
```bash
opkg install secubox-app-nextcloud
```
## Configuration
UCI config file: `/etc/config/nextcloud`
```bash
uci set nextcloud.main.enabled='1'
uci set nextcloud.main.domain='cloud.example.com'
uci set nextcloud.main.port='8080'
uci set nextcloud.main.admin_user='admin'
uci set nextcloud.main.data_dir='/srv/nextcloud/data'
uci commit nextcloud
```
## Usage
```bash
nextcloudctl start # Start Nextcloud container
nextcloudctl stop # Stop Nextcloud container
nextcloudctl status # Show service status
nextcloudctl update # Pull latest container image
nextcloudctl occ <cmd> # Run Nextcloud occ command
nextcloudctl logs # View container logs
```
## Features
- File sync and share with web, desktop, and mobile clients
- Calendar and contacts (CalDAV/CardDAV)
- Collaborative document editing
- Docker-based deployment with persistent storage
## Dependencies
- `dockerd`
- `docker`
- `containerd`
## License
Apache-2.0

56
package/secubox/secubox-app-nodogsplash/README.md Normal file
View File

@ -0,0 +1,56 @@
# NodogSplash - Captive Portal
Lightweight captive portal solution for OpenWrt. Provides a customizable splash page with click-through or credential-based authentication for guest network access control.
## Installation
```bash
opkg install secubox-app-nodogsplash
```
## Configuration
Main config: `/etc/nodogsplash/nodogsplash.conf`
Key options:
```
GatewayInterface br-lan
GatewayAddress 192.168.1.1
MaxClients 250
SessionTimeout 1440
```
## Binaries
| Binary | Description |
|--------|-------------|
| `/usr/bin/nodogsplash` | Captive portal daemon |
| `/usr/bin/ndsctl` | Runtime control tool |
## Usage
```bash
# Service management
/etc/init.d/nodogsplash start
/etc/init.d/nodogsplash stop
# Runtime control
ndsctl status # Show portal status
ndsctl clients # List connected clients
ndsctl auth <mac> # Authorize a client
ndsctl deauth <mac> # Deauthorize a client
```
## Customization
Splash page templates are in `/etc/nodogsplash/htdocs/`. Edit `splash.html` to customize the portal appearance.
## Dependencies
- `libmicrohttpd`
- `libjson-c`
- `iptables-nft`
## License
GPL-2.0

57
package/secubox/secubox-app-ollama/README.md Normal file
View File

@ -0,0 +1,57 @@
# SecuBox Ollama - Local LLM Runtime
Run large language models locally on your OpenWrt device. Provides an OpenAI-compatible REST API with native ARM64 support. Supports LLaMA, Mistral, Phi, Gemma, and other open models.
## Installation
```bash
opkg install secubox-app-ollama
```
## Configuration
UCI config file: `/etc/config/ollama`
```bash
uci set ollama.main.enabled='1'
uci set ollama.main.bind='0.0.0.0'
uci set ollama.main.port='11434'
uci set ollama.main.model_dir='/srv/ollama/models'
uci commit ollama
```
## Usage
```bash
ollamactl start # Start Ollama service
ollamactl stop # Stop Ollama service
ollamactl status # Show service status
ollamactl pull <model> # Download a model
ollamactl list # List installed models
ollamactl remove <model> # Remove a model
ollamactl run <model> # Run interactive chat
```
## API
OpenAI-compatible endpoint at `http://<host>:11434`:
```bash
curl http://localhost:11434/api/generate -d '{
"model": "llama3.2",
"prompt": "Hello"
}'
```
## Supported Models
LLaMA 3.x, Mistral, Phi-3, Gemma 2, CodeLlama, and any GGUF-compatible model.
## Dependencies
- `jsonfilter`
- `wget-ssl`
## License
Apache-2.0

