gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(packages): Add secubox-full meta-package and fix secubox-core

Browse Source 
- Add p2p-mesh.sh to secubox-core install (was missing, breaking master-link)
- Create secubox-full meta-package with tiered bundles:
  - secubox-core-bundle: Essential components
  - secubox-security-bundle: WAF/IDS/threat detection
  - secubox-services-bundle: HAProxy/DNS/web services
  - secubox-luci-bundle: All LuCI apps
  - secubox-full: Everything
- Update VM and firmware workflows to include secubox-core by default
- Add secubox-p2p, secubox-master-link, secubox-identity to default installs

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
CyberMind-FR 2026-03-20 13:46:13 +01:00
parent be27d758b0
commit ae3b2ab3b5
4 changed files with 233 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.github/workflows/build-secubox-images.yml vendored
View File

@ -391,9 +391,14 @@ jobs:
cd openwrt cd openwrt
cat >> .config << 'EOF' cat >> .config << 'EOF'
# SecuBox packages - Core # SecuBox packages - Core (REQUIRED)
CONFIG_PACKAGE_secubox-core=y
CONFIG_PACKAGE_secubox-app=y CONFIG_PACKAGE_secubox-app=y
CONFIG_PACKAGE_secubox-p2p=y
CONFIG_PACKAGE_secubox-master-link=y
CONFIG_PACKAGE_secubox-identity=y
CONFIG_PACKAGE_luci-app-secubox=y CONFIG_PACKAGE_luci-app-secubox=y
CONFIG_PACKAGE_luci-theme-secubox=y
CONFIG_PACKAGE_luci-app-system-hub=y CONFIG_PACKAGE_luci-app-system-hub=y
# SecuBox packages - Security & Monitoring # SecuBox packages - Security & Monitoring

7
.github/workflows/build-secubox-vm.yml vendored
View File

@ -327,10 +327,15 @@ jobs:
CONFIG_PACKAGE_openssh-sftp-server=y CONFIG_PACKAGE_openssh-sftp-server=y
# ============================================ # ============================================
# SecuBox Core Packages # SecuBox Core Packages (REQUIRED)
# ============================================ # ============================================
CONFIG_PACKAGE_secubox-core=y
CONFIG_PACKAGE_secubox-app=y CONFIG_PACKAGE_secubox-app=y
CONFIG_PACKAGE_secubox-p2p=y
CONFIG_PACKAGE_secubox-master-link=y
CONFIG_PACKAGE_secubox-identity=y
CONFIG_PACKAGE_luci-app-secubox=y CONFIG_PACKAGE_luci-app-secubox=y
CONFIG_PACKAGE_luci-theme-secubox=y
CONFIG_PACKAGE_luci-app-system-hub=y CONFIG_PACKAGE_luci-app-system-hub=y
CONFIG_PACKAGE_luci-app-metrics-dashboard=y CONFIG_PACKAGE_luci-app-metrics-dashboard=y

3
package/secubox/secubox-core/Makefile
View File

@ -109,9 +109,10 @@ define Package/secubox-core/install
$(INSTALL_DATA) ./root/etc/cron.d/secubox-integrity $(1)/etc/cron.d/ $(INSTALL_DATA) ./root/etc/cron.d/secubox-integrity $(1)/etc/cron.d/
$(INSTALL_DATA) ./root/etc/cron.d/secubox-stats-persist $(1)/etc/cron.d/ $(INSTALL_DATA) ./root/etc/cron.d/secubox-stats-persist $(1)/etc/cron.d/
# TFTP Mesh library # Core libraries (TFTP mesh, P2P mesh)
$(INSTALL_DIR) $(1)/usr/lib/secubox $(INSTALL_DIR) $(1)/usr/lib/secubox
$(INSTALL_DATA) ./root/usr/lib/secubox/tftp-mesh.sh $(1)/usr/lib/secubox/ $(INSTALL_DATA) ./root/usr/lib/secubox/tftp-mesh.sh $(1)/usr/lib/secubox/
$(INSTALL_DATA) ./root/usr/lib/secubox/p2p-mesh.sh $(1)/usr/lib/secubox/
# RPCD method modules # RPCD method modules
$(INSTALL_DIR) $(1)/usr/lib/secubox/rpcd.d $(INSTALL_DIR) $(1)/usr/lib/secubox/rpcd.d

