diff --git a/package/secubox/luci-app-cyberfeed/README.md b/package/secubox/luci-app-cyberfeed/README.md new file mode 100644 index 00000000..da08053a --- /dev/null +++ b/package/secubox/luci-app-cyberfeed/README.md @@ -0,0 +1,46 @@ +# LuCI CyberFeed Dashboard + +RSS feed aggregator with social media support via RSS-Bridge integration. + +## Installation + +```bash +opkg install luci-app-cyberfeed +``` + +## Access + +LuCI menu: **Services -> CyberFeed** + +## Tabs + +- **Dashboard** -- Feed status, item count, last sync time +- **Feeds** -- Add, remove, and manage RSS/Atom feed sources +- **Preview** -- Browse fetched feed items +- **Settings** -- Refresh interval, cache TTL, RSS-Bridge config + +## RPCD Methods + +Backend: `luci.cyberfeed` + +| Method | Description | +|--------|-------------| +| `get_status` | Service status and feed statistics | +| `get_feeds` | List configured feeds | +| `get_items` | Get fetched feed items | +| `add_feed` | Add a new feed source | +| `delete_feed` | Remove a feed | +| `sync_feeds` | Trigger feed synchronization | +| `get_config` | Get current settings | +| `save_config` | Save settings | +| `rssbridge_status` | RSS-Bridge service status | +| `rssbridge_install` | Install RSS-Bridge | +| `rssbridge_control` | Start/stop RSS-Bridge | + +## Dependencies + +- `secubox-app-cyberfeed` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-dnsguard/README.md b/package/secubox/luci-app-dnsguard/README.md new file mode 100644 index 00000000..84575adc --- /dev/null +++ b/package/secubox/luci-app-dnsguard/README.md @@ -0,0 +1,43 @@ +# SecuBox DNS Guard + +Privacy DNS manager with curated provider feed and DoH/DoT support. + +## Installation + +```bash +opkg install luci-app-dnsguard +``` + +## Access + +LuCI menu: **SecuBox -> Security -> DNS Guard** + +## Features + +- Curated list of privacy-focused DNS providers (FDN, Quad9, Mullvad, Cloudflare, AdGuard, etc.) +- One-click provider switching with automatic dnsmasq configuration +- DNS-over-HTTPS (DoH) and DNS-over-TLS (DoT) support +- Smart config recommendations based on category (privacy, security, adblock, family) +- Built-in DNS resolution tester + +## RPCD Methods + +Backend: `luci.dnsguard` + +| Method | Description | +|--------|-------------| +| `status` | Current DNS mode, active provider, and primary/secondary servers | +| `get_providers` | List all available DNS providers | +| `get_config` | Get dnsmasq and AdGuard Home configuration | +| `set_provider` | Switch to a specific DNS provider | +| `smart_config` | Get smart configuration recommendations | +| `test_dns` | Test DNS resolution against a server | +| `apply` | Apply pending DNS changes | + +## Dependencies + +- `luci-base` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-exposure/README.md b/package/secubox/luci-app-exposure/README.md new file mode 100644 index 00000000..1aba33e1 --- /dev/null +++ b/package/secubox/luci-app-exposure/README.md @@ -0,0 +1,47 @@ +# LuCI SecuBox Service Exposure Manager + +Unified interface for exposing local services via Tor hidden services and HAProxy SSL reverse proxy, with port conflict detection. + +## Installation + +```bash +opkg install luci-app-exposure +``` + +## Access + +LuCI menu: **SecuBox -> Network -> Service Exposure** + +## Tabs + +- **Overview** -- Scan listening services, detect port conflicts +- **Services** -- Manage exposed service ports +- **Tor Hidden** -- Create and manage .onion hidden services +- **SSL Proxy** -- Configure HAProxy SSL reverse proxy entries + +## RPCD Methods + +Backend: `luci.exposure` + +| Method | Description | +|--------|-------------| +| `scan` | Scan all listening services and ports | +| `conflicts` | Detect port conflicts between services | +| `status` | Get exposure manager status | +| `tor_list` | List Tor hidden services | +| `ssl_list` | List SSL reverse proxy entries | +| `get_config` | Get exposure configuration | +| `fix_port` | Reassign a conflicting service port | +| `tor_add` | Add a Tor hidden service | +| `tor_remove` | Remove a Tor hidden service | +| `ssl_add` | Add an SSL reverse proxy entry | +| `ssl_remove` | Remove an SSL reverse proxy entry | + +## Dependencies + +- `luci-base` +- `secubox-app-exposure` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-gitea/README.md b/package/secubox/luci-app-gitea/README.md new file mode 100644 index 00000000..b9d3c254 --- /dev/null +++ b/package/secubox/luci-app-gitea/README.md @@ -0,0 +1,58 @@ +# LuCI Gitea Dashboard + +Git hosting service management dashboard for Gitea. + +## Installation + +```bash +opkg install luci-app-gitea +``` + +## Access + +LuCI menu: **Services -> Gitea** + +## Tabs + +- **Overview** -- Service status, container health, storage usage +- **Repositories** -- Browse and create Git repositories +- **Users** -- Manage users and admin accounts +- **Settings** -- HTTP/SSH ports, domain, data path, memory limit, registration policy + +## RPCD Methods + +Backend: `luci.gitea` + +| Method | Description | +|--------|-------------| +| `get_status` | Service and container status | +| `get_stats` | Repository and user statistics | +| `get_config` | Get Gitea configuration | +| `save_config` | Save configuration | +| `start` | Start Gitea | +| `stop` | Stop Gitea | +| `restart` | Restart Gitea | +| `install` | Install Gitea container | +| `uninstall` | Remove Gitea container | +| `update` | Update Gitea to latest version | +| `get_logs` | Fetch service logs | +| `list_repos` | List all repositories | +| `get_repo` | Get repository details | +| `list_users` | List all users | +| `create_admin` | Create an admin account | +| `create_user` | Create a user account | +| `generate_token` | Generate API access token | +| `create_repo` | Create a new repository | +| `create_backup` | Create a data backup | +| `list_backups` | List available backups | +| `restore_backup` | Restore from backup | +| `get_install_progress` | Check installation progress | + +## Dependencies + +- `luci-base` +- `secubox-app-gitea` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-glances/README.md b/package/secubox/luci-app-glances/README.md new file mode 100644 index 00000000..5198169b --- /dev/null +++ b/package/secubox/luci-app-glances/README.md @@ -0,0 +1,44 @@ +# LuCI Glances Dashboard + +System monitoring dashboard powered by Glances with embedded Web UI. + +## Installation + +```bash +opkg install luci-app-glances +``` + +## Access + +LuCI menu: **SecuBox -> Monitoring -> Glances** + +## Tabs + +- **Dashboard** -- CPU, memory, disk, and network metrics at a glance +- **Web UI** -- Embedded Glances web interface with SecuBox theme +- **Settings** -- Monitoring intervals, alert thresholds, service control + +## RPCD Methods + +Backend: `luci.glances` + +| Method | Description | +|--------|-------------| +| `get_status` | Service