docs: Document quick-access QR page and port conflict fix

- Added quick-access.secubox.in QR landing page to tracking - Documented MetaBlogizer port allocation race condition - Existing tools: check-ports, fix-ports commands - Fixed srvi/quick-access port 9013 conflict - Updated mitmproxy routes (127.0.0.1 → 192.168.255.1) - Added recommended improvements to backlog Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-03-15 19:46:30 +01:00 · 2026-03-15 19:46:30 +01:00 · b08e71fa7f
commit b08e71fa7f
parent c59f7cde0b
2 changed files with 38 additions and 2 deletions
--- a/.claude/HISTORY.md
+++ b/.claude/HISTORY.md
@ -1,8 +1,17 @@
 # SecuBox UI & Theme History
-_Last updated: 2026-03-15 (v1.0.0 Beta Release)_
+_Last updated: 2026-03-16 (Quick Access QR Page)_
-0. **SecuBox v1.0.0 Beta Release (2026-03-15)**
+0. **SecuBox Quick Access QR Page (2026-03-16)**
   - QR code landing page deployed at https://quick.secubox.in/
   - 6 QR codes: VM access (192.168.1.1 & 192.168.255.1), GitHub, Release, Droplet, Streamlit Forge
   - Default credentials section: root / c3box
   - Dark KISS theme with JavaScript QR generation
   - Fixed MetaBlogizer port conflict: srvi and quick-access both assigned port 9013
   - Documented port allocation race condition issue
   - Existing fix tools: `metablogizerctl check-ports` and `fix-ports`
 1. **SecuBox v1.0.0 Beta Release (2026-03-15)**
   - BETA-RELEASE.md: Complete security testing documentation
     - Attack surface overview (HAProxy, WAF, LXC, P2P layers)
     - High-value targets and secrets locations for pen testers
--- a/.claude/WIP.md
+++ b/.claude/WIP.md
@ -10,6 +10,33 @@ _Last updated: 2026-03-16 (Unified SMTP Relay)_
 ### 2026-03-16
 - **SecuBox v1.0.0-beta Quick Access Page (Complete)**
  - QR code landing page at https://quick.secubox.in/
  - QR codes for: VM Appliance (192.168.1.1), SecuBox Router (192.168.255.1), Documentation, Beta Release, Droplet Tool, Streamlit Forge
  - Default credentials displayed: root / c3box
  - Dark KISS theme matching SecuBox design
  - JavaScript QR generation using qrcode.js library
  - Deployed via MetaBlogizer on port 9013
 - **MetaBlogizer Port Conflict Analysis & Fix (Complete)**
  - **Root Cause**: `port_in_use()` function checks UCI config only, not running uhttpd processes
  - **Symptom**: Two sites (srvi, quick-access) assigned same port 9013 in UCI config
  - **Immediate Fix**:
    - Killed wrong uhttpd process, started correct one for quick-access
    - Reassigned srvi from port 9013 → 9014 in UCI config
    - Updated mitmproxy routes with correct IP (192.168.255.1, not 127.0.0.1)
  - **Existing Tools**: `metablogizerctl check-ports` and `fix-ports` commands
  - **Architectural Issues Identified**:
    1. Port allocation race condition between UCI commit and uhttpd reload
    2. No check for running processes, only UCI config
    3. mitmproxy routes using 127.0.0.1 fail (LXC can't reach host localhost)
  - **Recommended Improvements** (backlog):
    1. Add `/proc/net/tcp` check in `port_in_use()` for running processes
    2. Add port lockfile mechanism for atomic allocation
    3. Always use 192.168.255.1 for mitmproxy routes (never 127.0.0.1)
    4. Run `check-ports` in post-create hook automatically
  - Also fixed gateaucc duplicate (port 8991 → 9000)
 - **SecuBox v1.0.0 Version Bump (Complete)**
  - All major roadmap milestones achieved (v0.18, v0.19, v1.0, v1.1+)
  - Updated version strings: Makefile (1.0.0-r1), CLI tools, RPCD handlers, documentation