219
package/secubox/secubox-full/Makefile Normal file
View File

@ -0,0 +1,219 @@
#
# SecuBox Full - Meta-package for complete SecuBox installation
#
include $(TOPDIR)/rules.mk
PKG_NAME:=secubox-full
PKG_VERSION:=1.0.0
PKG_RELEASE:=1
PKG_ARCH:=all
PKG_LICENSE:=GPL-2.0
PKG_MAINTAINER:=SecuBox Team
include $(INCLUDE_DIR)/package.mk
# ============================================================================
# Core Meta-Package - Essential components for any SecuBox deployment
# ============================================================================
define Package/secubox-core-bundle
SECTION:=admin
CATEGORY:=Administration
SUBMENU:=SecuBox
TITLE:=SecuBox Core Bundle (Essential)
DEPENDS:= \
+secubox-core \
+secubox-app \
+secubox-p2p \
+secubox-master-link \
+secubox-identity \
+secubox-vortex-firewall \
+secubox-vortex-dns \
+luci-app-secubox \
+luci-theme-secubox
PKGARCH:=all
endef
define Package/secubox-core-bundle/description
Essential SecuBox components for any deployment:
- Core framework and P2P mesh
- Master-link for device cloning
- Identity management
- Vortex DNS/Firewall protection
- LuCI dashboard and theme
endef
define Package/secubox-core-bundle/install
$(INSTALL_DIR) $(1)/etc/secubox
echo "secubox-core-bundle $(PKG_VERSION)-$(PKG_RELEASE)" > $(1)/etc/secubox/core-bundle.version
endef
# ============================================================================
# Security Bundle - WAF, CrowdSec, threat detection
# ============================================================================
define Package/secubox-security-bundle
SECTION:=admin
CATEGORY:=Administration
SUBMENU:=SecuBox
TITLE:=SecuBox Security Bundle (WAF/IDS)
DEPENDS:= \
+secubox-core-bundle \
+secubox-app-crowdsec \
+secubox-app-crowdsec-custom \
+secubox-app-mitmproxy \
+secubox-app-ipblocklist \
+secubox-dns-guard \
+secubox-app-cyberfeed \
+secubox-threat-analyst \
+secubox-network-anomaly \
+secubox-iot-guard \
+luci-app-secubox-security-threats
PKGARCH:=all
endef
define Package/secubox-security-bundle/description
Security-focused SecuBox components:
- CrowdSec IDS/IPS with custom scenarios
- MITMProxy WAF
- IP blocklist management
- DNS Guard for malware blocking
- Threat intelligence feeds
- Network anomaly detection
- IoT device protection
endef
define Package/secubox-security-bundle/install
$(INSTALL_DIR) $(1)/etc/secubox
echo "secubox-security-bundle $(PKG_VERSION)-$(PKG_RELEASE)" > $(1)/etc/secubox/security-bundle.version
endef
# ============================================================================
# Services Bundle - HAProxy, DNS, web services
# ============================================================================
define Package/secubox-services-bundle
SECTION:=admin
CATEGORY:=Administration
SUBMENU:=SecuBox
TITLE:=SecuBox Services Bundle (Web/DNS)
DEPENDS:= \
+secubox-core-bundle \
+secubox-app-haproxy \
+secubox-app-dns-provider \
+secubox-app-dns-master \
+secubox-app-tor \
+secubox-app-exposure \
+secubox-app-metablogizer \
+secubox-app-streamlit \
+secubox-app-hexojs \
+secubox-app-droplet
PKGARCH:=all
endef
define Package/secubox-services-bundle/description
Web services and exposure management:
- HAProxy reverse proxy with ACME SSL
- DNS provider API integration
- Tor hidden services
- Service exposure management
- MetaBlogizer static sites
- Streamlit apps
- HexoJS blogs
- Droplet file sharing
endef
define Package/secubox-services-bundle/install
$(INSTALL_DIR) $(1)/etc/secubox
echo "secubox-services-bundle $(PKG_VERSION)-$(PKG_RELEASE)" > $(1)/etc/secubox/services-bundle.version
endef
# ============================================================================
# LuCI Bundle - All LuCI apps
# ============================================================================
define Package/secubox-luci-bundle
SECTION:=admin
CATEGORY:=Administration
SUBMENU:=SecuBox
TITLE:=SecuBox LuCI Bundle (All UI apps)
DEPENDS:= \
+luci-app-secubox \
+luci-app-secubox-admin \
+luci-app-secubox-mirror \
+luci-app-secubox-netdiag \
+luci-app-secubox-netifyd \
+luci-app-secubox-p2p \
+luci-app-secubox-portal \
+luci-app-secubox-security-threats \
+luci-app-secubox-users \
+luci-theme-secubox
PKGARCH:=all
endef
define Package/secubox-luci-bundle/description
All SecuBox LuCI web interface apps:
- Main dashboard
- Admin control center
- Network diagnostics
- P2P mesh management
- Captive portal
- Security threats
- User management
- SecuBox theme
endef
define Package/secubox-luci-bundle/install
$(INSTALL_DIR) $(1)/etc/secubox
echo "secubox-luci-bundle $(PKG_VERSION)-$(PKG_RELEASE)" > $(1)/etc/secubox/luci-bundle.version
endef
# ============================================================================
# Full Bundle - Everything
# ============================================================================
define Package/secubox-full
SECTION:=admin
CATEGORY:=Administration
SUBMENU:=SecuBox
TITLE:=SecuBox Full (All components)
DEPENDS:= \
+secubox-core-bundle \
+secubox-security-bundle \
+secubox-services-bundle \
+secubox-luci-bundle \
+secubox-app-auth-logger \
+secubox-app-backup \
+secubox-app-config-vault \
+secubox-app-device-intel \
+secubox-app-netifyd \
+secubox-app-reporter \
+secubox-app-watchdog \
+secubox-console \
+secubox-config-advisor
PKGARCH:=all
endef
define Package/secubox-full/description
Complete SecuBox installation with ALL components:
- Core framework and mesh networking
- Full security stack (WAF, IDS, threat intel)
- Web services and reverse proxy
- All LuCI management apps
- Monitoring and diagnostics
- Backup and recovery tools
This is the reference meta-package for complete SecuBox deployments.
endef
define Package/secubox-full/install
$(INSTALL_DIR) $(1)/etc/secubox
echo "secubox-full $(PKG_VERSION)-$(PKG_RELEASE)" > $(1)/etc/secubox/full.version
# Create marker file for full installation
touch $(1)/etc/secubox/.full-install
endef
define Build/Compile
endef
$(eval $(call BuildPackage,secubox-core-bundle))
$(eval $(call BuildPackage,secubox-security-bundle))
$(eval $(call BuildPackage,secubox-services-bundle))
$(eval $(call BuildPackage,secubox-luci-bundle))
$(eval $(call BuildPackage,secubox-full))