status and basic metrics | +| `get_config` | Get Glances configuration | +| `get_monitoring_config` | Get monitoring parameters | +| `get_alerts_config` | Get alert threshold settings | +| `get_web_url` | Get Glances Web UI URL | +| `service_start` | Start Glances | +| `service_stop` | Stop Glances | +| `service_restart` | Restart Glances | +| `set_config` | Update a configuration key | + +## Dependencies + +- `luci-base` +- `secubox-app-glances` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-jitsi/README.md b/package/secubox/luci-app-jitsi/README.md new file mode 100644 index 00000000..aec0fe13 --- /dev/null +++ b/package/secubox/luci-app-jitsi/README.md @@ -0,0 +1,45 @@ +# LuCI Jitsi Meet Configuration + +Video conferencing service management for self-hosted Jitsi Meet. + +## Installation + +```bash +opkg install luci-app-jitsi +``` + +## Access + +LuCI menu: **Services -> Jitsi Meet** + +## Features + +- Docker container orchestration (web, prosody, jicofo, jvb) +- Conference and participant statistics via JVB API +- User management for authenticated meetings +- Service logs viewer + +## RPCD Methods + +Backend: `luci.jitsi` + +| Method | Description | +|--------|-------------| +| `status` | Container states, conference/participant stats | +| `start` | Start Jitsi containers | +| `stop` | Stop Jitsi containers | +| `restart` | Restart all containers | +| `install` | Install Jitsi stack | +| `generate_config` | Generate Jitsi configuration files | +| `add_user` | Add an authenticated user | +| `remove_user` | Remove a user | +| `list_users` | List registered users | +| `logs` | Fetch service logs | + +## Dependencies + +- `secubox-app-jitsi` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-localai/README.md b/package/secubox/luci-app-localai/README.md new file mode 100644 index 00000000..84332542 --- /dev/null +++ b/package/secubox/luci-app-localai/README.md @@ -0,0 +1,48 @@ +# LuCI LocalAI Dashboard + +Local LLM inference server management with OpenAI-compatible API. + +## Installation + +```bash +opkg install luci-app-localai +``` + +## Access + +LuCI menu: **Services -> LocalAI** + +## Tabs + +- **Dashboard** -- Service health, loaded models, API endpoint status +- **Models** -- Install, remove, and manage LLM models +- **Chat** -- Interactive chat interface for testing models +- **Settings** -- API port, memory limits, runtime configuration + +## RPCD Methods + +Backend: `luci.localai` + +| Method | Description | +|--------|-------------| +| `status` | Service status and runtime info | +| `models` | List installed models | +| `config` | Get configuration | +| `health` | API health check | +| `metrics` | Inference metrics and stats | +| `start` | Start LocalAI | +| `stop` | Stop LocalAI | +| `restart` | Restart LocalAI | +| `model_install` | Install a model by name | +| `model_remove` | Remove an installed model | +| `chat` | Send chat completion request | +| `complete` | Send text completion request | + +## Dependencies + +- `luci-base` +- `secubox-app-localai` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-lyrion/README.md b/package/secubox/luci-app-lyrion/README.md new file mode 100644 index 00000000..fc48c9a0 --- /dev/null +++ b/package/secubox/luci-app-lyrion/README.md @@ -0,0 +1,42 @@ +# LuCI Lyrion Music Server + +Management dashboard for Lyrion Music Server (formerly Logitech Media Server / Squeezebox Server). + +## Installation + +```bash +opkg install luci-app-lyrion +``` + +## Access + +LuCI menu: **Services -> Lyrion** + +## Tabs + +- **Overview** -- Service status, web UI link, player count +- **Settings** -- Port, data/media paths, memory limit, timezone, runtime + +## RPCD Methods + +Backend: `luci.lyrion` + +| Method | Description | +|--------|-------------| +| `status` | Service and container status | +| `get_config` | Get current configuration | +| `save_config` | Save configuration | +| `install` | Install Lyrion container | +| `start` | Start Lyrion | +| `stop` | Stop Lyrion | +| `restart` | Restart Lyrion | +| `update` | Update to latest version | +| `logs` | Fetch service logs | + +## Dependencies + +- `luci-base` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-mailinabox/README.md b/package/secubox/luci-app-mailinabox/README.md new file mode 100644 index 00000000..604cfe33 --- /dev/null +++ b/package/secubox/luci-app-mailinabox/README.md @@ -0,0 +1,41 @@ +# LuCI Mail-in-a-Box + +Self-hosted mail server management dashboard (SMTP, IMAP, webmail). + +## Installation + +```bash +opkg install luci-app-mailinabox +``` + +## Access + +LuCI menu: **Services -> Mail Server** + +## Tabs + +- **Overview** -- Service status, container health, domain configuration +- **Settings** -- Hostname, domain, service control + +## RPCD Methods + +Backend: `luci.mailinabox` + +| Method | Description | +|--------|-------------| +| `status` | Service and container status | +| `get_config` | Get mail server configuration | +| `save_config` | Save hostname and domain settings | +| `install` | Install Mail-in-a-Box container | +| `start` | Start mail services | +| `stop` | Stop mail services | +| `restart` | Restart mail services | +| `logs` | Fetch service logs | + +## Dependencies + +- `luci-base` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-metabolizer/README.md b/package/secubox/luci-app-metabolizer/README.md new file mode 100644 index 00000000..29d0e661 --- /dev/null +++ b/package/secubox/luci-app-metabolizer/README.md @@ -0,0 +1,41 @@ +# LuCI Metabolizer CMS + +Content management system dashboard with Gitea integration and static site publishing. + +## Installation + +```bash +opkg install luci-app-metabolizer +``` + +## Access + +LuCI menu: **Services -> Metabolizer CMS** + +## Tabs + +- **Overview** -- Service status, post count, Gitea sync state +- **Settings** -- CMS configuration + +## RPCD Methods + +Backend: `luci.metabolizer` + +| Method | Description | +|--------|-------------| +| `status` | Service status and content statistics | +| `list_posts` | List published posts | +| `gitea_status` | Gitea repository sync status | +| `sync` | Sync content from source | +| `build` | Build static site | +| `publish` | Publish built site | +| `gitea_sync` | Sync with Gitea repository | + +## Dependencies + +- `luci-base` +- `secubox-app-metabolizer` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-mmpm/README.md b/package/secubox/luci-app-mmpm/README.md new file mode 100644 index 00000000..f00fb547 --- /dev/null +++ b/package/secubox/luci-app-mmpm/README.md @@ -0,0 +1,33 @@ +# LuCI MMPM Dashboard + +LuCI web interface for managing MagicMirror modules via MMPM (MagicMirror Package Manager). + +## Installation + +```bash +opkg install luci-app-mmpm +``` + +## Access + +LuCI > Services > MMPM + +## Tabs + +- **Dashboard** -- Service status and MagicMirror overview +- **Modules** -- Search, install, update, and remove MagicMirror modules +- **Web GUI** -- Embedded MMPM web interface +- **Settings** -- MMPM and MagicMirror configuration + +## RPCD Methods + +Service: `luci.mmpm` + +## Dependencies + +- `luci-base` +- `secubox-app-mmpm` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-ndpid/README.md b/package/secubox/luci-app-ndpid/README.md new file mode 100644 index 00000000..7d6823e2 --- /dev/null +++ b/package/secubox/luci-app-ndpid/README.md @@ -0,0 +1,40 @@ +# LuCI nDPId Dashboard + +LuCI web interface for nDPId deep packet inspection -- real-time traffic analysis and protocol detection. + +## Installation + +```bash +opkg install luci-app-ndpid +``` + +## Access + +LuCI > SecuBox > nDPId Intelligence + +## Tabs + +- **Dashboard** -- Live traffic statistics and protocol breakdown +- **Flows** -- Active network flows with detected application protocols +- **Settings** -- nDPId daemon configuration + +## Helper Scripts + +- `ndpid-compat` -- Compatibility layer for nDPId integration +- `ndpid-flow-actions` -- Flow event processing and actions +- `ndpid-collector` -- Traffic data collection and aggregation + +## RPCD Methods + +Service: `luci.ndpid` + +## Dependencies + +- `luci-base` +- `ndpid` +- `socat` +- `jq` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-nextcloud/README.md b/package/secubox/luci-app-nextcloud/README.md new file mode 100644 index 00000000..56ecb93a --- /dev/null +++ b/package/secubox/luci-app-nextcloud/README.md @@ -0,0 +1,30 @@ +# LuCI Nextcloud + +LuCI web interface for managing a self-hosted Nextcloud instance -- file sync, calendar, and contacts. + +## Installation + +```bash +opkg install luci-app-nextcloud +``` + +## Access + +LuCI > Services > Nextcloud + +## Tabs + +- **Overview** -- Nextcloud service status and instance information +- **Settings** -- Instance configuration and management + +## RPCD Methods + +Service: `luci.nextcloud` + +## Dependencies + +- `luci-base` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-ollama/README.md b/package/secubox/luci-app-ollama/README.md new file mode 100644 index 00000000..437b8f75 --- /dev/null +++ b/package/secubox/luci-app-ollama/README.md @@ -0,0 +1,33 @@ +# LuCI Ollama Dashboard + +LuCI web interface for managing Ollama -- local large language model runtime. + +## Installation + +```bash +opkg install luci-app-ollama +``` + +## Access + +LuCI > Services > Ollama + +## Tabs + +- **Dashboard** -- Service status and resource usage +- **Models** -- Pull, list, and remove LLM models +- **Chat** -- Interactive chat interface for loaded models +- **Settings** -- Ollama server configuration + +## RPCD Methods + +Service: `luci.ollama` + +## Dependencies + +- `luci-base` +- `secubox-app-ollama` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-picobrew/README.md b/package/secubox/luci-app-picobrew/README.md new file mode 100644 index 00000000..3fc0c6fa --- /dev/null +++ b/package/secubox/luci-app-picobrew/README.md @@ -0,0 +1,31 @@ +# LuCI PicoBrew Dashboard + +LuCI web interface for managing PicoBrew brewing controllers -- recipe and session monitoring. + +## Installation + +```bash +opkg install luci-app-picobrew +``` + +## Access + +LuCI > Services > PicoBrew + +## Tabs + +- **Dashboard** -- Brewing session status, recipe overview, and controller state +- **Settings** -- PicoBrew service configuration + +## RPCD Methods + +Service: `luci.picobrew` + +## Dependencies + +- `luci-base` +- `secubox-app-picobrew` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-secubox-admin/README.md b/package/secubox/luci-app-secubox-admin/README.md new file mode 100644 index 00000000..eeca6006 --- /dev/null +++ b/package/secubox/luci-app-secubox-admin/README.md @@ -0,0 +1,36 @@ +# LuCI SecuBox Admin Control Center + +Unified administration dashboard for SecuBox appstore plugins with system monitoring and management. + +## Installation + +```bash +opkg install luci-app-secubox-admin +``` + +## Access + +LuCI > SecuBox > Admin Control + +## Tabs + +- **Control Panel** -- Central admin dashboard +- **Cyber Console** -- Security-focused system console +- **Apps Manager** -- Install, update, and manage SecuBox applications +- **Updates** -- Available package and system updates +- **Profiles** -- User and device profile management +- **Skills** -- Automation skills configuration +- **Catalog Sources** -- App catalog feed management +- **Feedback** -- User feedback submission +- **App Settings** -- Per-application settings +- **System Health** -- Hardware and service health monitoring +- **System Logs** -- Centralized log viewer +- **Advanced Settings** -- Low-level system configuration + +## Dependencies + +Pure JavaScript/JSON package -- no additional runtime dependencies beyond LuCI. + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-secubox-p2p/README.md b/package/secubox/luci-app-secubox-p2p/README.md new file mode 100644 index 00000000..c279b4b1 --- /dev/null +++ b/package/secubox/luci-app-secubox-p2p/README.md @@ -0,0 +1,33 @@ +# LuCI SecuBox P2P Hub + +LuCI web interface for SecuBox peer-to-peer mesh management, peer discovery, and distributed services. + +## Installation + +```bash +opkg install luci-app-secubox-p2p +``` + +## Access + +LuCI > SecuBox > MirrorBox + +## Tabs + +- **Overview** -- P2P network status summary +- **P2P Hub** -- Central hub management and connectivity +- **Peers** -- Discovered peers and connection status +- **Services** -- Distributed services across the mesh +- **Profiles** -- Peer identity and profile configuration +- **Mesh Network** -- Mesh topology and routing +- **Factory** -- Device provisioning and Gitea backup integration +- **Settings** -- P2P network configuration + +## Dependencies + +- `luci-base` +- `secubox-p2p` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-secubox-portal/README.md b/package/secubox/luci-app-secubox-portal/README.md new file mode 100644 index 00000000..5078950f --- /dev/null +++ b/package/secubox/luci-app-secubox-portal/README.md @@ -0,0 +1,35 @@ +# SecuBox Portal + +Unified web UI entry point for all SecuBox applications -- provides the top-level SecuBox navigation and tabbed dashboard. + +## Installation + +```bash +opkg install luci-app-secubox-portal +``` + +## Access + +LuCI > SecuBox (top-level menu) + +## Sections + +- **Dashboard** -- Aggregated overview of all SecuBox services +- **Services** -- Container for service sub-menus +- **Apps** -- Application launcher and catalog +- **Settings** -- Global SecuBox settings + +### Public Pages (no login required) + +- Bug Bounty +- Crowdfunding Campaign +- Development Status + +## Dependencies + +- `luci-base` +- `luci-theme-secubox` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-simplex/README.md b/package/secubox/luci-app-simplex/README.md new file mode 100644 index 