diff --git a/.claude/HISTORY.md b/.claude/HISTORY.md index 155edca6..0c40a94e 100644 --- a/.claude/HISTORY.md +++ b/.claude/HISTORY.md @@ -3522,3 +3522,23 @@ git checkout HEAD -- index.html - `handleGenerateBulkTokens()`, `handleCopyAllTokens()`, `refreshFactory()` - **Polling:** Factory data included in 5-second refresh when on Factory tab - **UI Pattern:** KISS theme components (stat boxes, cards, tables, buttons) + +29. **Cloner Image Builder Version/Profile Support (2026-02-25)** + - Enhanced `secubox-cloner` CLI with OpenWrt version selection and package profiles + - **New CLI Options:** + - `--version VER`: Select OpenWrt version (24.10.5, 24.10.0, 23.05.5, 23.05.4) + - `--profile PROFILE`: Select package profile (slim, core, full) + - `secubox-cloner versions`: List available versions and profiles + - **Package Profiles:** + - `slim`: Minimal OpenWrt (LuCI + network essentials only) + - `core`: Slim + SecuBox mesh (master-link, p2p, secubox-core) + - `full`: Clone all installed SecuBox packages from current device + - **New RPCD Methods:** + - `list_versions`: Returns available OpenWrt versions with latest flag + - `list_build_profiles`: Returns available package profiles with descriptions + - `build_image`: Now accepts `version` and `profile` parameters + - **Files Modified:** + - `secubox-core/root/usr/sbin/secubox-cloner`: Added version/profile parsing and build_via_asu profile logic + - `luci-app-cloner/root/usr/libexec/rpcd/luci.cloner`: Added list_versions, list_build_profiles, updated build_image + - `luci-app-cloner/root/usr/share/rpcd/acl.d/luci-app-cloner.json`: Added permissions for new methods + - **Tested:** CLI help, versions command, RPCD methods via ubus all working diff --git a/package/secubox/luci-app-cloner/root/usr/libexec/rpcd/luci.cloner b/package/secubox/luci-app-cloner/root/usr/libexec/rpcd/luci.cloner index 5dba3b29..ccea0902 100755 --- a/package/secubox/luci-app-cloner/root/usr/libexec/rpcd/luci.cloner +++ b/package/secubox/luci-app-cloner/root/usr/libexec/rpcd/luci.cloner @@ -234,23 +234,30 @@ EOF } do_build_image() { - local input device_type + local input device_type version profile read input device_type=$(echo "$input" | jsonfilter -e '@.device_type' 2>/dev/null) + version=$(echo "$input" | jsonfilter -e '@.version' 2>/dev/null) + profile=$(echo "$input" | jsonfilter -e '@.profile' 2>/dev/null) + + # Defaults + [ -z "$version" ] && version="24.10.5" + [ -z "$profile" ] && profile="slim" json_init if [ -x /usr/sbin/secubox-cloner ]; then - if [ -n "$device_type" ]; then - (/usr/sbin/secubox-cloner build "$device_type" 2>&1 > /tmp/cloner-build.log) & - json_add_boolean "success" 1 - json_add_string "message" "Build started for $device_type" - else - (/usr/sbin/secubox-cloner build 2>&1 > /tmp/cloner-build.log) & - json_add_boolean "success" 1 - json_add_string "message" "Build started for current device" - fi + local cmd_args="" + [ -n "$device_type" ] && cmd_args="$cmd_args --device $device_type" + cmd_args="$cmd_args --version $version --profile $profile" + + (/usr/sbin/secubox-cloner build $cmd_args 2>&1 > /tmp/cloner-build.log) & + json_add_boolean "success" 1 + json_add_string "message" "Build started: ${device_type:-auto} / $version / $profile" + json_add_string "device" "${device_type:-auto}" + json_add_string "version" "$version" + json_add_string "profile" "$profile" else json_add_boolean "success" 0 json_add_string "message" "secubox-cloner not installed" @@ -291,6 +298,68 @@ do_list_devices() { json_dump } +do_list_versions() { + json_init + json_add_array "versions" + + json_add_object "" + json_add_string "id" "24.10.5" + json_add_string "name" "OpenWrt 24.10.5" + json_add_boolean "latest" 1 + json_close_object + + json_add_object "" + json_add_string "id" "24.10.0" + json_add_string "name" "OpenWrt 24.10.0" + json_add_boolean "latest" 0 + json_close_object + + json_add_object "" + json_add_string "id" "23.05.5" + json_add_string "name" "OpenWrt 23.05.5 (LTS)" + json_add_boolean "latest" 0 + json_close_object + + json_add_object "" + json_add_string "id" "23.05.4" + json_add_string "name" "OpenWrt 23.05.4 (LTS)" + json_add_boolean "latest" 0 + json_close_object + + json_close_array + json_add_string "default" "24.10.5" + json_dump +} + +do_list_build_profiles() { + json_init + json_add_array "profiles" + + json_add_object "" + json_add_string "id" "slim" + json_add_string "name" "Slim" + json_add_string "description" "Minimal OpenWrt (LuCI + network essentials)" + json_add_boolean "default" 1 + json_close_object + + json_add_object "" + json_add_string "id" "core" + json_add_string "name" "Core" + json_add_string "description" "Slim + SecuBox mesh (master-link, p2p)" + json_add_boolean "default" 0 + json_close_object + + json_add_object "" + json_add_string "id" "full" + json_add_string "name" "Full" + json_add_string "description" "All SecuBox packages from current device" + json_add_boolean "default" 0 + json_close_object + + json_close_array + json_dump +} + do_tftp_start() { json_init @@ -1502,6 +1571,8 @@ case "$1" in echo '"list_tokens":{},' echo '"list_clones":{},' echo '"list_devices":{},' + echo '"list_versions":{},' + echo '"list_build_profiles":{},' echo '"build_progress":{},' echo '"build_log":{"lines":"Number","offset":"Number"},' echo '"serial_ports":{},' @@ -1516,7 +1587,7 @@ case "$1" in echo '"image_details":{"name":"String"},' echo '"image_rename":{"old_name":"String","new_name":"String"},' echo '"generate_token":{"auto_approve":"Boolean"},' - echo '"build_image":{"device_type":"String"},' + echo '"build_image":{"device_type":"String","version":"String","profile":"String"},' echo '"tftp_start":{},' echo '"tftp_stop":{},' echo '"delete_token":{"token":"String"},' @@ -1550,6 +1621,8 @@ case "$1" in list_tokens) do_list_tokens ;; list_clones) do_list_clones ;; list_devices) do_list_devices ;; + list_versions) do_list_versions ;; + list_build_profiles) do_list_build_profiles ;; build_progress) do_build_progress ;; build_log) do_build_log ;; serial_ports) do_serial_ports ;; diff --git a/package/secubox/luci-app-cloner/root/usr/share/rpcd/acl.d/luci-app-cloner.json b/package/secubox/luci-app-cloner/root/usr/share/rpcd/acl.d/luci-app-cloner.json index 67d3ebc1..8d87d3e1 100644 --- a/package/secubox/luci-app-cloner/root/usr/share/rpcd/acl.d/luci-app-cloner.json +++ b/package/secubox/luci-app-cloner/root/usr/share/rpcd/acl.d/luci-app-cloner.json @@ -5,6 +5,7 @@ "ubus": { "luci.cloner": [ "status", "list_images", "list_tokens", "list_clones", "list_devices", + "list_versions", "list_build_profiles", "build_progress", "build_log", "serial_ports", "serial_read", "history_list", "storage_info", "image_details", "list_remotes", "remote_status", "scan_network", diff --git a/package/secubox/secubox-core/root/usr/sbin/secubox-cloner b/package/secubox/secubox-core/root/usr/sbin/secubox-cloner index 7f23b743..652ddd5b 100755 --- a/package/secubox/secubox-core/root/usr/sbin/secubox-cloner +++ b/package/secubox/secubox-core/root/usr/sbin/secubox-cloner @@ -6,7 +6,11 @@ # Cloned devices auto-resize root and join mesh as peers. # # Usage: -# secubox-cloner build [--device TYPE] [--resize SIZE] Build clone image +# secubox-cloner build [OPTIONS] Build clone image via ASU API +# --device TYPE Device type (mochabin, x86-64, etc.) +# --version VER OpenWrt version (24.10.5, 24.10.0, snapshot) +# --profile PROFILE Package profile (slim, core, full) +# secubox-cloner versions List available OpenWrt versions # secubox-cloner serve [--start|--stop] Manage TFTP clone server # secubox-cloner devices List supported device types # secubox-cloner token [--auto-approve] Generate clone join token @@ -14,8 +18,17 @@ # secubox-cloner list List pending/joined clones # secubox-cloner export [FILE] Export clone image to file # +# Package Profiles: +# slim - Minimal OpenWrt (LuCI + network essentials only) +# core - Slim + SecuBox core (mesh, master-link, p2p) +# full - Current device's installed SecuBox packages +# -VERSION="1.0.0" +VERSION="1.1.0" + +# Available OpenWrt versions (latest first) +OPENWRT_VERSIONS="24.10.5 24.10.0 23.05.5 23.05.4" +DEFAULT_VERSION="24.10.5" # Directories CLONE_DIR="/srv/secubox/clone" @@ -99,6 +112,8 @@ get_device_id() { build_image() { local device_type="${1:-}" local resize_target="${2:-}" + local openwrt_version="${3:-$DEFAULT_VERSION}" + local pkg_profile="${4:-slim}" log "Building clone image..." @@ -138,7 +153,7 @@ build_image() { # Try to build via ASU API if curl is available if command -v curl >/dev/null 2>&1; then log "Building image via ASU API..." - build_via_asu "$device_type" "$image_path" || { + build_via_asu "$device_type" "$image_path" "$openwrt_version" "$pkg_profile" || { warn "ASU build failed, trying local export..." build_local_export "$image_path" } @@ -197,9 +212,34 @@ list_devices() { echo "" } +# List available OpenWrt versions +list_versions() { + echo "" + echo -e "${BOLD}Available OpenWrt Versions${NC}" + echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" + local first=1 + for ver in $OPENWRT_VERSIONS; do + if [ "$first" = "1" ]; then + echo " $ver ← latest (default)" + first=0 + else + echo " $ver" + fi + done + echo "" + echo -e "${BOLD}Package Profiles${NC}" + echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" + echo " slim Minimal OpenWrt (LuCI + network essentials)" + echo " core Slim + SecuBox mesh (master-link, p2p)" + echo " full Current device's SecuBox packages" + echo "" +} + build_via_asu() { local device_type="$1" local output="$2" + local openwrt_version="${3:-$DEFAULT_VERSION}" + local pkg_profile="${4:-slim}" # Map device type to ASU profile local target="" @@ -228,14 +268,47 @@ build_via_asu() { ;; esac - # Get installed packages (for cloning same config) - local packages=$(opkg list-installed 2>/dev/null | awk '{print $1}' | grep -v "^kernel" | tr '\n' ' ') + # Build package list based on profile + local clone_packages="" - # Minimal clone packages (core system + SecuBox essentials) - # Use -dnsmasq to remove default and replace with dnsmasq-full - local clone_packages="-dnsmasq dnsmasq-full luci luci-ssl curl wget-ssl ca-certificates" - clone_packages="$clone_packages wireguard-tools luci-proto-wireguard" - clone_packages="$clone_packages block-mount e2fsprogs" + case "$pkg_profile" in + slim) + # Minimal: just LuCI + network essentials + clone_packages="-dnsmasq dnsmasq-full luci luci-ssl" + clone_packages="$clone_packages curl wget-ssl ca-certificates" + clone_packages="$clone_packages wireguard-tools luci-proto-wireguard" + clone_packages="$clone_packages block-mount e2fsprogs" + log "Profile: slim (minimal OpenWrt)" + ;; + core) + # Slim + SecuBox core packages + clone_packages="-dnsmasq dnsmasq-full luci luci-ssl" + clone_packages="$clone_packages curl wget-ssl ca-certificates" + clone_packages="$clone_packages wireguard-tools luci-proto-wireguard" + clone_packages="$clone_packages block-mount e2fsprogs" + clone_packages="$clone_packages luci-app-secubox luci-theme-secubox" + clone_packages="$clone_packages secubox-core secubox-master-link secubox-p2p" + log "Profile: core (SecuBox mesh essentials)" + ;; + full) + # Clone all installed SecuBox packages + clone_packages="-dnsmasq dnsmasq-full luci luci-ssl" + clone_packages="$clone_packages curl wget-ssl ca-certificates" + clone_packages="$clone_packages wireguard-tools luci-proto-wireguard" + clone_packages="$clone_packages block-mount e2fsprogs" + # Add all installed SecuBox and LuCI packages + local secubox_pkgs=$(opkg list-installed 2>/dev/null | awk '{print $1}' | grep -E "^secubox-|^luci-app-secubox|^luci-theme-secubox" | tr '\n' ' ') + clone_packages="$clone_packages $secubox_pkgs" + log "Profile: full (all SecuBox from current device)" + ;; + *) + warn "Unknown profile: $pkg_profile, using slim" + clone_packages="-dnsmasq dnsmasq-full luci luci-ssl curl wget-ssl ca-certificates wireguard-tools" + ;; + esac + + log "OpenWrt version: $openwrt_version" + log "Target: $target / $profile" # Convert packages string to JSON array local packages_json=$(echo "$clone_packages" | tr ' ' '\n' | grep -v '^$' | sed 's/.