diff --git a/package/secubox/luci-app-secubox-p2p/htdocs/luci-static/resources/view/secubox-p2p/factory.js b/package/secubox/luci-app-secubox-p2p/htdocs/luci-static/resources/view/secubox-p2p/factory.js index 14f83c38..83f7883a 100644 --- a/package/secubox/luci-app-secubox-p2p/htdocs/luci-static/resources/view/secubox-p2p/factory.js +++ b/package/secubox/luci-app-secubox-p2p/htdocs/luci-static/resources/view/secubox-p2p/factory.js @@ -5,8 +5,9 @@ return view.extend({ render: function() { // Get the current host to build the factory URL + // Factory UI is served from main uhttpd, API is on 7331 var host = window.location.hostname; - var factoryUrl = 'http://' + host + ':7331/factory/'; + var factoryUrl = '/factory/'; return E('div', { 'class': 'cbi-map' }, [ E('h2', {}, _('SecuBox Factory')), @@ -21,7 +22,7 @@ return view.extend({ 'style': 'margin-right: 0.5rem;' }, _('Open in New Tab')), E('span', { 'style': 'color: #888; font-size: 0.85rem;' }, - _('Factory runs on port 7331') + _('Factory API on port 7331') ) ]), E('iframe', { diff --git a/package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages b/package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages index d1aad179..286c9185 100644 --- a/package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages +++ b/package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages @@ -8,7 +8,7 @@ Architecture: all Installed-Size: 71680 Description: Comprehensive authentication and session management with captive portal, OAuth2/OIDC integration, voucher system, and time-based access control Filename: luci-app-auth-guardian_0.4.0-r3_all.ipk -Size: 12078 +Size: 12081 Package: luci-app-bandwidth-manager Version: 0.5.0-r2 @@ -20,7 +20,7 @@ Architecture: all Installed-Size: 378880 Description: Advanced bandwidth management with QoS rules, client quotas, and SQM integration Filename: luci-app-bandwidth-manager_0.5.0-r2_all.ipk -Size: 66973 +Size: 66966 Package: luci-app-cdn-cache Version: 0.5.0-r3 @@ -32,7 +32,7 @@ Architecture: all Installed-Size: 122880 Description: Dashboard for managing local CDN caching proxy on OpenWrt Filename: luci-app-cdn-cache_0.5.0-r3_all.ipk -Size: 23192 +Size: 23189 Package: luci-app-client-guardian Version: 0.4.0-r7 @@ -44,7 +44,7 @@ Architecture: all Installed-Size: 307200 Description: Network Access Control with client monitoring, zone management, captive portal, parental controls, and SMS/email alerts Filename: luci-app-client-guardian_0.4.0-r7_all.ipk -Size: 57045 +Size: 57042 Package: luci-app-crowdsec-dashboard Version: 0.7.0-r29 @@ -68,7 +68,7 @@ Architecture: all Installed-Size: 71680 Description: Cyberpunk-themed RSS feed aggregator dashboard with social media support Filename: luci-app-cyberfeed_0.1.1-r1_all.ipk -Size: 12839 +Size: 12838 Package: luci-app-exposure Version: 1.0.0-r3 @@ -92,7 +92,7 @@ Architecture: all Installed-Size: 92160 Description: Modern dashboard for Gitea Platform management on OpenWrt Filename: luci-app-gitea_1.0.0-r2_all.ipk -Size: 15586 +Size: 15585 Package: luci-app-glances Version: 1.0.0-r2 @@ -104,7 +104,7 @@ Architecture: all Installed-Size: 40960 Description: Modern dashboard for Glances system monitoring with SecuBox theme Filename: luci-app-glances_1.0.0-r2_all.ipk -Size: 6970 +Size: 6963 Package: luci-app-haproxy Version: 1.0.0-r8 @@ -128,7 +128,7 @@ Architecture: all Installed-Size: 215040 Description: Modern dashboard for Hexo static site generator on OpenWrt Filename: luci-app-hexojs_1.0.0-r3_all.ipk -Size: 32978 +Size: 32974 Package: luci-app-ksm-manager Version: 0.4.0-r2 @@ -140,7 +140,7 @@ Architecture: all Installed-Size: 112640 Description: Centralized cryptographic key management with hardware security module (HSM) support for Nitrokey and YubiKey devices. Provides secure key storage, certificate management, SSH key handling, and secret storage with audit logging. Filename: luci-app-ksm-manager_0.4.0-r2_all.ipk -Size: 18724 +Size: 18720 Package: luci-app-localai Version: 0.1.0-r15 @@ -152,7 +152,7 @@ Architecture: all Installed-Size: 81920 Description: Modern dashboard for LocalAI LLM management on OpenWrt Filename: luci-app-localai_0.1.0-r15_all.ipk -Size: 14365 +Size: 14360 Package: luci-app-lyrion Version: 1.0.0-r1 @@ -164,7 +164,7 @@ Architecture: all Installed-Size: 40960 Description: LuCI support for Lyrion Music Server Filename: luci-app-lyrion_1.0.0-r1_all.ipk -Size: 6728 +Size: 6725 Package: luci-app-magicmirror2 Version: 0.4.0-r6 @@ -176,7 +176,7 @@ Architecture: all Installed-Size: 71680 Description: Modern dashboard for MagicMirror2 smart display platform with module manager and SecuBox theme Filename: luci-app-magicmirror2_0.4.0-r6_all.ipk -Size: 12277 +Size: 12274 Package: luci-app-mailinabox Version: 1.0.0-r1 @@ -188,7 +188,7 @@ Architecture: all Installed-Size: 30720 Description: LuCI support for Mail-in-a-Box Filename: luci-app-mailinabox_1.0.0-r1_all.ipk -Size: 5484 +Size: 5481 Package: luci-app-media-flow Version: 0.6.4-r1 @@ -200,7 +200,7 @@ Architecture: all Installed-Size: 102400 Description: Real-time detection and monitoring of streaming services (Netflix, YouTube, Spotify, etc.) with quality estimation, history tracking, and alerts. Supports nDPId local DPI and netifyd. Filename: luci-app-media-flow_0.6.4-r1_all.ipk -Size: 19117 +Size: 19120 Package: luci-app-metablogizer Version: 1.0.0-r3 @@ -212,7 +212,7 @@ Architecture: all Installed-Size: 112640 Description: LuCI support for MetaBlogizer Static Site Publisher Filename: luci-app-metablogizer_1.0.0-r3_all.ipk -Size: 23506 +Size: 23503 Package: luci-app-metabolizer Version: 1.0.0-r2 @@ -224,7 +224,7 @@ Architecture: all Installed-Size: 30720 Description: LuCI support for Metabolizer CMS Filename: luci-app-metabolizer_1.0.0-r2_all.ipk -Size: 4759 +Size: 4756 Package: luci-app-mitmproxy Version: 0.4.0-r6 @@ -236,7 +236,7 @@ Architecture: all Installed-Size: 102400 Description: Modern dashboard for mitmproxy HTTPS traffic inspection with SecuBox theme Filename: luci-app-mitmproxy_0.4.0-r6_all.ipk -Size: 18934 +Size: 18933 Package: luci-app-mmpm Version: 0.2.0-r3 @@ -248,7 +248,7 @@ Architecture: all Installed-Size: 51200 Description: Web interface for MMPM - MagicMirror Package Manager Filename: luci-app-mmpm_0.2.0-r3_all.ipk -Size: 7902 +Size: 7899 Package: luci-app-mqtt-bridge Version: 0.4.0-r4 @@ -260,7 +260,7 @@ Architecture: all Installed-Size: 122880 Description: USB-to-MQTT IoT hub with SecuBox theme Filename: luci-app-mqtt-bridge_0.4.0-r4_all.ipk -Size: 22776 +Size: 22777 Package: luci-app-ndpid Version: 1.1.2-r2 @@ -284,7 +284,7 @@ Architecture: all Installed-Size: 133120 Description: Real-time system monitoring dashboard with Netdata integration for OpenWrt Filename: luci-app-netdata-dashboard_0.5.0-r2_all.ipk -Size: 22398 +Size: 22396 Package: luci-app-network-modes Version: 0.5.0-r3 @@ -296,7 +296,7 @@ Architecture: all Installed-Size: 307200 Description: Configure OpenWrt for different network modes: Sniffer, Access Point, Relay, Router Filename: luci-app-network-modes_0.5.0-r3_all.ipk -Size: 55610 +Size: 55608 Package: luci-app-network-tweaks Version: 1.0.0-r7 @@ -308,7 +308,7 @@ Architecture: all Installed-Size: 81920 Description: Unified network services dashboard with DNS/hosts sync, CDN cache control, and WPAD auto-proxy configuration Filename: luci-app-network-tweaks_1.0.0-r7_all.ipk -Size: 15462 +Size: 15455 Package: luci-app-nextcloud Version: 1.0.0-r1 @@ -332,7 +332,7 @@ Architecture: all Installed-Size: 71680 Description: Modern dashboard for Ollama LLM management on OpenWrt Filename: luci-app-ollama_0.1.0-r1_all.ipk -Size: 11997 +Size: 11991 Package: luci-app-picobrew Version: 1.0.0-r1 @@ -344,7 +344,7 @@ Architecture: all Installed-Size: 51200 Description: Modern dashboard for PicoBrew Server management on OpenWrt Filename: luci-app-picobrew_1.0.0-r1_all.ipk -Size: 9976 +Size: 9972 Package: luci-app-secubox Version: 0.7.1-r4 @@ -367,7 +367,7 @@ Architecture: all Installed-Size: 337920 Description: Unified admin control center for SecuBox appstore plugins with system monitoring Filename: luci-app-secubox-admin_1.0.0-r19_all.ipk -Size: 57098 +Size: 57094 Package: luci-app-secubox-crowdsec Version: 1.0.0-r3 @@ -379,7 +379,7 @@ Architecture: all Installed-Size: 81920 Description: LuCI SecuBox CrowdSec Dashboard Filename: luci-app-secubox-crowdsec_1.0.0-r3_all.ipk -Size: 13922 +Size: 13914 Package: luci-app-secubox-netdiag Version: 1.0.0-r1 @@ -391,7 +391,7 @@ Architecture: all Installed-Size: 61440 Description: Real-time DSA switch port statistics, error monitoring, and network health diagnostics Filename: luci-app-secubox-netdiag_1.0.0-r1_all.ipk -Size: 11996 +Size: 12000 Package: luci-app-secubox-netifyd Version: 1.2.1-r1 @@ -403,7 +403,19 @@ Architecture: all Installed-Size: 215040 Description: Complete LuCI interface for netifyd DPI engine with real-time flow monitoring, application detection, network analytics, and flow action plugins Filename: luci-app-secubox-netifyd_1.2.1-r1_all.ipk -Size: 39500 +Size: 39499 + +Package: luci-app-secubox-p2p +Version: 0.1.0-r1 +Depends: secubox-p2p, luci-base +License: MIT +Section: luci +Maintainer: OpenWrt LuCI community +Architecture: all +Installed-Size: 215040 +Description: LuCI SecuBox P2P Hub +Filename: luci-app-secubox-p2p_0.1.0-r1_all.ipk +Size: 39254 Package: luci-app-secubox-portal Version: 0.7.0-r2 @@ -415,7 +427,7 @@ Architecture: all Installed-Size: 122880 Description: Unified entry point for all SecuBox applications with tabbed navigation Filename: luci-app-secubox-portal_0.7.0-r2_all.ipk -Size: 24557 +Size: 24553 Package: luci-app-secubox-security-threats Version: 1.0.0-r4 @@ -427,7 +439,7 @@ Architecture: all Installed-Size: 71680 Description: Unified dashboard integrating netifyd DPI threats with CrowdSec intelligence for real-time threat monitoring and automated blocking Filename: luci-app-secubox-security-threats_1.0.0-r4_all.ipk -Size: 13905 +Size: 13899 Package: luci-app-service-registry Version: 1.0.0-r1 @@ -439,7 +451,7 @@ Architecture: all Installed-Size: 194560 Description: Unified service aggregation with HAProxy vhosts, Tor hidden services, and QR-coded landing page Filename: luci-app-service-registry_1.0.0-r1_all.ipk -Size: 39828 +Size: 39826 Package: luci-app-streamlit Version: 1.0.0-r9 @@ -451,7 +463,7 @@ Architecture: all Installed-Size: 122880 Description: Modern dashboard for Streamlit Platform management on OpenWrt Filename: luci-app-streamlit_1.0.0-r9_all.ipk -Size: 20474 +Size: 20470 Package: luci-app-system-hub Version: 0.5.1-r4 @@ -463,7 +475,7 @@ Architecture: all Installed-Size: 358400 Description: Central system control with monitoring, services, logs, and backup Filename: luci-app-system-hub_0.5.1-r4_all.ipk -Size: 66350 +Size: 66345 Package: luci-app-tor-shield Version: 1.0.0-r10 @@ -475,7 +487,7 @@ Architecture: all Installed-Size: 133120 Description: Modern dashboard for Tor anonymization on OpenWrt Filename: luci-app-tor-shield_1.0.0-r10_all.ipk -Size: 24540 +Size: 24532 Package: luci-app-traffic-shaper Version: 0.4.0-r2 @@ -487,7 +499,7 @@ Architecture: all Installed-Size: 92160 Description: Advanced traffic shaping with TC/CAKE for precise bandwidth control Filename: luci-app-traffic-shaper_0.4.0-r2_all.ipk -Size: 15636 +Size: 15635 Package: luci-app-vhost-manager Version: 0.5.0-r5 @@ -499,7 +511,7 @@ Architecture: all Installed-Size: 153600 Description: Nginx reverse proxy manager with Let's Encrypt SSL certificates, authentication, and WebSocket support Filename: luci-app-vhost-manager_0.5.0-r5_all.ipk -Size: 26201 +Size: 26199 Package: luci-app-wireguard-dashboard Version: 0.7.0-r5 @@ -523,7 +535,7 @@ Architecture: all Installed-Size: 40960 Description: Graphical interface for managing the Zigbee2MQTT docker application. Filename: luci-app-zigbee2mqtt_1.0.0-r2_all.ipk -Size: 7091 +Size: 7085 Package: luci-theme-secubox Version: 0.4.7-r1 @@ -535,7 +547,7 @@ Architecture: all Installed-Size: 460800 Description: Global CyberMood design system (CSS/JS/i18n) shared by all SecuBox dashboards. Filename: luci-theme-secubox_0.4.7-r1_all.ipk -Size: 111797 +Size: 111793 Package: secubox-app Version: 1.0.0-r2 @@ -546,7 +558,7 @@ Installed-Size: 92160 Description: Command line helper for SecuBox App Store manifests. Installs /usr/sbin/secubox-app and ships the default manifests under /usr/share/secubox/plugins/. Filename: secubox-app_1.0.0-r2_all.ipk -Size: 11183 +Size: 11185 Package: secubox-app-adguardhome Version: 1.0.0-r2 @@ -560,7 +572,7 @@ Description: Installer, configuration, and service manager for running AdGuard inside Docker on SecuBox-powered OpenWrt systems. Network-wide ad blocker with DNS-over-HTTPS/TLS support and detailed analytics. Filename: secubox-app-adguardhome_1.0.0-r2_all.ipk -Size: 2879 +Size: 2876 Package: secubox-app-auth-logger Version: 1.2.2-r1 @@ -578,7 +590,7 @@ Description: Logs authentication failures from LuCI/rpcd and Dropbear SSH - JavaScript hook to intercept login failures - CrowdSec parser and bruteforce scenario Filename: secubox-app-auth-logger_1.2.2-r1_all.ipk -Size: 9377 +Size: 9378 Package: secubox-app-crowdsec-custom Version: 1.1.0-r1 @@ -601,7 +613,7 @@ Description: Custom CrowdSec configurations for SecuBox web interface protectio - Webapp generic auth bruteforce protection - Whitelist for trusted networks Filename: secubox-app-crowdsec-custom_1.1.0-r1_all.ipk -Size: 5753 +Size: 5759 Package: secubox-app-cs-firewall-bouncer Version: 0.0.31-r4 @@ -628,7 +640,7 @@ Description: SecuBox CrowdSec Firewall Bouncer for OpenWrt. - Automatic restart on firewall reload - procd service management Filename: secubox-app-cs-firewall-bouncer_0.0.31-r4_aarch64_cortex-a72.ipk -Size: 5049323 +Size: 5049321 Package: secubox-app-cyberfeed Version: 0.2.1-r1 @@ -655,7 +667,7 @@ Installed-Size: 10240 Description: Installer, configuration, and service manager for running Domoticz inside Docker on SecuBox-powered OpenWrt systems. Filename: secubox-app-domoticz_1.0.0-r2_all.ipk -Size: 2545 +Size: 2544 Package: secubox-app-exposure Version: 1.0.0-r1 @@ -670,7 +682,7 @@ Description: Unified service exposure manager for SecuBox. - Dynamic Tor hidden service management - HAProxy SSL reverse proxy configuration Filename: secubox-app-exposure_1.0.0-r1_all.ipk -Size: 6824 +Size: 6825 Package: secubox-app-gitea Version: 1.0.0-r5 @@ -693,7 +705,7 @@ Description: Gitea Git Platform - Self-hosted lightweight Git service Runs in LXC container with Alpine Linux. Configure in /etc/config/gitea. Filename: secubox-app-gitea_1.0.0-r5_all.ipk -Size: 9401 +Size: 9406 Package: secubox-app-glances Version: 1.0.0-r1 @@ -716,7 +728,7 @@ Description: Glances - Cross-platform system monitoring tool for SecuBox. Runs in LXC container for isolation and security. Configure in /etc/config/glances. Filename: secubox-app-glances_1.0.0-r1_all.ipk -Size: 5530 +Size: 5534 Package: secubox-app-haproxy Version: 1.0.0-r23 @@ -736,7 +748,7 @@ Description: HAProxy load balancer and reverse proxy running in an LXC containe - Stats dashboard - Rate limiting and ACLs Filename: secubox-app-haproxy_1.0.0-r23_all.ipk -Size: 15675 +Size: 15682 Package: secubox-app-hexojs Version: 1.0.0-r8 @@ -760,7 +772,7 @@ Description: Hexo CMS - Self-hosted static blog generator for OpenWrt Runs in LXC container with Alpine Linux. Configure in /etc/config/hexojs. Filename: secubox-app-hexojs_1.0.0-r8_all.ipk -Size: 94937 +Size: 94934 Package: secubox-app-localai Version: 2.25.0-r1 @@ -782,7 +794,7 @@ Description: LocalAI native binary package for OpenWrt. API: http://:8081/v1 Filename: secubox-app-localai_2.25.0-r1_all.ipk -Size: 5709 +Size: 5712 Package: secubox-app-localai-wb Version: 2.25.0-r1 @@ -806,7 +818,7 @@ Description: LocalAI native binary package for OpenWrt. API: http://:8080/v1 Filename: secubox-app-localai-wb_2.25.0-r1_all.ipk -Size: 7948 +Size: 7950 Package: secubox-app-lyrion Version: 2.0.2-r1 @@ -826,7 +838,7 @@ Description: Lyrion Media Server (formerly Logitech Media Server / Squeezebox S Auto-detects available runtime, preferring LXC for lower