feat(packages): Add secubox-full meta-package and fix secubox-core

- Add p2p-mesh.sh to secubox-core install (was missing, breaking master-link) - Create secubox-full meta-package with tiered bundles: - secubox-core-bundle: Essential components - secubox-security-bundle: WAF/IDS/threat detection - secubox-services-bundle: HAProxy/DNS/web services - secubox-luci-bundle: All LuCI apps - secubox-full: Everything - Update VM and firmware workflows to include secubox-core by default - Add secubox-p2p, secubox-master-link, secubox-identity to default installs Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-03-20 13:46:13 +01:00 · 2026-03-20 13:46:13 +01:00 · ae3b2ab3b5
commit ae3b2ab3b5
parent be27d758b0
4 changed files with 233 additions and 3 deletions
--- a/.github/workflows/build-secubox-images.yml
+++ b/.github/workflows/build-secubox-images.yml
@ -391,9 +391,14 @@ jobs:
          cd openwrt

          cat >> .config << 'EOF'
-          # SecuBox packages - Core
+          # SecuBox packages - Core (REQUIRED)
+          CONFIG_PACKAGE_secubox-core=y
          CONFIG_PACKAGE_secubox-app=y
+          CONFIG_PACKAGE_secubox-p2p=y
+          CONFIG_PACKAGE_secubox-master-link=y
+          CONFIG_PACKAGE_secubox-identity=y
          CONFIG_PACKAGE_luci-app-secubox=y
+          CONFIG_PACKAGE_luci-theme-secubox=y
          CONFIG_PACKAGE_luci-app-system-hub=y

          # SecuBox packages - Security & Monitoring
--- a/.github/workflows/build-secubox-vm.yml
+++ b/.github/workflows/build-secubox-vm.yml
@ -327,10 +327,15 @@ jobs:
          CONFIG_PACKAGE_openssh-sftp-server=y

          # ============================================
-          # SecuBox Core Packages
+          # SecuBox Core Packages (REQUIRED)
          # ============================================
+          CONFIG_PACKAGE_secubox-core=y
          CONFIG_PACKAGE_secubox-app=y
+          CONFIG_PACKAGE_secubox-p2p=y
+          CONFIG_PACKAGE_secubox-master-link=y
+          CONFIG_PACKAGE_secubox-identity=y
          CONFIG_PACKAGE_luci-app-secubox=y
+          CONFIG_PACKAGE_luci-theme-secubox=y
          CONFIG_PACKAGE_luci-app-system-hub=y
          CONFIG_PACKAGE_luci-app-metrics-dashboard=y

--- a/package/secubox/secubox-core/Makefile
+++ b/package/secubox/secubox-core/Makefile
@ -109,9 +109,10 @@ define Package/secubox-core/install
 	$(INSTALL_DATA) ./root/etc/cron.d/secubox-integrity $(1)/etc/cron.d/
 	$(INSTALL_DATA) ./root/etc/cron.d/secubox-stats-persist $(1)/etc/cron.d/

-	# TFTP Mesh library
+	# Core libraries (TFTP mesh, P2P mesh)
 	$(INSTALL_DIR) $(1)/usr/lib/secubox
 	$(INSTALL_DATA) ./root/usr/lib/secubox/tftp-mesh.sh $(1)/usr/lib/secubox/
+	$(INSTALL_DATA) ./root/usr/lib/secubox/p2p-mesh.sh $(1)/usr/lib/secubox/