00000000..35e55837 --- /dev/null +++ b/package/secubox/luci-app-simplex/README.md @@ -0,0 +1,33 @@ +# LuCI SimpleX Chat Server + +LuCI web interface for managing a self-hosted SimpleX Chat relay -- privacy-first messaging with SMP and XFTP servers. + +## Installation + +```bash +opkg install luci-app-simplex +``` + +## Access + +LuCI > Services > SimpleX Chat + +## Features + +- SMP (SimpleX Messaging Protocol) server management +- XFTP file transfer server management +- Server address and fingerprint display +- Service start/stop/restart controls +- Connection status monitoring + +## RPCD Methods + +Service: `luci.simplex` + +## Dependencies + +- `secubox-app-simplex` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-app-streamlit/README.md b/package/secubox/luci-app-streamlit/README.md new file mode 100644 index 00000000..ac98ed49 --- /dev/null +++ b/package/secubox/luci-app-streamlit/README.md @@ -0,0 +1,37 @@ +# LuCI Streamlit Dashboard + +LuCI web interface for managing Streamlit application instances with Gitea integration. + +## Installation + +```bash +opkg install luci-app-streamlit +``` + +## Access + +LuCI > Services > Streamlit + +## Tabs + +- **Dashboard** -- Running instances, status, and resource usage +- **Settings** -- Instance configuration and Gitea repository integration + +## Features + +- Multi-instance Streamlit management +- Deploy apps from Gitea repositories +- Per-instance start/stop controls + +## RPCD Methods + +Service: `luci.streamlit` + +## Dependencies + +- `luci-base` +- `secubox-app-streamlit` + +## License + +Apache-2.0 diff --git a/package/secubox/luci-secubox-dnsguard/README.md b/package/secubox/luci-secubox-dnsguard/README.md new file mode 100644 index 00000000..48303404 --- /dev/null +++ b/package/secubox/luci-secubox-dnsguard/README.md @@ -0,0 +1,32 @@ +# SecuBox DNS Guard + +Alternate LuCI package for privacy-focused DNS management -- same functionality as `luci-app-dnsguard`, integrated under the SecuBox security menu. + +## Installation + +```bash +opkg install luci-secubox-dnsguard +``` + +## Access + +LuCI > SecuBox > Security > DNS Guard + +## Features + +- DNS filtering and ad blocking configuration +- Upstream DNS provider selection +- Query logging and statistics dashboard +- Blocklist management + +## RPCD Methods + +Service: `luci.dnsguard` + +## Dependencies + +- `luci-base` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app-adguardhome/README.md b/package/secubox/secubox-app-adguardhome/README.md new file mode 100644 index 00000000..ef94ec22 --- /dev/null +++ b/package/secubox/secubox-app-adguardhome/README.md @@ -0,0 +1,48 @@ +# SecuBox AdGuard Home + +Network-wide ad blocker running in Docker on SecuBox-powered OpenWrt systems, with DNS-over-HTTPS/TLS support and detailed analytics. + +## Installation + +```sh +opkg install secubox-app-adguardhome +``` + +## Configuration + +UCI config file: `/etc/config/adguardhome` + +``` +config adguardhome 'main' + option enabled '0' + option port '3000' +``` + +## Usage + +```sh +# Start / stop the service +/etc/init.d/adguardhome start +/etc/init.d/adguardhome stop + +# Controller CLI +adguardhomectl status +adguardhomectl install +adguardhomectl remove +``` + +## Files + +- `/etc/config/adguardhome` -- UCI configuration +- `/etc/init.d/adguardhome` -- init script +- `/usr/sbin/adguardhomectl` -- controller CLI + +## Dependencies + +- `dockerd` +- `docker` +- `containerd` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app-auth-logger/README.md b/package/secubox/secubox-app-auth-logger/README.md new file mode 100644 index 00000000..f1fa067d --- /dev/null +++ b/package/secubox/secubox-app-auth-logger/README.md @@ -0,0 +1,40 @@ +# SecuBox Authentication Failure Logger for CrowdSec + +Logs authentication failures from LuCI/rpcd and Dropbear SSH for CrowdSec detection. + +## Installation + +```sh +opkg install secubox-app-auth-logger +``` + +## Usage + +```sh +# Enable and start the service +/etc/init.d/secubox-app-auth-logger enable +/etc/init.d/secubox-app-auth-logger start +``` + +The auth monitor runs as a background daemon watching for login failures. + +## What It Ships + +- SSH failure monitoring (OpenSSH/Dropbear) +- LuCI web interface auth failure logging via CGI hook +- CrowdSec parser and bruteforce scenario +- CrowdSec acquisition configuration + +## Files + +- `/etc/init.d/secubox-app-auth-logger` -- init script +- `/usr/lib/secubox/auth-monitor.sh` -- auth failure monitor daemon + +## Dependencies + +- `rpcd` +- `uhttpd` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app-crowdsec-custom/README.md b/package/secubox/secubox-app-crowdsec-custom/README.md new file mode 100644 index 00000000..2992e551 --- /dev/null +++ b/package/secubox/secubox-app-crowdsec-custom/README.md @@ -0,0 +1,37 @@ +# CrowdSec Custom Scenarios for SecuBox + +Custom CrowdSec configurations for SecuBox web interface and service protection. + +## Installation + +```sh +opkg install secubox-app-crowdsec-custom +``` + +## Included Scenarios + +- HTTP authentication bruteforce detection +- Path scanning / enumeration detection +- LuCI / uhttpd auth failure monitoring +- Nginx reverse proxy monitoring +- HAProxy backend protection and auth monitoring +- Gitea web, SSH, and API bruteforce detection +- Streamlit app flooding and auth protection +- Webapp generic auth bruteforce protection +- Whitelist enrichment for trusted networks + +## What It Ships + +- Parsers under `/etc/crowdsec/parsers/` +- Scenarios under `/etc/crowdsec/scenarios/` +- Acquisition configs under `/etc/crowdsec/acquis.d/` +- Whitelist enrichment profiles + +## Dependencies + +- `crowdsec` +- `crowdsec-firewall-bouncer` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app-cs-firewall-bouncer/README.md b/package/secubox/secubox-app-cs-firewall-bouncer/README.md new file mode 100644 index 00000000..1be3eaaa --- /dev/null +++ b/package/secubox/secubox-app-cs-firewall-bouncer/README.md @@ -0,0 +1,49 @@ +# SecuBox CrowdSec Firewall Bouncer + +CrowdSec firewall bouncer with native nftables integration for IPv4 and IPv6 on OpenWrt. Go binary, version 0.0.31. + +## Installation + +```sh +opkg install secubox-app-cs-firewall-bouncer +``` + +## Configuration + +UCI config file: `/etc/config/crowdsec` + +The bouncer registers with the local CrowdSec LAPI and manages nftables sets to block malicious IPs. + +## Usage + +```sh +# Start / stop the service +/etc/init.d/crowdsec-firewall-bouncer start +/etc/init.d/crowdsec-firewall-bouncer stop + +# Check bouncer status +cs-firewall-bouncer -version +``` + +## Files + +- `/etc/config/crowdsec` -- UCI configuration +- `/etc/init.d/crowdsec-firewall-bouncer` -- init script +- `/usr/sbin/cs-firewall-bouncer` -- Go binary + +## Build Notes + +This is a Go package with CGO. It must be built with the full OpenWrt