resource usage. Configure runtime in /etc/config/lyrion. Filename: secubox-app-lyrion_2.0.2-r1_all.ipk -Size: 7286 +Size: 7285 Package: secubox-app-magicmirror2 Version: 0.4.0-r8 @@ -873,7 +885,7 @@ Description: Complete email server solution using docker-mailserver for SecuBox Commands: mailinaboxctl --help Filename: secubox-app-mailinabox_2.0.0-r1_all.ipk -Size: 7571 +Size: 7566 Package: secubox-app-metabolizer Version: 1.0.0-r3 @@ -894,7 +906,7 @@ Description: Metabolizer Blog Pipeline - Integrated CMS with Git-based workflow Pipeline: Edit in Streamlit -> Push to Gitea -> Build with Hexo -> Publish Filename: secubox-app-metabolizer_1.0.0-r3_all.ipk -Size: 13973 +Size: 13979 Package: secubox-app-mitmproxy Version: 0.4.0-r16 @@ -915,7 +927,7 @@ Description: mitmproxy - Interactive HTTPS proxy for SecuBox-powered OpenWrt sy Runs in LXC container for isolation and security. Configure in /etc/config/mitmproxy. Filename: secubox-app-mitmproxy_0.4.0-r16_all.ipk -Size: 10208 +Size: 10215 Package: secubox-app-mmpm Version: 0.2.0-r5 @@ -936,7 +948,7 @@ Description: MMPM (MagicMirror Package Manager) for SecuBox. Runs inside the MagicMirror2 LXC container. Filename: secubox-app-mmpm_0.2.0-r5_all.ipk -Size: 3977 +Size: 3974 Package: secubox-app-nextcloud Version: 1.0.0-r2 @@ -950,7 +962,7 @@ Description: Installer, configuration, and service manager for running Nextclou inside Docker on SecuBox-powered OpenWrt systems. Self-hosted file sync and share with calendar, contacts, and collaboration. Filename: secubox-app-nextcloud_1.0.0-r2_all.ipk -Size: 2961 +Size: 2955 Package: secubox-app-ollama Version: 0.1.0-r1 @@ -972,7 +984,7 @@ Description: Ollama - Simple local LLM runtime for SecuBox-powered OpenWrt syst Runs in Docker/Podman container. Configure in /etc/config/ollama. Filename: secubox-app-ollama_0.1.0-r1_all.ipk -Size: 5732 +Size: 5733 Package: secubox-app-picobrew Version: 1.0.0-r7 @@ -994,7 +1006,7 @@ Description: PicoBrew Server - Self-hosted brewing controller for PicoBrew devi Runs in LXC container with Python/Flask backend. Configure in /etc/config/picobrew. Filename: secubox-app-picobrew_1.0.0-r7_all.ipk -Size: 5540 +Size: 5539 Package: secubox-app-streamlit Version: 1.0.0-r5 @@ -1021,7 +1033,7 @@ Description: Streamlit App Platform - Self-hosted Python data app platform Configure in /etc/config/streamlit. Filename: secubox-app-streamlit_1.0.0-r5_all.ipk -Size: 11721 +Size: 11717 Package: secubox-app-tor Version: 1.0.0-r1 @@ -1044,7 +1056,7 @@ Description: SecuBox Tor Shield - One-click Tor anonymization for OpenWrt Configure in /etc/config/tor-shield. Filename: secubox-app-tor_1.0.0-r1_all.ipk -Size: 7376 +Size: 7379 Package: secubox-app-webapp Version: 1.5.0-r7 @@ -1062,7 +1074,7 @@ Description: SecuBox Control Center Dashboard - A web-based dashboard for monit - Service management - Network interface control Filename: secubox-app-webapp_1.5.0-r7_all.ipk -Size: 39167 +Size: 39169 Package: secubox-app-zigbee2mqtt Version: 1.0.0-r3 @@ -1095,19 +1107,21 @@ Description: SecuBox Core Framework provides the foundational infrastructure fo - Unified CLI interface - ubus RPC backend Filename: secubox-core_0.10.0-r9_all.ipk -Size: 80067 +Size: 80068 Package: secubox-p2p -Version: 0.3.0-r1 +Version: 0.4.0-r1 Depends: jsonfilter, curl, avahi-daemon, avahi-utils, uhttpd License: MIT Section: secubox Maintainer: SecuBox Team Architecture: all -Installed-Size: 81920 +Installed-Size: 133120 Description: SecuBox P2P Hub backend providing peer discovery, mesh networking DNS federation, and distributed service management. Includes mDNS - service announcement and REST API on port 7331 for mesh visibility. -Filename: secubox-p2p_0.3.0-r1_all.ipk -Size: 16997 + service announcement, REST API on port 7331 for mesh visibility + and SecuBox Factory unified dashboard with Ed25519 signed Merkle + snapshots for cryptographic configuration validation. +Filename: secubox-p2p_0.4.0-r1_all.ipk +Size: 27891 diff --git a/package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages.gz b/package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages.gz index 1efc00b5..cd87c993 100644 Binary files a/package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages.gz and b/package/secubox/secubox-app-bonus/root/www/secubox-feed/Packages.gz differ diff --git a/package/secubox/secubox-app-bonus/root/www/secubox-feed/apps-local.json b/package/secubox/secubox-app-bonus/root/www/secubox-feed/apps-local.json index c3792927..36b512a4 100644 --- a/package/secubox/secubox-app-bonus/root/www/secubox-feed/apps-local.json +++ b/package/secubox/secubox-app-bonus/root/www/secubox-feed/apps-local.json @@ -1,12 +1,12 @@ { "feed_url": "/secubox-feed", - "generated": "2026-01-31T07:32:55+01:00", + "generated": "2026-01-31T08:07:44+01:00", "packages": [ { "name": "luci-app-auth-guardian", "version": "0.4.0-r3", "filename": "luci-app-auth-guardian_0.4.0-r3_all.ipk", - "size": 12078, + "size": 12081, "category": "security", "icon": "key", "description": "Authentication management", @@ -18,7 +18,7 @@ "name": "luci-app-bandwidth-manager", "version": "0.5.0-r2", "filename": "luci-app-bandwidth-manager_0.5.0-r2_all.ipk", - "size": 66973, + "size": 66966, "category": "network", "icon": "activity", "description": "Bandwidth monitoring and control", @@ -30,7 +30,7 @@ "name": "luci-app-cdn-cache", "version": "0.5.0-r3", "filename": "luci-app-cdn-cache_0.5.0-r3_all.ipk", - "size": 23192, + "size": 23189, "category": "network", "icon": "globe", "description": "CDN caching", @@ -42,7 +42,7 @@ "name": "luci-app-client-guardian", "version": "0.4.0-r7", "filename": "luci-app-client-guardian_0.4.0-r7_all.ipk", - "size": 57045, + "size": 57042, "category": "network", "icon": "users", "description": "Client management and monitoring", @@ -66,7 +66,7 @@ "name": "luci-app-cyberfeed", "version": "0.1.1-r1", "filename": "luci-app-cyberfeed_0.1.1-r1_all.ipk", - "size": 12839, + "size": 12838, "category": "utility", "icon": "package", "description": "SecuBox package", @@ -90,7 +90,7 @@ "name": "luci-app-gitea", "version": "1.0.0-r2", "filename": "luci-app-gitea_1.0.0-r2_all.ipk", - "size": 15586, + "size": 15585, "category": "utility", "icon": "package", "description": "SecuBox package", @@ -102,7 +102,7 @@ "name": "luci-app-glances", "version": "1.0.0-r2", "filename": "luci-app-glances_1.0.0-r2_all.ipk", - "size": 6970, + "size": 6963, "category": "utility", "icon": "package", "description": "SecuBox package", @@ -126,7 +126,7 @@ "name": "luci-app-hexojs", "version": "1.0.0-r3", "filename": "luci-app-hexojs_1.0.0-r3_all.ipk", - "size": 32978, + "size": 32974, "category": "utility", "icon": "package", "description": "SecuBox package", @@ -138,7 +138,7 @@ "name": "luci-app-ksm-manager", "version": "0.4.0-r2", "filename": "luci-app-ksm-manager_0.4.0-r2_all.ipk", - "size": 18724, + "size": 18720, "category": "system", "icon": "cpu", "description": "Kernel memory management", @@ -150,7 +150,7 @@ "name": "luci-app-localai", "version": "0.1.0-r15", "filename": "luci-app-localai_0.1.0-r15_all.ipk", - "size": 14365, + "size": 14360, "category": "utility", "icon": "package", "description": "SecuBox package", @@ -162,7 +162,7 @@ "name": "luci-app-lyrion", "version": "1.0.0-r1", "filename": "luci-app-lyrion_1.0.0-r1_all.ipk", - "size": 6728, + "size": 6725, "category": "utility", "icon": "package", "description": "SecuBox package", @@ -174,7 +174,7 @@ "name": "luci-app-magicmirror2", "version": "0.4.0-r6", "filename": "luci-app-magicmirror2_0.4.0-r6_all.ipk", - "size": 12277, + "size": 12274, "category": "iot", "icon": "monitor", "description": "Smart mirror display", @@ -186,7 +186,7 @@ "name": "luci-app-mailinabox", "version": "1.0.0-r1", "filename": "luci-app-mailinabox_1.0.0-r1_all.ipk", - "size": 5484, + "size": 5481, "category": "utility", "icon": "package", "description": "SecuBox package", @@ -198,7 +198,7 @@ "name": "luci-app-media-flow", "version": "0.6.4-r1", "filename": "luci-app-media-flow_0.6.4-r1_all.ipk", - "size": 19117, + "size": 19120, "category": "media", "icon": "film", "description": "Media streaming", @@ -210,7 +210,7 @@ "name": "luci-app-metablogizer", "version": "1.0.0-r3", "filename": "luci-app-metablogizer_1.0.0-r3_all.ipk", - "size": 23506, + "size": 23503, "category": "utility", "icon": "package", "description": "SecuBox package", @@ -222,7 +222,7 @@ "name": "luci-app-metabolizer", "version": "1.0.0-r2", "filename": "luci-app-metabolizer_1.0.0-r2_all.ipk", - "size": 4759, + "size": 4756, "category": "utility", "icon": "package", "description": "SecuBox package", @@ -234,7 +234,7 @@ "name": "luci-app-mitmproxy", "version": "0.4.0-r6", "filename": "luci-app-mitmproxy_0.4.0-r6_all.ipk", - "size": 18934, + "size": 18933, "category": "security", "icon": "lock", "description": "HTTPS proxy and traffic inspection", @@ -246,7 +246,7 @@ "name": "luci-app-mmpm", "version": "0.2.0-r3", "filename": "luci-app-mmpm_0.2.0-r3_all.ipk", - "size": 7902, + "size": 7899, "category": "utility", "icon": "package", "description": "SecuBox package", @@ -258,7 +258,7 @@ "name": "luci-app-mqtt-bridge", "version": "0.4.0-r4", "filename": "luci-app-mqtt-bridge_0.4.0-r4_all.ipk", - "size": 22776, + "size": 22777, "category": "iot", "icon": "message-square", "description": "MQTT bridge", @@ -282,7 +282,7 @@ "name": "luci-app-netdata-dashboard", "version": "0.5.0-r2", "filename": "luci-app-netdata-dashboard_0.5.0-r2_all.ipk", - "size": 22398, + "size": 22396, "category": "monitoring", "icon": "bar-chart-2", "description": "System monitoring dashboard", @@ -294,7 +294,7 @@ "name": "luci-app-network-modes", "version": "0.5.0-r3", "filename": "luci-app-network-modes_0.5.0-r3_all.ipk", - "size": 55610, + "size": 55608, "category": "network", "icon": "wifi", "description": "Network configuration", @@ -306,7 +306,7 @@ "name": "luci-app-network-tweaks", "version": "1.0.0-r7", "filename": "luci-app-network-tweaks_1.0.0-r7_all.ipk", - "size": 15462, + "size": 15455, "category": "network", "icon": "wifi", "description": "Network configuration", @@ -330,7 +330,7 @@ "name": "luci-app-ollama", "version": "0.1.0-r1", "filename": "luci-app-ollama_0.1.0-r1_all.ipk", - "size": 11997, + "size": 11991, "category": "utility", "icon": "package", "description": "SecuBox package", @@ -342,7 +342,7 @@ "name": "luci-app-picobrew", "version": "1.0.0-r1", "filename": "luci-app-picobrew_1.0.0-r1_all.ipk", - "size": 9976, + "size": 9972, "category": "utility", "icon": "package", "description": "SecuBox package", @@ -366,7 +366,7 @@ "name": "luci-app-secubox-admin", "version": "1.0.0-r19", "filename": "luci-app-secubox-admin_1.0.0-r19_all.ipk", - "size": 57098, + "size": 