feat(haproxy): Add AdGuard Home detection and improve service discovery

- Add AdGuard Home to known services (port 3000, security category) - Enhance _add_exposed_service to handle YAML config files - Add process name detection and running status for known services - Fix subshell issue in dynamic service detection (while loop) - Add port deduplication between known and dynamic services - Include description and process fields in service response Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-01 11:35:13 +01:00 · 2026-02-01 11:35:13 +01:00 · 681382c7ff
commit 681382c7ff
parent 906c3e8988
2 changed files with 46 additions and 4 deletions
--- a/package/secubox/luci-app-haproxy/root/usr/libexec/rpcd/luci.haproxy
+++ b/package/secubox/luci-app-haproxy/root/usr/libexec/rpcd/luci.haproxy
@ -1507,6 +1507,10 @@ method_list_exposed_services() {
 	json_init
 	json_add_array "services"

+	# Clear temp file for tracking known service ports
+	rm -f /tmp/.known_service_ports
+	touch /tmp/.known_service_ports
+
 	# Load known services from exposure config
 	if uci -q show secubox-exposure >/dev/null 2>&1; then
 		config_load "secubox-exposure"
@ -1515,16 +1519,21 @@ method_list_exposed_services() {

 	# Also scan listening ports for dynamic discovery
 	if command -v netstat >/dev/null 2>&1; then
-		netstat -tlnp 2>/dev/null | grep LISTEN | while read line; do
+		# Save netstat output to temp file to avoid subshell issues
+		netstat -tlnp 2>/dev/null | grep LISTEN > /tmp/.netstat_listen
+		while read line; do
 			local addr_port=$(echo "$line" | awk '{print $4}')
 			local port=$(echo "$addr_port" | awk -F: '{print $NF}')
 			local proc=$(echo "$line" | awk '{print $7}' | cut -d'/' -f2)

-			# Skip if already added from known services or common system ports
+			# Skip common system ports
 			case "$port" in
 				22|53|80|443|8404) continue ;;
 			esac

+			# Skip if already added from known services
+			grep -q "^${port}$" /tmp/.known_service_ports 2>/dev/null && continue
+
 			# Only add if process name is useful
 			if [ -n "$proc" ] && [ "$proc" != "-" ] && [ "$proc" != "unknown" ]; then
 				json_add_object
@ -1534,22 +1543,30 @@ method_list_exposed_services() {
 				json_add_string "address" "127.0.0.1"
 				json_add_string "category" "detected"
 				json_add_boolean "dynamic" 1
+				json_add_boolean "running" 1
 				json_close_object
 			fi
-		done
+		done < /tmp/.netstat_listen
+		rm -f /tmp/.netstat_listen
 	fi

+	# Cleanup
+	rm -f /tmp/.known_service_ports
+
 	json_close_array
 	json_dump
 }

 _add_exposed_service() {
 	local section="$1"
-	local default_port config_path category actual_port
+	local default_port config_path config_file category process_name description actual_port running

 	config_get default_port "$section" default_port ""
 	config_get config_path "$section" config_path ""
+	config_get config_file "$section" config_file ""
 	config_get category "$section" category "app"
+	config_get process_name "$section" process_name ""
+	config_get description "$section" description ""

 	[ -z "$default_port" ] && return

@ -1560,6 +1577,21 @@ _add_exposed_service() {
 		[ -n "$configured_port" ] && actual_port="$configured_port"
 	fi

+	# For YAML config files, try to extract port (e.g., AdGuardHome)
+	if [ -n "$config_file" ] && [ -f "$config_file" ]; then
+		local yaml_port=$(grep -E "^\s*port:\s*[0-9]+" "$config_file" 2>/dev/null | head -1 | awk '{print $2}')
+		[ -n "$yaml_port" ] && actual_port="$yaml_port"
+	fi
+
+	# Check if service is running by process name
+	running=0
+	if [ -n "$process_name" ]; then
+		pgrep -f "$process_name" >/dev/null 2>&1 && running=1
+	fi
+
+	# Track known service ports for dedup (stored in temp file)
+	echo "$actual_port" >> /tmp/.known_service_ports
+
 	json_add_object
 	json_add_string "id" "$section"
 	json_add_string "name" "$section"
@ -1567,6 +1599,9 @@ _add_exposed_service() {
 	json_add_string "address" "127.0.0.1"
 	json_add_string "category" "$category"
 	json_add_boolean "dynamic" 0
+	json_add_boolean "running" "$running"
+	[ -n "$description" ] && json_add_string "description" "$description"
+	[ -n "$process_name" ] && json_add_string "process" "$process_name"
 	json_close_object
 }

--- a/package/secubox/secubox-app-exposure/files/etc/config/secubox-exposure
+++ b/package/secubox/secubox-app-exposure/files/etc/config/secubox-exposure
@ -52,6 +52,13 @@ config known 'domoticz'
    option config_type 'docker'
    option category 'app'

+config known 'adguardhome'
+    option default_port '3000'
+    option config_file '/etc/adguardhome.yaml'
+    option process_name 'AdGuardHome'
+    option category 'security'
+    option description 'DNS filtering and ad blocking'
+
 # Service exposure entries (dynamically managed)
 # Example:
 # config service 'gitea'