toolchain, not the SDK: + +```sh +cd secubox-tools/openwrt +make package/secubox-app-cs-firewall-bouncer/compile V=s +``` + +## Dependencies + +- `nftables` + +## License + +MIT diff --git a/package/secubox/secubox-app-cyberfeed/README.md b/package/secubox/secubox-app-cyberfeed/README.md new file mode 100644 index 00000000..46ad4f45 --- /dev/null +++ b/package/secubox/secubox-app-cyberfeed/README.md @@ -0,0 +1,53 @@ +# CyberFeed - RSS Feed Aggregator + +RSS feed aggregator for OpenWrt/SecuBox with RSS-Bridge support for social media feeds. + +## Installation + +```sh +opkg install secubox-app-cyberfeed +``` + +## Configuration + +UCI config file: `/etc/config/cyberfeed` + +Feed list: `/etc/cyberfeed/feeds.conf` + +``` +config cyberfeed 'main' + option enabled '1' + option refresh_interval '3600' +``` + +## Usage + +```sh +# Fetch and update feeds +cyberfeed update + +# List cached feeds +cyberfeed list + +# Set up RSS-Bridge for social media feeds +rss-bridge-setup +``` + +Feed refresh runs automatically via cron when enabled. + +## Files + +- `/etc/config/cyberfeed` -- UCI configuration +- `/etc/cyberfeed/feeds.conf` -- feed URL list +- `/usr/bin/cyberfeed` -- main CLI +- `/usr/bin/rss-bridge-setup` -- RSS-Bridge installer + +## Dependencies + +- `wget-ssl` +- `jsonfilter` +- `coreutils-stat` + +## License + +MIT diff --git a/package/secubox/secubox-app-domoticz/README.md b/package/secubox/secubox-app-domoticz/README.md new file mode 100644 index 00000000..ff669457 --- /dev/null +++ b/package/secubox/secubox-app-domoticz/README.md @@ -0,0 +1,48 @@ +# SecuBox Domoticz + +Home automation platform running in Docker on SecuBox-powered OpenWrt systems. + +## Installation + +```sh +opkg install secubox-app-domoticz +``` + +## Configuration + +UCI config file: `/etc/config/domoticz` + +``` +config domoticz 'main' + option enabled '0' + option port '8080' +``` + +## Usage + +```sh +# Start / stop the service +/etc/init.d/domoticz start +/etc/init.d/domoticz stop + +# Controller CLI +domoticzctl status +domoticzctl install +domoticzctl remove +``` + +## Files + +- `/etc/config/domoticz` -- UCI configuration +- `/etc/init.d/domoticz` -- init script +- `/usr/sbin/domoticzctl` -- controller CLI + +## Dependencies + +- `dockerd` +- `docker` +- `containerd` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app-exposure/README.md b/package/secubox/secubox-app-exposure/README.md new file mode 100644 index 00000000..f77d691e --- /dev/null +++ b/package/secubox/secubox-app-exposure/README.md @@ -0,0 +1,46 @@ +# SecuBox Service Exposure Manager + +Unified backend for managing service exposure: port conflict detection, Tor hidden services, and HAProxy SSL reverse proxy configuration. + +## Installation + +```sh +opkg install secubox-app-exposure +``` + +## Configuration + +UCI config file: `/etc/config/secubox-exposure` + +``` +config exposure 'main' + option enabled '1' +``` + +## Usage + +```sh +# Check for port conflicts +secubox-exposure check-ports + +# Manage Tor hidden services +secubox-exposure tor-add +secubox-exposure tor-remove + +# Manage HAProxy reverse proxy entries +secubox-exposure haproxy-add +secubox-exposure haproxy-remove +``` + +## Files + +- `/etc/config/secubox-exposure` -- UCI configuration +- `/usr/sbin/secubox-exposure` -- main CLI + +## Dependencies + +- `secubox-core` + +## License + +MIT diff --git a/package/secubox/secubox-app-gitea/README.md b/package/secubox/secubox-app-gitea/README.md new file mode 100644 index 00000000..674c657b --- /dev/null +++ b/package/secubox/secubox-app-gitea/README.md @@ -0,0 +1,61 @@ +# SecuBox Gitea Platform + +Self-hosted lightweight Git service running in an LXC container on SecuBox-powered OpenWrt systems. + +## Installation + +```sh +opkg install secubox-app-gitea +``` + +## Configuration + +UCI config file: `/etc/config/gitea` + +``` +config gitea 'main' + option enabled '0' + option http_port '3000' + option ssh_port '2222' +``` + +## Usage + +```sh +# Start / stop the service +/etc/init.d/gitea start +/etc/init.d/gitea stop + +# Controller CLI +giteactl status +giteactl install +giteactl remove +giteactl backup +giteactl restore +``` + +## Features + +- Git HTTP and SSH access +- Repository and user management via web UI +- SQLite database (embedded) +- Backup and restore support +- Runs in Alpine Linux LXC container + +## Files + +- `/etc/config/gitea` -- UCI configuration +- `/usr/sbin/giteactl` -- controller CLI + +## Dependencies + +- `jsonfilter` +- `wget-ssl` +- `tar` +- `lxc` +- `lxc-common` +- `git` + +## License + +MIT diff --git a/package/secubox/secubox-app-glances/README.md b/package/secubox/secubox-app-glances/README.md new file mode 100644 index 00000000..47a99d2b --- /dev/null +++ b/package/secubox/secubox-app-glances/README.md @@ -0,0 +1,55 @@ +# SecuBox Glances System Monitor + +Cross-platform system monitoring tool running in an LXC container, with web UI and RESTful API. + +## Installation + +```sh +opkg install secubox-app-glances +``` + +## Configuration + +UCI config file: `/etc/config/glances` + +``` +config glances 'main' + option enabled '0' + option port '61208' +``` + +## Usage + +```sh +# Start / stop the service +/etc/init.d/glances start +/etc/init.d/glances stop + +# Controller CLI +glancesctl status +glancesctl install +glancesctl remove +``` + +## Features + +- Real-time CPU, memory, disk, and network monitoring +- Process list with resource usage +- Docker/Podman container monitoring +- Web-based UI accessible from any device +- RESTful JSON API for integrations +- Alert system for threshold monitoring + +## Files + +- `/etc/config/glances` -- UCI configuration +- `/usr/sbin/glancesctl` -- controller CLI + +## Dependencies + +- `wget` +- `tar` + +## License + +LGPL-3.0 diff --git a/package/secubox/secubox-app-localai/README.md b/package/secubox/secubox-app-localai/README.md new file mode 100644 index 00000000..4efa31e1 --- /dev/null +++ b/package/secubox/secubox-app-localai/README.md @@ -0,0 +1,62 @@ +# SecuBox LocalAI + +Native LLM server with OpenAI-compatible REST API. Supports GGUF models on ARM64 and x86_64. + +## Installation + +```sh +opkg install secubox-app-localai +``` + +## Configuration + +UCI config file: `/etc/config/localai` + +``` +config localai 'main' + option enabled '0' + option port '8080' + option models_path '/srv/localai/models' +``` + +## Usage + +```sh +# Install the binary (downloaded on first run) +localaictl install + +# Start / stop the service +localaictl start +localaictl stop + +# Check status +localaictl status + +# Download a model +localaictl model-pull +``` + +The binary is downloaded from GitHub releases on first `localaictl install`. + +## Features + +- OpenAI-compatible REST API +- GGUF model support (LLaMA, Mistral, Phi, TinyLlama, etc.) +- ARM64 and x86_64 architectures + +## Files + +- `/etc/config/localai` -- UCI configuration +- `/usr/sbin/localaictl` -- controller CLI +- `/srv/localai/models/` -- model storage directory + +## Dependencies + +- `libstdcpp` +- `libpthread` +- `wget-ssl` +- `ca-certificates` + +## License + +MIT diff --git a/package/secubox/secubox-app-lyrion/README.md b/package/secubox/secubox-app-lyrion/README.md new file mode 100644 index 00000000..1cd6ddaa --- /dev/null +++ b/package/secubox/secubox-app-lyrion/README.md @@ -0,0 +1,48 @@ +# SecuBox Lyrion Music Server + +Lyrion Music Server (formerly Logitech Media Server / Squeezebox Server) for SecuBox-powered OpenWrt systems. + +## Installation + +```sh +opkg install secubox-app-lyrion +``` + +## Configuration + +UCI config file: `/etc/config/lyrion` + +``` +config lyrion 'main' + option enabled '0' + option port '9000' +``` + +Supports Docker and LXC runtimes. The controller auto-detects the available runtime, preferring LXC for lower resource usage. + +## Usage + +```sh +# Start / stop the service +/etc/init.d/lyrion start +/etc/init.d/lyrion stop + +# Controller CLI +lyrionctl status +lyrionctl install +lyrionctl remove +``` + +## Files + +- `/etc/config/lyrion` -- UCI configuration +- `/usr/sbin/lyrionctl` -- controller CLI + +## Dependencies + +- `wget` +- `tar` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app-magicmirror2/README.md b/package/secubox/secubox-app-magicmirror2/README.md new file mode 100644 index 00000000..8ed2447b --- /dev/null +++ b/package/secubox/secubox-app-magicmirror2/README.md @@ -0,0 +1,56 @@ +# SecuBox MagicMirror2 + +Open-source modular smart display platform running in an LXC container on SecuBox-powered OpenWrt systems. + +## Installation + +```sh +opkg install secubox-app-magicmirror2 +``` + +## Configuration + +UCI config file: `/etc/config/magicmirror2` + +``` +config magicmirror2 'main' + option enabled '0' + option port '8080' +``` + +## Usage + +```sh +# Start / stop the service +/etc/init.d/magicmirror2 start +/etc/init.d/magicmirror2 stop + +# Controller CLI +mm2ctl status +mm2ctl install +mm2ctl remove +``` + +## Features + +- Modular architecture with hundreds of available modules +- Built-in module manager for easy installation +- Weather, calendar, news, and custom widgets +- Web-based configuration interface +- Kiosk mode for dedicated displays + +## Files + +- `/etc/config/magicmirror2` -- UCI configuration +- `/usr/sbin/mm2ctl` -- controller CLI + +## Dependencies + +- `wget` +- `tar` +- `jq` +- `zstd` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app-mailinabox/README.md b/package/secubox/secubox-app-mailinabox/README.md new file mode 100644 index 00000000..1c9e0630 --- /dev/null +++ b/package/secubox/secubox-app-mailinabox/README.md @@ -0,0 +1,52 @@ +# SecuBox Mail Server (docker-mailserver) + +Full-featured mail server with SMTP, IMAP, POP3, spam filtering, antivirus, and automatic Let's Encrypt certificates. Runs docker-mailserver in a managed Docker container on OpenWrt. + +## Installation + +```bash +opkg install secubox-app-mailinabox +``` + +## Configuration + +UCI config file: `/etc/config/mailinabox` + +```bash +uci set mailinabox.main.enabled='1' +uci set mailinabox.main.hostname='mail.example.com' +uci set mailinabox.main.domain='example.com' +uci set mailinabox.main.ssl='letsencrypt' +uci commit mailinabox +``` + +## Usage + +```bash +mailinaboxctl start # Start mail server +mailinaboxctl stop # Stop mail server +mailinaboxctl status # Show service status +mailinaboxctl user add # Add mail user +mailinaboxctl user list # List mail users +mailinaboxctl user del # Remove mail user +mailinaboxctl logs # View mail logs +``` + +## Features + +- SMTP (25/587), IMAP (993), POP3 (995) +- SpamAssassin spam filtering +- ClamAV antivirus scanning +- DKIM/SPF/DMARC support +- Automatic Let's Encrypt TLS certificates +- User and alias management via CLI + +## Dependencies + +- `dockerd` +- `docker` +- `containerd` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app-metablogizer/README.md b/package/secubox/secubox-app-metablogizer/README.md new file mode 100644 index 00000000..354c3707 --- /dev/null +++ b/package/secubox/secubox-app-metablogizer/README.md @@ -0,0 +1,46 @@ +# MetaBlogizer - Static Site Publisher + +Static site publisher with automatic virtual host creation. Supports uhttpd (native) and nginx (LXC) backends. + +## Installation + +```bash +opkg install secubox-app-metablogizer +``` + +## Configuration + +UCI config file: `/etc/config/metablogizer` + +```bash +uci set metablogizer.main.enabled='1' +uci set metablogizer.main.backend='uhttpd' +uci set metablogizer.main.web_root='/srv/www' +uci commit metablogizer +``` + +## Usage + +```bash +metablogizerctl create # Create a new site +metablogizerctl deploy # Deploy/publish site +metablogizerctl list # List managed sites +metablogizerctl remove # Remove a site +metablogizerctl vhost add # Add virtual host +metablogizerctl status # Show status +``` + +## Features + +- Auto-vhost creation for new sites +- uhttpd (native OpenWrt) and nginx (LXC) backends +- Git-based content deployment + +## Dependencies + +- `git` +- `uhttpd` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app-mmpm/README.md b/package/secubox/secubox-app-mmpm/README.md new file mode 100644 index 00000000..87a633d9 --- /dev/null +++ b/package/secubox/secubox-app-mmpm/README.md @@ -0,0 +1,41 @@ +# MMPM - MagicMirror Package Manager + +Web-based GUI for managing MagicMirror modules. Provides a package manager interface for discovering, installing, and configuring MagicMirror2 modules. + +## Installation + +```bash +opkg install secubox-app-mmpm +``` + +Requires MagicMirror2 to be installed first. + +## Configuration + +UCI config file: `/etc/config/mmpm` + +```bash +uci set mmpm.main.enabled='1' +uci set mmpm.main.port='7890' +uci commit mmpm +``` + +## Usage + +```bash +mmpmctl start # Start MMPM service +mmpmctl stop # Stop MMPM service +mmpmctl status # Show service status +mmpmctl list # List installed modules +mmpmctl search # Search available modules +mmpmctl install # Install a module +mmpmctl remove # Remove a module +``` + +## Dependencies + +- `secubox-app-magicmirror2` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app-ndpid/README.md b/package/secubox/secubox-app-ndpid/README.md new file mode 100644 index 00000000..83363a31 --- /dev/null +++ b/package/secubox/secubox-app-ndpid/README.md @@ -0,0 +1,55 @@ +# nDPId - Deep Packet Inspection Daemon + +Layer-7 deep packet inspection daemon based on nDPI. Identifies application protocols and classifies network traffic using a microservice architecture with bundled libndpi 5.x. + +## Installation + +```bash +opkg install secubox-app-ndpid +``` + +## Configuration + +UCI config file: `/etc/config/ndpid` +Native config: `/etc/ndpid.conf` + +```bash +uci set