- Add --version and --profile CLI options to secubox-cloner build command
- Add versions command to list available OpenWrt releases (24.10.5, 24.10.0, 23.05.5, 23.05.4)
- Add package profiles: slim (minimal), core (mesh essentials), full (clone current device)
- Add list_versions and list_build_profiles RPCD methods for LuCI
- Update build_image RPCD to accept version and profile parameters
- Update ACL permissions for new read methods
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replaces unreliable nohup-based remote flash with staged approach:
1. remote_prepare_flash: Upload image + store options
2. remote_confirm_flash: Execute sysupgrade directly
3. remote_flash_status: Check flash state
4. remote_cancel_flash: Abort pending flash
Key fixes:
- Use /tmp for firmware (large tmpfs vs small rootfs)
- Direct sysupgrade execution (no nohup, works on OpenWrt)
- Proper dbclient SSH without unavailable commands
- Background job with & instead of nohup
Tested: x86_64 VM successfully flashed from 24.10.5 to 24.10.0
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add Factory tab to Cloning Station with:
- Discovery Mode toggle (enable/disable zero-touch provisioning)
- Pending Devices list with approve/reject and profile assignment
- Bulk Token Generator (1-50 tokens with profile selection)
- Hardware Inventory table (MAC, Model, CPU, RAM, Storage)
Implementation:
- 8 RPC declarations for factory methods
- 5 state properties for factory data
- 5 render functions, 6 event handlers
- Factory data polling in 5-second refresh cycle when on tab
- KISS theme UI components throughout
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add inventory.sh for hardware inventory collection (MAC, serial, model, CPU, RAM, storage)
- Add profiles.sh for profile management and device matching
- Add default.json profile template for auto-provisioned peers
- Add discovery mode to master-link.sh with pending queue and approval workflow
- Add bulk token generation (up to 100 tokens per batch)
- Enhance 50-secubox-clone-provision with inventory collection and discovery join
- Add 9 new RPCD methods to luci.cloner for factory provisioning
- Fix p2p-mesh.sh to be silent when sourced as library
- Add UCI options: discovery_mode, auto_approve_known, discovery_window, default_profile
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add fdisk, resize2fs, partx-utils to ASU package list
- Enables partition expansion on first boot for fresh installs
- Addresses kernel limitation with online ext4 resize
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix build button being unclickable by properly handling disabled attribute
(only set when isBuilding is true, not undefined/false)
- Fix SSH host key mismatch errors in do_scp by cleaning stale known_hosts
entries from all possible locations (/root/.ssh, /.ssh, /overlay/upper/.ssh)
before transfers - prevents failures after device reflash
- Add cursor:pointer style to build button for better UX
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add remote device management: scan_network, list_remotes, add_remote,
remove_remote, remote_status, remote_upload, remote_flash RPCD methods
- Add secubox-asu-clone script for on-the-fly firmware generation via
OpenWrt ASU (Attended Sysupgrade) API
- Include full LuCI packages in ASU builds (luci-base, luci-mod-admin-full,
luci-mod-network, luci-mod-status, luci-mod-system, etc.)
- Add partition expansion script (10-expand-rootfs) to use full SD card/eMMC
with proper UUID and boot config handling for both MBR and GPT
- Add robust provisioning script (99-secubox-provision) with network retry,
firewall handling, and SecuBox package installation from local feed
- Use dropbear's dbclient for SSH operations (OpenWrt native)
- Support mochabin, espressobin-v7, espressobin-ultra, x86-64 devices
- Default to OpenWrt version 24.10.5
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Same expect unwrapping bug was present in refresh() function,
causing stats to show counts but content to show "No items"
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add build_progress RPCD method to track image build status
- Fix handleBuild() to handle RPC expect array unwrapping
- The expect: { devices: [] } unwraps the array, so data IS the array
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The build_progress RPCD method was missing from ACL, causing
"Access denied" (-32002) errors when polling build status.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
KISS Theme:
- Add expandable sub-tabs under active sidebar items
- Apps with multiple views show nested tabs when active
- Support for CrowdSec, HAProxy, WireGuard, Ollama, Tor Shield,
CDN Cache, InterceptoR, mitmproxy, Client Guardian
Cloner:
- Full KISS theme rewrite with stats grid, quick actions
- TFTP boot commands with copy button
- Progress tracking for image builds
Streamlit:
- Fix reupload not applying changes - auto-restart service after upload
- Show "Restarting..." spinner during service reload
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Support building images for: mochabin, espressobin-v7, espressobin-ultra, x86-64
- New CLI: secubox-cloner build --device espressobin-v7
- New CLI: secubox-cloner devices (list supported devices)
- RPCD: list_devices method, build_image accepts device_type param
- LuCI: Device selection dropdown in build modal
- LuCI: Device column in images table with badges
- Each device type has its own TFTP image file
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Dashboard with status cards: device, TFTP, tokens, clones
- Quick actions: Build Image, Start/Stop TFTP, Token generation
- Clone images table with size and TFTP-ready status
- Token management with auto-approve option
- U-Boot flash commands display when TFTP is running
- RPCD handler with 10 methods for full cloner management
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