*/"&"/' | tr '\n' ',' | sed 's/,$//') @@ -246,10 +319,10 @@ build_via_asu() { { "profile": "$profile", "target": "$target", - "version": "24.10.0", + "version": "$openwrt_version", "packages": [$packages_json], "rootfs_size_mb": 512, - "client": "secubox-cloner/1.0" + "client": "secubox-cloner/$VERSION" } EOF @@ -859,13 +932,26 @@ SecuBox Cloner - On-device clone image builder and server Usage: secubox-cloner [options] Commands: - build [--resize SIZE] Build clone image for current device type + build [OPTIONS] Build clone image via ASU API + versions List available OpenWrt versions and profiles + devices List supported device types serve [--start|--stop] Manage TFTP clone server token [--auto-approve] Generate clone join token (24h TTL) status Show cloner status (images, tokens, clones) list List pending and joined clones export [FILE] Export clone image to file +Build Options: + --device TYPE Device type (mochabin, x86-64, etc.) + --version VER OpenWrt version (default: 24.10.5) + --profile PROFILE Package profile: slim, core, full (default: slim) + --resize SIZE Pre-resize image (e.g., 16G for eMMC) + +Package Profiles: + slim Minimal OpenWrt (LuCI + network essentials only) + core Slim + SecuBox mesh (master-link, p2p, core) + full All SecuBox packages from current device + Serial Flash Commands: flash detect Detect available serial ports flash break [PORT] Send break to enter U-Boot @@ -874,34 +960,32 @@ Serial Flash Commands: flash run [PORT] [IMAGE] Send U-Boot flash commands flash uboot Print manual U-Boot commands -Options: - --resize SIZE Pre-resize image (e.g., 16G for eMMC) - --auto-approve Token auto-approves clone join (no manual step) - Examples: - # Build and serve clone image - secubox-cloner build + # Build slim image with latest OpenWrt + secubox-cloner build --profile slim + + # Build core image with specific version + secubox-cloner build --version 24.10.0 --profile core + + # Build full clone (all SecuBox packages) + secubox-cloner build --device x86-64 --profile full + + # List available versions + secubox-cloner versions + + # Start TFTP server secubox-cloner serve --start - # Flash a clone device via serial + # Flash via serial secubox-cloner flash break # Enter U-Boot on target secubox-cloner flash run # Send TFTP flash commands - secubox-cloner flash console # Monitor progress - - # Generate auto-approve token - secubox-cloner token --auto-approve - - # Check status - secubox-cloner status - - # Export for USB transfer - secubox-cloner export /mnt/usb/clone.img.gz Clone Workflow: - 1. Master: secubox-cloner build && secubox-cloner serve --start - 2. Target: Boot via TFTP (U-Boot commands shown after serve) - 3. Target auto-resizes root and joins mesh - 4. Master: secubox-cloner list (shows new clone) + 1. Master: secubox-cloner build --profile core + 2. Master: secubox-cloner serve --start + 3. Target: Boot via TFTP (U-Boot commands shown after serve) + 4. Target auto-resizes root and joins mesh + 5. Master: secubox-cloner list (shows new clone) EOF } @@ -914,21 +998,30 @@ case "${1:-}" in shift device_type="" resize="" + version="$DEFAULT_VERSION" + profile="slim" while [ $# -gt 0 ]; do case "$1" in --device|-d) device_type="$2"; shift 2 ;; --resize) resize="$2"; shift 2 ;; + --version|-v) version="$2"; shift 2 ;; + --profile|-p) profile="$2"; shift 2 ;; mochabin|espressobin-v7|espressobin-ultra|x86-64) device_type="$1"; shift ;; + slim|core|full) profile="$1"; shift ;; *) shift ;; esac done - build_image "$device_type" "$resize" + build_image "$device_type" "$resize" "$version" "$profile" ;; devices) list_devices ;; + versions) + list_versions + ;; + serve) case "${2:-start}" in --start|start) serve_start ;;