ndpid.main.enabled='1' +uci set ndpid.main.interface='br-lan' +uci commit ndpid +``` + +## Binaries + +| Binary | Description | +|--------|-------------| +| `/usr/sbin/ndpid` | DPI capture daemon | +| `/usr/sbin/ndpisrvd` | JSON distributor service | + +## Architecture + +``` +Network traffic --> ndpid (capture + classify) --> ndpisrvd (JSON distributor) --> consumers +``` + +ndpid captures packets, classifies protocols via libndpi, and sends detection events to ndpisrvd. Consumers connect to ndpisrvd for real-time flow data. + +## Service Management + +```bash +/etc/init.d/ndpid start +/etc/init.d/ndpid stop +/etc/init.d/ndpid status +``` + +## Dependencies + +- `libpcap` +- `libjson-c` +- `libpthread` +- `zlib` +- `libstdcpp` + +## License + +GPL-3.0 diff --git a/package/secubox/secubox-app-nextcloud/README.md b/package/secubox/secubox-app-nextcloud/README.md new file mode 100644 index 00000000..5966489a --- /dev/null +++ b/package/secubox/secubox-app-nextcloud/README.md @@ -0,0 +1,50 @@ +# SecuBox Nextcloud + +Self-hosted file sync and share platform running in Docker on OpenWrt. Provides calendar, contacts, collaborative editing, and file management. + +## Installation + +```bash +opkg install secubox-app-nextcloud +``` + +## Configuration + +UCI config file: `/etc/config/nextcloud` + +```bash +uci set nextcloud.main.enabled='1' +uci set nextcloud.main.domain='cloud.example.com' +uci set nextcloud.main.port='8080' +uci set nextcloud.main.admin_user='admin' +uci set nextcloud.main.data_dir='/srv/nextcloud/data' +uci commit nextcloud +``` + +## Usage + +```bash +nextcloudctl start # Start Nextcloud container +nextcloudctl stop # Stop Nextcloud container +nextcloudctl status # Show service status +nextcloudctl update # Pull latest container image +nextcloudctl occ # Run Nextcloud occ command +nextcloudctl logs # View container logs +``` + +## Features + +- File sync and share with web, desktop, and mobile clients +- Calendar and contacts (CalDAV/CardDAV) +- Collaborative document editing +- Docker-based deployment with persistent storage + +## Dependencies + +- `dockerd` +- `docker` +- `containerd` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app-nodogsplash/README.md b/package/secubox/secubox-app-nodogsplash/README.md new file mode 100644 index 00000000..372e95a9 --- /dev/null +++ b/package/secubox/secubox-app-nodogsplash/README.md @@ -0,0 +1,56 @@ +# NodogSplash - Captive Portal + +Lightweight captive portal solution for OpenWrt. Provides a customizable splash page with click-through or credential-based authentication for guest network access control. + +## Installation + +```bash +opkg install secubox-app-nodogsplash +``` + +## Configuration + +Main config: `/etc/nodogsplash/nodogsplash.conf` + +Key options: +``` +GatewayInterface br-lan +GatewayAddress 192.168.1.1 +MaxClients 250 +SessionTimeout 1440 +``` + +## Binaries + +| Binary | Description | +|--------|-------------| +| `/usr/bin/nodogsplash` | Captive portal daemon | +| `/usr/bin/ndsctl` | Runtime control tool | + +## Usage + +```bash +# Service management +/etc/init.d/nodogsplash start +/etc/init.d/nodogsplash stop + +# Runtime control +ndsctl status # Show portal status +ndsctl clients # List connected clients +ndsctl auth # Authorize a client +ndsctl deauth # Deauthorize a client +``` + +## Customization + +Splash page templates are in `/etc/nodogsplash/htdocs/`. Edit `splash.html` to customize the portal appearance. + +## Dependencies + +- `libmicrohttpd` +- `libjson-c` +- `iptables-nft` + +## License + +GPL-2.0 diff --git a/package/secubox/secubox-app-ollama/README.md b/package/secubox/secubox-app-ollama/README.md new file mode 100644 index 00000000..2b83ad55 --- /dev/null +++ b/package/secubox/secubox-app-ollama/README.md @@ -0,0 +1,57 @@ +# SecuBox Ollama - Local LLM Runtime + +Run large language models locally on your OpenWrt device. Provides an OpenAI-compatible REST API with native ARM64 support. Supports LLaMA, Mistral, Phi, Gemma, and other open models. + +## Installation + +```bash +opkg install secubox-app-ollama +``` + +## Configuration + +UCI config file: `/etc/config/ollama` + +```bash +uci set ollama.main.enabled='1' +uci set ollama.main.bind='0.0.0.0' +uci set ollama.main.port='11434' +uci set ollama.main.model_dir='/srv/ollama/models' +uci commit ollama +``` + +## Usage + +```bash +ollamactl start # Start Ollama service +ollamactl stop # Stop Ollama service +ollamactl status # Show service status +ollamactl pull # Download a model +ollamactl list # List installed models +ollamactl remove # Remove a model +ollamactl run # Run interactive chat +``` + +## API + +OpenAI-compatible endpoint at `http://:11434`: + +```bash +curl http://localhost:11434/api/generate -d '{ + "model": "llama3.2", + "prompt": "Hello" +}' +``` + +## Supported Models + +LLaMA 3.x, Mistral, Phi-3, Gemma 2, CodeLlama, and any GGUF-compatible model. + +## Dependencies + +- `jsonfilter` +- `wget-ssl` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app-picobrew/README.md b/package/secubox/secubox-app-picobrew/README.md new file mode 100644 index 00000000..7e8ff687 --- /dev/null +++ b/package/secubox/secubox-app-picobrew/README.md @@ -0,0 +1,50 @@ +# SecuBox PicoBrew Server + +Self-hosted PicoBrew brewing controller running in an LXC container. Provides recipe management, real-time brew session monitoring, and device connectivity for PicoBrew hardware. + +## Installation + +```bash +opkg install secubox-app-picobrew +``` + +## Configuration + +UCI config file: `/etc/config/picobrew` + +```bash +uci set picobrew.main.enabled='1' +uci set picobrew.main.port='8080' +uci commit picobrew +``` + +## Usage + +```bash +picobrewctl start # Start PicoBrew server +picobrewctl stop # Stop PicoBrew server +picobrewctl status # Show service status +picobrewctl logs # View server logs +picobrewctl update # Update server from git +``` + +## Features + +- Recipe management and creation +- Real-time brew session monitoring +- PicoBrew device pairing and control +- Brew history and logging +- Runs isolated in LXC container + +## Dependencies + +- `jsonfilter` +- `wget-ssl` +- `tar` +- `lxc` +- `lxc-common` +- `git` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app-simplex/README.md b/package/secubox/secubox-app-simplex/README.md new file mode 100644 index 00000000..2c9ef45f --- /dev/null +++ b/package/secubox/secubox-app-simplex/README.md @@ -0,0 +1,56 @@ +# SecuBox SimpleX Chat Server + +Privacy-first messaging relay server running in an Alpine LXC container. Provides SMP (SimpleX Messaging Protocol) and XFTP (file transfer) services with end-to-end encryption and post-quantum cryptography support. + +## Installation + +```bash +opkg install secubox-app-simplex +``` + +## Configuration + +UCI config file: `/etc/config/simplex` + +```bash +uci set simplex.main.enabled='1' +uci