57094, "category": "system", "icon": "box", "description": "SecuBox system component", @@ -378,7 +378,7 @@ "name": "luci-app-secubox-crowdsec", "version": "1.0.0-r3", "filename": "luci-app-secubox-crowdsec_1.0.0-r3_all.ipk", - "size": 13922, + "size": 13914, "category": "system", "icon": "box", "description": "SecuBox system component", @@ -390,7 +390,7 @@ "name": "luci-app-secubox-netdiag", "version": "1.0.0-r1", "filename": "luci-app-secubox-netdiag_1.0.0-r1_all.ipk", - "size": 11996, + "size": 12000, "category": "system", "icon": "box", "description": "SecuBox system component", @@ -402,7 +402,19 @@ "name": "luci-app-secubox-netifyd", "version": "1.2.1-r1", "filename": "luci-app-secubox-netifyd_1.2.1-r1_all.ipk", - "size": 39500, + "size": 39499, + "category": "system", + "icon": "box", + "description": "SecuBox system component", + "installed": false, + "luci_app": null + } +, + { + "name": "luci-app-secubox-p2p", + "version": "0.1.0-r1", + "filename": "luci-app-secubox-p2p_0.1.0-r1_all.ipk", + "size": 39254, "category": "system", "icon": "box", "description": "SecuBox system component", @@ -414,7 +426,7 @@ "name": "luci-app-secubox-portal", "version": "0.7.0-r2", "filename": "luci-app-secubox-portal_0.7.0-r2_all.ipk", - "size": 24557, + "size": 24553, "category": "system", "icon": "box", "description": "SecuBox system component", @@ -426,7 +438,7 @@ "name": "luci-app-secubox-security-threats", "version": "1.0.0-r4", "filename": "luci-app-secubox-security-threats_1.0.0-r4_all.ipk", - "size": 13905, + "size": 13899, "category": "system", "icon": "box", "description": "SecuBox system component", @@ -438,7 +450,7 @@ "name": "luci-app-service-registry", "version": "1.0.0-r1", "filename": "luci-app-service-registry_1.0.0-r1_all.ipk", - "size": 39828, + "size": 39826, "category": "utility", "icon": "package", "description": "SecuBox package", @@ -450,7 +462,7 @@ "name": "luci-app-streamlit", "version": "1.0.0-r9", "filename": "luci-app-streamlit_1.0.0-r9_all.ipk", - "size": 20474, + "size": 20470, "category": "utility", "icon": "package", "description": "SecuBox package", @@ -462,7 +474,7 @@ "name": "luci-app-system-hub", "version": "0.5.1-r4", "filename": "luci-app-system-hub_0.5.1-r4_all.ipk", - "size": 66350, + "size": 66345, "category": "system", "icon": "settings", "description": "System management", @@ -474,7 +486,7 @@ "name": "luci-app-tor-shield", "version": "1.0.0-r10", "filename": "luci-app-tor-shield_1.0.0-r10_all.ipk", - "size": 24540, + "size": 24532, "category": "utility", "icon": "package", "description": "SecuBox package", @@ -486,7 +498,7 @@ "name": "luci-app-traffic-shaper", "version": "0.4.0-r2", "filename": "luci-app-traffic-shaper_0.4.0-r2_all.ipk", - "size": 15636, + "size": 15635, "category": "network", "icon": "filter", "description": "Traffic shaping and QoS", @@ -498,7 +510,7 @@ "name": "luci-app-vhost-manager", "version": "0.5.0-r5", "filename": "luci-app-vhost-manager_0.5.0-r5_all.ipk", - "size": 26201, + "size": 26199, "category": "network", "icon": "server", "description": "Virtual host management", @@ -522,7 +534,7 @@ "name": "luci-app-zigbee2mqtt", "version": "1.0.0-r2", "filename": "luci-app-zigbee2mqtt_1.0.0-r2_all.ipk", - "size": 7091, + "size": 7085, "category": "iot", "icon": "radio", "description": "Zigbee device management", @@ -534,7 +546,7 @@ "name": "luci-theme-secubox", "version": "0.4.7-r1", "filename": "luci-theme-secubox_0.4.7-r1_all.ipk", - "size": 111797, + "size": 111793, "category": "theme", "icon": "palette", "description": "LuCI theme", @@ -546,7 +558,7 @@ "name": "secubox-app", "version": "1.0.0-r2", "filename": "secubox-app_1.0.0-r2_all.ipk", - "size": 11183, + "size": 11185, "category": "utility", "icon": "package", "description": "SecuBox package", @@ -558,7 +570,7 @@ "name": "secubox-app-adguardhome", "version": "1.0.0-r2", "filename": "secubox-app-adguardhome_1.0.0-r2_all.ipk", - "size": 2879, + "size": 2876, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -570,7 +582,7 @@ "name": "secubox-app-auth-logger", "version": "1.2.2-r1", "filename": "secubox-app-auth-logger_1.2.2-r1_all.ipk", - "size": 9377, + "size": 9378, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -582,7 +594,7 @@ "name": "secubox-app-crowdsec-custom", "version": "1.1.0-r1", "filename": "secubox-app-crowdsec-custom_1.1.0-r1_all.ipk", - "size": 5753, + "size": 5759, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -594,7 +606,7 @@ "name": "secubox-app-cs-firewall-bouncer", "version": "0.0.31-r4_aarch64", "filename": "secubox-app-cs-firewall-bouncer_0.0.31-r4_aarch64_cortex-a72.ipk", - "size": 5049323, + "size": 5049321, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -618,7 +630,7 @@ "name": "secubox-app-domoticz", "version": "1.0.0-r2", "filename": "secubox-app-domoticz_1.0.0-r2_all.ipk", - "size": 2545, + "size": 2544, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -630,7 +642,7 @@ "name": "secubox-app-exposure", "version": "1.0.0-r1", "filename": "secubox-app-exposure_1.0.0-r1_all.ipk", - "size": 6824, + "size": 6825, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -642,7 +654,7 @@ "name": "secubox-app-gitea", "version": "1.0.0-r5", "filename": "secubox-app-gitea_1.0.0-r5_all.ipk", - "size": 9401, + "size": 9406, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -654,7 +666,7 @@ "name": "secubox-app-glances", "version": "1.0.0-r1", "filename": "secubox-app-glances_1.0.0-r1_all.ipk", - "size": 5530, + "size": 5534, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -666,7 +678,7 @@ "name": "secubox-app-haproxy", "version": "1.0.0-r23", "filename": "secubox-app-haproxy_1.0.0-r23_all.ipk", - "size": 15675, + "size": 15682, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -678,7 +690,7 @@ "name": "secubox-app-hexojs", "version": "1.0.0-r8", "filename": "secubox-app-hexojs_1.0.0-r8_all.ipk", - "size": 94937, + "size": 94934, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -690,7 +702,7 @@ "name": "secubox-app-localai", "version": "2.25.0-r1", "filename": "secubox-app-localai_2.25.0-r1_all.ipk", - "size": 5709, + "size": 5712, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -702,7 +714,7 @@ "name": "secubox-app-localai-wb", "version": "2.25.0-r1", "filename": "secubox-app-localai-wb_2.25.0-r1_all.ipk", - "size": 7948, + "size": 7950, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -714,7 +726,7 @@ "name": "secubox-app-lyrion", "version": "2.0.2-r1", "filename": "secubox-app-lyrion_2.0.2-r1_all.ipk", - "size": 7286, + "size": 7285, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -738,7 +750,7 @@ "name": "secubox-app-mailinabox", "version": "2.0.0-r1", "filename": "secubox-app-mailinabox_2.0.0-r1_all.ipk", - "size": 7571, + "size": 7566, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -750,7 +762,7 @@ "name": "secubox-app-metabolizer", "version": "1.0.0-r3", "filename": "secubox-app-metabolizer_1.0.0-r3_all.ipk", - "size": 13973, + "size": 13979, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -762,7 +774,7 @@ "name": "secubox-app-mitmproxy", "version": "0.4.0-r16", "filename": "secubox-app-mitmproxy_0.4.0-r16_all.ipk", - "size": 10208, + "size": 10215, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -774,7 +786,7 @@ "name": "secubox-app-mmpm", "version": "0.2.0-r5", "filename": "secubox-app-mmpm_0.2.0-r5_all.ipk", - "size": 3977, + "size": 3974, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -786,7 +798,7 @@ "name": "secubox-app-nextcloud", "version": "1.0.0-r2", "filename": "secubox-app-nextcloud_1.0.0-r2_all.ipk", - "size": 2961, + "size": 2955, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -798,7 +810,7 @@ "name": "secubox-app-ollama", "version": "0.1.0-r1", "filename": "secubox-app-ollama_0.1.0-r1_all.ipk", - "size": 5732, + "size": 5733, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -810,7 +822,7 @@ "name": "secubox-app-picobrew", "version": "1.0.0-r7", "filename": "secubox-app-picobrew_1.0.0-r7_all.ipk", - "size": 5540, + "size": 5539, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -822,7 +834,7 @@ "name": "secubox-app-streamlit", "version": "1.0.0-r5", "filename": "secubox-app-streamlit_1.0.0-r5_all.ipk", - "size": 11721, + "size": 11717, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -834,7 +846,7 @@ "name": "secubox-app-tor", "version": "1.0.0-r1", "filename": "secubox-app-tor_1.0.0-r1_all.ipk", - "size": 7376, + "size": 7379, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -846,7 +858,7 @@ "name": "secubox-app-webapp", "version": "1.5.0-r7", "filename": "secubox-app-webapp_1.5.0-r7_all.ipk", - "size": 39167, + "size": 39169, "category": "secubox", "icon": "package", "description": "SecuBox backend service", @@ -870,7 +882,7 @@ "name": "secubox-core", "version": "0.10.0-r9", "filename": "secubox-core_0.10.0-r9_all.ipk", - "size": 80067, + "size": 80068, "category": "system", "icon": "box", "description": "SecuBox core components", @@ -880,9 +892,9 @@ , { "name": "secubox-p2p", - "version": "0.3.0-r1", - "filename": "secubox-p2p_0.3.0-r1_all.ipk", - "size": 16997, + "version": "0.4.0-r1", + "filename": "secubox-p2p_0.4.0-r1_all.ipk", + "size": 27891, "category": "utility", "icon": "package", "description": "SecuBox package", diff --git a/package/secubox/secubox-app-bonus/root/www/secubox-feed/luci-app-secubox-p2p_0.1.0-r1_all.ipk b/package/secubox/secubox-app-bonus/root/www/secubox-feed/luci-app-secubox-p2p_0.1.0-r1_all.ipk new file mode 100644 index 00000000..3520b6b5 Binary files /dev/null and b/package/secubox/secubox-app-bonus/root/www/secubox-feed/luci-app-secubox-p2p_0.1.0-r1_all.ipk differ diff --git a/package/secubox/secubox-app-bonus/root/www/secubox-feed/secubox-p2p_0.3.0-r1_all.ipk b/package/secubox/secubox-app-bonus/root/www/secubox-feed/secubox-p2p_0.3.0-r1_all.ipk deleted file mode 100644 index 5825da86..00000000 Binary files a/package/secubox/secubox-app-bonus/root/www/secubox-feed/secubox-p2p_0.3.0-r1_all.ipk and /dev/null differ diff --git a/package/secubox/secubox-app-bonus/root/www/secubox-feed/secubox-p2p_0.4.0-r1_all.ipk b/package/secubox/secubox-app-bonus/root/www/secubox-feed/secubox-p2p_0.4.0-r1_all.ipk new file mode 100644 index 00000000..aba204e6 Binary files /dev/null and b/package/secubox/secubox-app-bonus/root/www/secubox-feed/secubox-p2p_0.4.0-r1_all.ipk differ diff --git a/package/secubox/secubox-p2p/root/usr/lib/secubox/factory.sh b/package/secubox/secubox-p2p/root/usr/lib/secubox/factory.sh index 2e10088f..31a3c65c 100644 --- a/package/secubox/secubox-p2p/root/usr/lib/secubox/factory.sh +++ b/package/secubox/secubox-p2p/root/usr/lib/secubox/factory.sh @@ -23,20 +23,16 @@ factory_init_keys() { factory_init [ -f "$KEYFILE" ] && return 0 - # Check if signify-openbsd is available - if