fix(streamlitctl): Add mitmproxy route sync step to emancipation

After emancipating a service, automatically sync routes to mitmproxy WAF to ensure traffic can be properly routed through the mitmproxy containers without manual intervention. The new _emancipate_mitmproxy() function calls mitmproxyctl sync-routes after HAProxy configuration to keep mitmproxy routing table in sync. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-15 05:29:48 +01:00 · 2026-02-15 05:29:48 +01:00 · daa755986e
commit daa755986e
parent 1513041d90
1 changed files with 20 additions and 1 deletions
--- a/package/secubox/secubox-app-streamlit/files/usr/sbin/streamlitctl
+++ b/package/secubox/secubox-app-streamlit/files/usr/sbin/streamlitctl
@ -1343,6 +1343,22 @@ _emancipate_ssl() {
 	fi
 }

+_emancipate_mitmproxy() {
+	log_info "[MITMPROXY] Syncing routes to mitmproxy WAF"
+
+	# Sync HAProxy backends to mitmproxy routes
+	if command -v mitmproxyctl >/dev/null 2>&1; then
+		if mitmproxyctl sync-routes >/dev/null 2>&1; then
+			log_info "[MITMPROXY] Routes synced successfully"
+		else
+			log_warn "[MITMPROXY] Route sync failed - manual sync may be required"
+			log_warn "[MITMPROXY] Run: mitmproxyctl sync-routes"
+		fi
+	else
+		log_warn "[MITMPROXY] mitmproxyctl not found - routes not synced"
+	fi
+}
+
 _emancipate_reload() {
 	log_info "[RELOAD] Applying HAProxy configuration"
 	# Generate fresh config
@ -1561,7 +1577,10 @@ cmd_emancipate() {
 	# Step 6: Mesh P2P distribution to peers
 	_emancipate_mesh "$name" "$domain" "$port"

-	# Step 7: Reload HAProxy
+	# Step 7: Sync mitmproxy routes (WAF routing)
+	_emancipate_mitmproxy
+
+	# Step 8: Reload HAProxy
 	_emancipate_reload

 	# Mark app as emancipated