set simplex.main.smp_port='5223' +uci set simplex.main.xftp_port='443' +uci set simplex.main.domain='chat.example.com' +uci commit simplex +``` + +## Usage + +```bash +simplexctl start # Start SimpleX server (LXC) +simplexctl stop # Stop SimpleX server +simplexctl status # Show service status +simplexctl logs # View server logs +simplexctl address # Show server address for clients +simplexctl update # Update SimpleX binaries +``` + +## HAProxy Integration + +Drop-in HAProxy config is provided at `/usr/lib/secubox/haproxy.d/simplex.cfg` for TLS termination and routing through the SecuBox HAProxy instance. + +## Features + +- SMP relay for SimpleX Chat messaging +- XFTP relay for encrypted file transfers +- End-to-end encryption with post-quantum algorithms +- No user identifiers or metadata collection +- Alpine LXC container isolation + +## Dependencies + +- `lxc` +- `lxc-common` +- `wget` +- `openssl-util` +- `tar` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app-tor/README.md b/package/secubox/secubox-app-tor/README.md new file mode 100644 index 00000000..08101886 --- /dev/null +++ b/package/secubox/secubox-app-tor/README.md @@ -0,0 +1,53 @@ +# SecuBox Tor Shield + +Tor integration for OpenWrt providing transparent proxy, SOCKS proxy, DNS over Tor, kill switch, hidden services, and bridge support. + +## Installation + +```bash +opkg install secubox-app-tor +``` + +## Configuration + +UCI config file: `/etc/config/tor-shield` + +```bash +uci set tor-shield.main.enabled='1' +uci set tor-shield.main.mode='transparent' +uci set tor-shield.main.dns_over_tor='1' +uci set tor-shield.main.kill_switch='0' +uci commit tor-shield +``` + +## Usage + +```bash +torctl start # Start Tor service +torctl stop # Stop Tor service +torctl status # Show Tor status and circuits +torctl newnym # Request new Tor identity +torctl bridges # Manage bridge relays +torctl hidden add # Create a hidden service +torctl hidden list # List hidden services +torctl killswitch on # Enable kill switch (block non-Tor traffic) +torctl killswitch off # Disable kill switch +``` + +## Modes + +- **Transparent proxy** -- All LAN traffic routed through Tor via iptables +- **SOCKS proxy** -- SOCKS5 endpoint for per-app Tor usage +- **DNS over Tor** -- DNS queries resolved through Tor network +- **Kill switch** -- Blocks all non-Tor traffic if Tor goes down + +## Dependencies + +- `iptables` +- `curl` +- `jsonfilter` +- `socat` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app-webapp/README.md b/package/secubox/secubox-app-webapp/README.md new file mode 100644 index 00000000..959abc27 --- /dev/null +++ b/package/secubox/secubox-app-webapp/README.md @@ -0,0 +1,49 @@ +# SecuBox Dashboard Web Application + +Native web dashboard for SecuBox appliances. Provides real-time monitoring, service management, and CrowdSec security integration using rpcd/ubus authentication. + +## Installation + +```bash +opkg install secubox-app-webapp +``` + +## Configuration + +UCI config file: `/etc/config/secubox-webapp` + +```bash +uci set secubox-webapp.main.enabled='1' +uci set secubox-webapp.main.port='80' +uci commit secubox-webapp +``` + +## Setup + +Run initial setup after installation: + +```bash +/usr/sbin/secubox-webapp-setup +``` + +## Web Interface + +Access the dashboard at `http:///secubox/index.html`. Authentication is handled through the native rpcd/ubus session system (same credentials as LuCI). + +## Features + +- Real-time system monitoring (CPU, memory, network) +- Service status and management +- CrowdSec threat dashboard integration +- Native rpcd/ubus authentication (no separate user database) + +## Dependencies + +- `uhttpd` +- `uhttpd-mod-ubus` +- `rpcd` +- `rpcd-mod-file` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app-zigbee2mqtt/README.md b/package/secubox/secubox-app-zigbee2mqtt/README.md new file mode 100644 index 00000000..1b1c48b6 --- /dev/null +++ b/package/secubox/secubox-app-zigbee2mqtt/README.md @@ -0,0 +1,50 @@ +# SecuBox Zigbee2MQTT - Zigbee to MQTT Bridge + +Docker-based Zigbee2MQTT bridge for OpenWrt. Connects Zigbee devices to your MQTT broker via a USB Zigbee adapter, enabling smart home integration without vendor cloud dependencies. + +## Installation + +```bash +opkg install secubox-app-zigbee2mqtt +``` + +## Configuration + +UCI config file: `/etc/config/zigbee2mqtt` + +```bash +uci set zigbee2mqtt.main.enabled='1' +uci set zigbee2mqtt.main.port='8099' +uci set zigbee2mqtt.main.serial_port='/dev/ttyACM0' +uci set zigbee2mqtt.main.mqtt_server='mqtt://localhost:1883' +uci commit zigbee2mqtt +``` + +## Usage + +```bash +zigbee2mqttctl start # Start Zigbee2MQTT container +zigbee2mqttctl stop # Stop Zigbee2MQTT container +zigbee2mqttctl status # Show service status +zigbee2mqttctl logs # View container logs +zigbee2mqttctl permit # Open network for device pairing +``` + +## Features + +- Web frontend for device management and pairing +- USB Zigbee adapter support (CC2531, CC2652, SONOFF, etc.) +- MQTT topic-based device control +- OTA firmware updates for Zigbee devices +- Docker container isolation + +## Dependencies + +- `kmod-usb-acm` +- `dockerd` +- `docker` +- `containerd` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-app/README.md b/package/secubox/secubox-app/README.md new file mode 100644 index 00000000..8de7a73a --- /dev/null +++ b/package/secubox/secubox-app/README.md @@ -0,0 +1,37 @@ +# SecuBox App Store CLI + +Command-line helper for managing SecuBox App Store manifests. + +## Installation + +```sh +opkg install secubox-app +``` + +## Usage + +```sh +# List available apps +secubox-app list + +# Show app manifest details +secubox-app info + +# Install an app +secubox-app install +``` + +Default plugin manifests are shipped under `/usr/share/secubox/plugins/`. + +## Files + +- `/usr/sbin/secubox-app` -- main CLI +- `/usr/share/secubox/plugins/` -- app manifests + +## Dependencies + +- `jsonfilter` + +## License + +Apache-2.0 diff --git a/package/secubox/secubox-base/README.md b/package/secubox/secubox-base/README.md new file mode 100644 index 00000000..2991ec6c --- /dev/null +++ b/package/secubox/secubox-base/README.md @@ -0,0 +1,25 @@ +# SecuBox Base Utilities + +Shared utility scripts used by other SecuBox packages. This is not a buildable OpenWrt package -- it provides common shell functions and helper scripts that are sourced or called by other SecuBox components. + +## Key Files + +| Path | Description | +|------|-------------| +| `/usr/sbin/secubox-network-health` | Network health monitoring script | + +## Usage + +The network health monitor can be run directly: + +```bash +/usr/sbin/secubox-network-health +``` + +## Note + +This package may be absorbed into `secubox-core` in a future release. New shared utilities should be added to `secubox-core` instead. + +## License + +Apache-2.0