50
package/secubox/secubox-app-picobrew/README.md Normal file
View File

@ -0,0 +1,50 @@
# SecuBox PicoBrew Server
Self-hosted PicoBrew brewing controller running in an LXC container. Provides recipe management, real-time brew session monitoring, and device connectivity for PicoBrew hardware.
## Installation
```bash
opkg install secubox-app-picobrew
```
## Configuration
UCI config file: `/etc/config/picobrew`
```bash
uci set picobrew.main.enabled='1'
uci set picobrew.main.port='8080'
uci commit picobrew
```
## Usage
```bash
picobrewctl start # Start PicoBrew server
picobrewctl stop # Stop PicoBrew server
picobrewctl status # Show service status
picobrewctl logs # View server logs
picobrewctl update # Update server from git
```
## Features
- Recipe management and creation
- Real-time brew session monitoring
- PicoBrew device pairing and control
- Brew history and logging
- Runs isolated in LXC container
## Dependencies
- `jsonfilter`
- `wget-ssl`
- `tar`
- `lxc`
- `lxc-common`
- `git`
## License
Apache-2.0

56
package/secubox/secubox-app-simplex/README.md Normal file
View File

@ -0,0 +1,56 @@
# SecuBox SimpleX Chat Server
Privacy-first messaging relay server running in an Alpine LXC container. Provides SMP (SimpleX Messaging Protocol) and XFTP (file transfer) services with end-to-end encryption and post-quantum cryptography support.
## Installation
```bash
opkg install secubox-app-simplex
```
## Configuration
UCI config file: `/etc/config/simplex`
```bash
uci set simplex.main.enabled='1'
uci set simplex.main.smp_port='5223'
uci set simplex.main.xftp_port='443'
uci set simplex.main.domain='chat.example.com'
uci commit simplex
```
## Usage
```bash
simplexctl start # Start SimpleX server (LXC)
simplexctl stop # Stop SimpleX server
simplexctl status # Show service status
simplexctl logs # View server logs
simplexctl address # Show server address for clients
simplexctl update # Update SimpleX binaries
```
## HAProxy Integration
Drop-in HAProxy config is provided at `/usr/lib/secubox/haproxy.d/simplex.cfg` for TLS termination and routing through the SecuBox HAProxy instance.
## Features
- SMP relay for SimpleX Chat messaging
- XFTP relay for encrypted file transfers
- End-to-end encryption with post-quantum algorithms
- No user identifiers or metadata collection
- Alpine LXC container isolation
## Dependencies
- `lxc`
- `lxc-common`
- `wget`
- `openssl-util`
- `tar`
## License
Apache-2.0

53
package/secubox/secubox-app-tor/README.md Normal file
View File

@ -0,0 +1,53 @@
# SecuBox Tor Shield
Tor integration for OpenWrt providing transparent proxy, SOCKS proxy, DNS over Tor, kill switch, hidden services, and bridge support.
## Installation
```bash
opkg install secubox-app-tor
```
## Configuration
UCI config file: `/etc/config/tor-shield`
```bash
uci set tor-shield.main.enabled='1'
uci set tor-shield.main.mode='transparent'
uci set tor-shield.main.dns_over_tor='1'
uci set tor-shield.main.kill_switch='0'
uci commit tor-shield
```
## Usage
```bash
torctl start # Start Tor service
torctl stop # Stop Tor service
torctl status # Show Tor status and circuits
torctl newnym # Request new Tor identity
torctl bridges # Manage bridge relays
torctl hidden add # Create a hidden service
torctl hidden list # List hidden services
torctl killswitch on # Enable kill switch (block non-Tor traffic)
torctl killswitch off # Disable kill switch
```
## Modes
- **Transparent proxy** -- All LAN traffic routed through Tor via iptables
- **SOCKS proxy** -- SOCKS5 endpoint for per-app Tor usage
- **DNS over Tor** -- DNS queries resolved through Tor network
- **Kill switch** -- Blocks all non-Tor traffic if Tor goes down
## Dependencies
- `iptables`
- `curl`
- `jsonfilter`
- `socat`
## License
Apache-2.0