command -v signify-openbsd >/dev/null 2>&1; then - signify-openbsd -G -n -p "$PUBKEY" -s "$KEYFILE" - elif command -v signify >/dev/null 2>&1; then - signify -G -n -p "$PUBKEY" -s "$KEYFILE" - else - # Fallback: generate simple hash-based "signature" for systems without signify - # This is less secure but allows the system to function - local node_id=$(cat "$P2P_STATE_DIR/node.id" 2>/dev/null || cat /proc/sys/kernel/random/uuid | tr -d '-') - local rand=$(head -c 32 /dev/urandom | sha256sum | cut -d' ' -f1) - echo "secubox-factory-key:${node_id}:${rand}" > "$KEYFILE" - echo "secubox-factory-pub:${node_id}:$(echo "$rand" | sha256sum | cut -d' ' -f1)" > "$PUBKEY" - logger -t factory "WARNING: signify not available, using fallback key generation" - fi + # Generate keys using available method + # OpenWrt signify doesn't support -n flag, use fallback hash-based keys + # which provide integrity verification without full Ed25519 signing + local node_id=$(cat "$P2P_STATE_DIR/node.id" 2>/dev/null || cat /proc/sys/kernel/random/uuid | tr -d '-') + local rand=$(head -c 32 /dev/urandom 2>/dev/null | sha256sum | cut -d' ' -f1) + [ -z "$rand" ] && rand=$(date +%s%N | sha256sum | cut -d' ' -f1) + + # Create HMAC-style keypair for snapshot integrity + echo "secubox-factory-key:${node_id}:${rand}" > "$KEYFILE" + echo "secubox-factory-pub:${node_id}:$(echo "$rand" | sha256sum | cut -d' ' -f1)" > "$PUBKEY" chmod 600 "$KEYFILE" @@ -87,21 +83,9 @@ create_snapshot() { local sign_data="${merkle}|${ts}|${node_id}|${prev_hash}" local hash=$(echo "$sign_data" | sha256sum | cut -d' ' -f1) - # Sign with Ed25519 or fallback - local signature="" - if command -v signify-openbsd >/dev/null 2>&1; then - echo "$sign_data" | signify-openbsd -S -s "$KEYFILE" -m - -x /tmp/sig.tmp 2>/dev/null - signature=$(cat /tmp/sig.tmp 2>/dev/null | tail -1) - rm -f /tmp/sig.tmp - elif command -v signify >/dev/null 2>&1; then - echo "$sign_data" | signify -S -s "$KEYFILE" -m - -x /tmp/sig.tmp 2>/dev/null - signature=$(cat /tmp/sig.tmp 2>/dev/null | tail -1) - rm -f /tmp/sig.tmp - else - # Fallback: HMAC-style signature using key + data - local key_data=$(cat "$KEYFILE" 2>/dev/null) - signature=$(echo "${key_data}:${sign_data}" | sha256sum | cut -d' ' -f1) - fi + # HMAC-style signature using key + data + local key_data=$(cat "$KEYFILE" 2>/dev/null) + local signature=$(echo "${key_data}:${sign_data}" | sha256sum | cut -d' ' -f1) # Build snapshot JSON cat > "$SNAPSHOT_FILE" << EOF @@ -122,9 +106,10 @@ EOF # Verify snapshot signature verify_snapshot() { local snapshot_file="${1:-$SNAPSHOT_FILE}" - local pubkey="${2:-$PUBKEY}" + local keyfile="${2:-$KEYFILE}" [ -f "$snapshot_file" ] || { echo "missing"; return 1; } + [ -f "$keyfile" ] || { echo "no_key"; return 1; } local merkle=$(jsonfilter -i "$snapshot_file" -e '@.merkle_root' 2>/dev/null) local ts=$(jsonfilter -i "$snapshot_file" -e '@.timestamp' 2>/dev/null) @@ -133,36 +118,23 @@ verify_snapshot() { local signature=$(jsonfilter -i "$snapshot_file" -e '@.signature' 2>/dev/null) [ -z "$merkle" ] && { echo "invalid"; return 1; } + [ -z "$signature" ] && { echo "unsigned"; return 1; } local sign_data="${merkle}|${ts}|${node_id}|${prev_hash}" - # Verify signature - if command -v signify-openbsd >/dev/null 2>&1; then - echo "$signature" > /tmp/verify.sig - if echo "$sign_data" | signify-openbsd -V -p "$pubkey" -m - -x /tmp/verify.sig 2>/dev/null; then - rm -f /tmp/verify.sig - echo "valid" - return 0 - fi - rm -f /tmp/verify.sig - elif command -v signify >/dev/null 2>&1; then - echo "$signature" > /tmp/verify.sig - if echo "$sign_data" | signify -V -p "$pubkey" -m - -x /tmp/verify.sig 2>/dev/null; then - rm -f /tmp/verify.sig - echo "valid" - return 0 - fi - rm -f /tmp/verify.sig - else - # Fallback verification - local key_data=$(cat "$pubkey" 2>/dev/null) - # Extract secret from pubkey for fallback (not secure, but functional) - local expected=$(echo "${key_data}:${sign_data}" | sha256sum | cut -d' ' -f1) - # For fallback keys, the signature is a hash - verify merkle matches current + # HMAC-style verification using key + data + local key_data=$(cat "$keyfile" 2>/dev/null) + local expected=$(echo "${key_data}:${sign_data}" | sha256sum | cut -d' ' -f1) + + if [ "$signature" = "$expected" ]; then + # Also verify merkle matches current config local current_merkle=$(merkle_config) if [ "$merkle" = "$current_merkle" ]; then echo "valid" return 0 + else + echo "config_changed" + return 1 fi fi diff --git a/package/secubox/secubox-p2p/root/www/factory/index.html b/package/secubox/secubox-p2p/root/www/factory/index.html index 82c68e95..ac208b9b 100644 --- a/package/secubox/secubox-p2p/root/www/factory/index.html +++ b/package/secubox/secubox-p2p/root/www/factory/index.html @@ -140,14 +140,18 @@ let tools = []; let refreshInterval = null; - // API helpers + // API helpers - API runs on port 7331 + const apiBase = window.location.port === '7331' + ? '/factory/' + : 'http://' + window.location.hostname + ':7331/factory/'; + const api = { get: async (path) => { - const r = await fetch('/api/factory/' + path); + const r = await fetch(apiBase + path); return r.json(); }, post: async (path, body) => { - const r = await fetch('/api/factory/' + path, { + const r = await fetch(apiBase + path, { method: 'POST', headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(body)