From da3b8171a5cf7c1ec6c017ef91ed1d5e47041e5e Mon Sep 17 00:00:00 2001 From: CyberMind-FR Date: Mon, 9 Mar 2026 13:30:01 +0100 Subject: [PATCH] docs: Update tracking files for HAProxy health check - WIP.md: Add health check panel and admin routing entries - HISTORY.md: Add entries #79-80 for health check and WAF routing Co-Authored-By: Claude Opus 4.5 --- .claude/HISTORY.md | 20 +++++++++++++++++++- .claude/WIP.md | 16 +++++++++++++++- 2 files changed, 34 insertions(+), 2 deletions(-) diff --git a/.claude/HISTORY.md b/.claude/HISTORY.md index 9267cb68..6ade3dea 100644 --- a/.claude/HISTORY.md +++ b/.claude/HISTORY.md @@ -1,6 +1,6 @@ # SecuBox UI & Theme History -_Last updated: 2026-03-07 (Avatar-Tap, PhotoPrism, Service Fixes)_ +_Last updated: 2026-03-09 (HAProxy Routes Health Check, WAF Routing)_ 1. **Unified Dashboard Refresh (2025-12-20)** - Dashboard received the "sh-page-header" layout, hero stats, and SecuNav top tabs. @@ -4513,3 +4513,21 @@ git checkout HEAD -- index.html - Remote Control dashboard (RPC proxy interface) - Remote Support panel (token sharing) - Web Terminal (ttyd shell access) + +79. **HAProxy Routes Health Check (2026-03-09)** + - Backend: `/usr/sbin/service-health-check` script probes all routes in haproxy-routes.json + - Modes: `down` (only failures), `all` (color-coded status), `json` (structured output) + - RPCD method: `get_service_health` with 5-minute cache and force-refresh option + - LuCI panel integration in Services view: + - Stats display: Up/Down/Total counts, health percentage + - Down services list with IP:port tooltips (shows first 10) + - Refresh button for manual health check trigger + - CSS styling with KISS theme integration + - ACL permission: `get_service_health` added to read access + +80. **admin.gk2.secubox.in WAF Routing (2026-03-09)** + - Fixed admin panel routing through mitmproxy WAF + - Route: admin.gk2.secubox.in → 192.168.255.1:8081 (LuCI internal port) + - Modified haproxy_router.py to allow port 8081 routes (was blocked) + - Domain now accessible via HTTPS through WAF with proper access control + - Web Terminal (ttyd shell access) diff --git a/.claude/WIP.md b/.claude/WIP.md index 382c751f..15719908 100644 --- a/.claude/WIP.md +++ b/.claude/WIP.md @@ -1,6 +1,6 @@ # Work In Progress (Claude) -_Last updated: 2026-03-09 (Dev Status Widget v2.1)_ +_Last updated: 2026-03-09 (HAProxy Routes Health Check)_ > **Architecture Reference**: SecuBox Fanzine v3 — Les 4 Couches @@ -10,6 +10,20 @@ _Last updated: 2026-03-09 (Dev Status Widget v2.1)_ ### 2026-03-09 +- **HAProxy Routes Health Check Panel** + - Backend: `/usr/sbin/service-health-check` script checks all routes in haproxy-routes.json + - RPCD method: `get_service_health` with 5-min cache and force-refresh option + - LuCI panel: Up/Down/Total stats, health %, down services list + - Refresh button for manual health check trigger + - CSS styling with KISS theme integration + - ACL permission added for read access + - Deployed and tested: 174 routes, 21 down (intentionally stopped LXC containers) + +- **admin.gk2.secubox.in WAF Routing Fix** + - Added route through mitmproxy WAF (port 8081 for LuCI) + - Fixed haproxy_router.py blocking 8081 routes + - Domain now accessible through WAF with proper access control + - **Dev Status Widget v2.1 (Dynamic Dashboard)** - Complete redesign with 4-layer architecture visualization - 22+ features with dependency tracking (dependsOn/usedBy)