49
package/secubox/secubox-app-webapp/README.md Normal file
View File

@ -0,0 +1,49 @@
# SecuBox Dashboard Web Application
Native web dashboard for SecuBox appliances. Provides real-time monitoring, service management, and CrowdSec security integration using rpcd/ubus authentication.
## Installation
```bash
opkg install secubox-app-webapp
```
## Configuration
UCI config file: `/etc/config/secubox-webapp`
```bash
uci set secubox-webapp.main.enabled='1'
uci set secubox-webapp.main.port='80'
uci commit secubox-webapp
```
## Setup
Run initial setup after installation:
```bash
/usr/sbin/secubox-webapp-setup
```
## Web Interface
Access the dashboard at `http://<router-ip>/secubox/index.html`. Authentication is handled through the native rpcd/ubus session system (same credentials as LuCI).
## Features
- Real-time system monitoring (CPU, memory, network)
- Service status and management
- CrowdSec threat dashboard integration
- Native rpcd/ubus authentication (no separate user database)
## Dependencies
- `uhttpd`
- `uhttpd-mod-ubus`
- `rpcd`
- `rpcd-mod-file`
## License
Apache-2.0

50
package/secubox/secubox-app-zigbee2mqtt/README.md Normal file
View File

@ -0,0 +1,50 @@
# SecuBox Zigbee2MQTT - Zigbee to MQTT Bridge
Docker-based Zigbee2MQTT bridge for OpenWrt. Connects Zigbee devices to your MQTT broker via a USB Zigbee adapter, enabling smart home integration without vendor cloud dependencies.
## Installation
```bash
opkg install secubox-app-zigbee2mqtt
```
## Configuration
UCI config file: `/etc/config/zigbee2mqtt`
```bash
uci set zigbee2mqtt.main.enabled='1'
uci set zigbee2mqtt.main.port='8099'
uci set zigbee2mqtt.main.serial_port='/dev/ttyACM0'
uci set zigbee2mqtt.main.mqtt_server='mqtt://localhost:1883'
uci commit zigbee2mqtt
```
## Usage
```bash
zigbee2mqttctl start # Start Zigbee2MQTT container
zigbee2mqttctl stop # Stop Zigbee2MQTT container
zigbee2mqttctl status # Show service status
zigbee2mqttctl logs # View container logs
zigbee2mqttctl permit # Open network for device pairing
```
## Features
- Web frontend for device management and pairing
- USB Zigbee adapter support (CC2531, CC2652, SONOFF, etc.)
- MQTT topic-based device control
- OTA firmware updates for Zigbee devices
- Docker container isolation
## Dependencies
- `kmod-usb-acm`
- `dockerd`
- `docker`
- `containerd`
## License
Apache-2.0

37
package/secubox/secubox-app/README.md Normal file
View File

@ -0,0 +1,37 @@
# SecuBox App Store CLI
Command-line helper for managing SecuBox App Store manifests.
## Installation
```sh
opkg install secubox-app
```
## Usage
```sh
# List available apps
secubox-app list
# Show app manifest details
secubox-app info <app-name>
# Install an app
secubox-app install <app-name>
```
Default plugin manifests are shipped under `/usr/share/secubox/plugins/`.
## Files
- `/usr/sbin/secubox-app` -- main CLI
- `/usr/share/secubox/plugins/` -- app manifests
## Dependencies
- `jsonfilter`
## License
Apache-2.0

25
package/secubox/secubox-base/README.md Normal file
View File

@ -0,0 +1,25 @@
# SecuBox Base Utilities
Shared utility scripts used by other SecuBox packages. This is not a buildable OpenWrt package -- it provides common shell functions and helper scripts that are sourced or called by other SecuBox components.
## Key Files
| Path | Description |
|------|-------------|
| `/usr/sbin/secubox-network-health` | Network health monitoring script |
## Usage
The network health monitor can be run directly:
```bash
/usr/sbin/secubox-network-health
```
## Note
This package may be absorbed into `secubox-core` in a future release. New shared utilities should be added to `secubox-core` instead.
## License
Apache-2.0