 	# RPCD method modules
 	$(INSTALL_DIR) $(1)/usr/lib/secubox/rpcd.d
--- a/package/secubox/secubox-full/Makefile
+++ b/package/secubox/secubox-full/Makefile
@ -0,0 +1,219 @@
+#
+# SecuBox Full - Meta-package for complete SecuBox installation
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=secubox-full
+PKG_VERSION:=1.0.0
+PKG_RELEASE:=1
+PKG_ARCH:=all
+PKG_LICENSE:=GPL-2.0
+PKG_MAINTAINER:=SecuBox Team
+
+include $(INCLUDE_DIR)/package.mk
+
+# ============================================================================
+# Core Meta-Package - Essential components for any SecuBox deployment
+# ============================================================================
+define Package/secubox-core-bundle
+  SECTION:=admin
+  CATEGORY:=Administration
+  SUBMENU:=SecuBox
+  TITLE:=SecuBox Core Bundle (Essential)
+  DEPENDS:= \
+	+secubox-core \
+	+secubox-app \
+	+secubox-p2p \
+	+secubox-master-link \
+	+secubox-identity \
+	+secubox-vortex-firewall \
+	+secubox-vortex-dns \
+	+luci-app-secubox \
+	+luci-theme-secubox
+  PKGARCH:=all
+endef
+
+define Package/secubox-core-bundle/description
+  Essential SecuBox components for any deployment:
+  - Core framework and P2P mesh
+  - Master-link for device cloning
+  - Identity management
+  - Vortex DNS/Firewall protection
+  - LuCI dashboard and theme
+endef
+
+define Package/secubox-core-bundle/install
+	$(INSTALL_DIR) $(1)/etc/secubox
+	echo "secubox-core-bundle $(PKG_VERSION)-$(PKG_RELEASE)" > $(1)/etc/secubox/core-bundle.version
+endef
+
+# ============================================================================
+# Security Bundle - WAF, CrowdSec, threat detection
+# ============================================================================
+define Package/secubox-security-bundle
+  SECTION:=admin
+  CATEGORY:=Administration
+  SUBMENU:=SecuBox
+  TITLE:=SecuBox Security Bundle (WAF/IDS)
+  DEPENDS:= \
+	+secubox-core-bundle \
+	+secubox-app-crowdsec \
+	+secubox-app-crowdsec-custom \
+	+secubox-app-mitmproxy \
+	+secubox-app-ipblocklist \
+	+secubox-dns-guard \
+	+secubox-app-cyberfeed \
+	+secubox-threat-analyst \
+	+secubox-network-anomaly \
+	+secubox-iot-guard \
+	+luci-app-secubox-security-threats
+  PKGARCH:=all
+endef
+
+define Package/secubox-security-bundle/description
+  Security-focused SecuBox components:
+  - CrowdSec IDS/IPS with custom scenarios
+  - MITMProxy WAF
+  - IP blocklist management
+  - DNS Guard for malware blocking
+  - Threat intelligence feeds
+  - Network anomaly detection
+  - IoT device protection
+endef
+
+define Package/secubox-security-bundle/install
+	$(INSTALL_DIR) $(1)/etc/secubox
+	echo "secubox-security-bundle $(PKG_VERSION)-$(PKG_RELEASE)" > $(1)/etc/secubox/security-bundle.version
+endef
+
+# ============================================================================
+# Services Bundle - HAProxy, DNS, web services
+# ============================================================================
+define Package/secubox-services-bundle
+  SECTION:=admin
+  CATEGORY:=Administration
+  SUBMENU:=SecuBox
+  TITLE:=SecuBox Services Bundle (Web/DNS)
+  DEPENDS:= \
+	+secubox-core-bundle \
+	+secubox-app-haproxy \
+	+secubox-app-dns-provider \
+	+secubox-app-dns-master \
+	+secubox-app-tor \
+	+secubox-app-exposure \
+	+secubox-app-metablogizer \
+	+secubox-app-streamlit \
+	+secubox-app-hexojs \
+	+secubox-app-droplet
+  PKGARCH:=all
+endef
+
+define Package/secubox-services-bundle/description
+  Web services and exposure management:
+  - HAProxy reverse proxy with ACME SSL
+  - DNS provider API integration
+  - Tor hidden services
+  - Service exposure management
+  - MetaBlogizer static sites
+  - Streamlit apps
+  - HexoJS blogs
+  - Droplet file sharing
+endef
+
+define Package/secubox-services-bundle/install
+	$(INSTALL_DIR) $(1)/etc/secubox
+	echo "secubox-services-bundle $(PKG_VERSION)-$(PKG_RELEASE)" > $(1)/etc/secubox/services-bundle.version
+endef
+
+# ============================================================================
+# LuCI Bundle - All LuCI apps
+# ============================================================================
+define Package/secubox-luci-bundle
+  SECTION:=admin
+  CATEGORY:=Administration
+  SUBMENU:=SecuBox
+  TITLE:=SecuBox LuCI Bundle (All UI apps)
+  DEPENDS:= \
+	+luci-app-secubox \
+	+luci-app-secubox-admin \
+	+luci-app-secubox-mirror \
+	+luci-app-secubox-netdiag \
+	+luci-app-secubox-netifyd \
+	+luci-app-secubox-p2p \
+	+luci-app-secubox-portal \
+	+luci-app-secubox-security-threats \
+	+luci-app-secubox-users \
+	+luci-theme-secubox
+  PKGARCH:=all
+endef
+
+define Package/secubox-luci-bundle/description
+  All SecuBox LuCI web interface apps:
+  - Main dashboard
+  - Admin control center
+  - Network diagnostics
+  - P2P mesh management
+  - Captive portal
+  - Security threats
+  - User management
+  - SecuBox theme
+endef
+
+define Package/secubox-luci-bundle/install
+	$(INSTALL_DIR) $(1)/etc/secubox
+	echo "secubox-luci-bundle $(PKG_VERSION)-$(PKG_RELEASE)" > $(1)/etc/secubox/luci-bundle.version
+endef
+
+# ============================================================================
+# Full Bundle - Everything
+# ============================================================================
+define Package/secubox-full
+  SECTION:=admin
+  CATEGORY:=Administration
+  SUBMENU:=SecuBox
+  TITLE:=SecuBox Full (All components)
+  DEPENDS:= \
+	+secubox-core-bundle \
+	+secubox-security-bundle \
+	+secubox-services-bundle \
+	+secubox-luci-bundle \
+	+secubox-app-auth-logger \
+	+secubox-app-backup \
+	+secubox-app-config-vault \
+	+secubox-app-device-intel \
+	+secubox-app-netifyd \
+	+secubox-app-reporter \
+	+secubox-app-watchdog \
+	+secubox-console \
+	+secubox-config-advisor
+  PKGARCH:=all
+endef
+
+define Package/secubox-full/description
+  Complete SecuBox installation with ALL components:
+  - Core framework and mesh networking
+  - Full security stack (WAF, IDS, threat intel)
+  - Web services and reverse proxy
+  - All LuCI management apps
+  - Monitoring and diagnostics
+  - Backup and recovery tools
+
+  This is the reference meta-package for complete SecuBox deployments.
+endef
+
+define Package/secubox-full/install
+	$(INSTALL_DIR) $(1)/etc/secubox
+	echo "secubox-full $(PKG_VERSION)-$(PKG_RELEASE)" > $(1)/etc/secubox/full.version
+	# Create marker file for full installation
+	touch $(1)/etc/secubox/.full-install
+endef
+
+define Build/Compile
+endef
+
+$(eval $(call BuildPackage,secubox-core-bundle))
+$(eval $(call BuildPackage,secubox-security-bundle))
+$(eval $(call BuildPackage,secubox-services-bundle))
+$(eval $(call BuildPackage,secubox-luci-bundle))
+$(eval $(call BuildPackage,secubox-full))