bd96ab1d31
develstats
2025-12-29 02:02:44 +01:00
15b7f45ab2
refactor(makefiles): Standardize PKG_FILE_MODES comments across all modules
...
- Add comprehensive file permissions documentation to all 15 Makefiles
- Standardized comment block explains:
- RPCD scripts: 755 (CRITICAL - required for ubus calls)
- Helper scripts: 755 (if executable)
- Config files: 644 (readable by all)
- CSS/JS files: 644 (set automatically by luci.mk)
- Ensures consistency and clarity for developers
- Critical for proper module functionality (RPCD must be executable)
- Follows OpenWrt package best practices
Affected modules:
- luci-app-auth-guardian
- luci-app-bandwidth-manager
- luci-app-cdn-cache
- luci-app-client-guardian
- luci-app-crowdsec-dashboard
- luci-app-ksm-manager
- luci-app-media-flow
- luci-app-netdata-dashboard
- luci-app-netifyd-dashboard
- luci-app-network-modes
- luci-app-secubox (includes fix-permissions.sh helper)
- luci-app-system-hub
- luci-app-traffic-shaper
- luci-app-vhost-manager
- luci-app-wireguard-dashboard
2025-12-28 14:34:31 +01:00
403283419c
docs: Reorganize documentation structure and add architecture diagrams
...
Major documentation improvements and restructuring for better maintainability
and navigation.
## Structural Changes
### New Documentation Organization
- Move all documentation to DOCS/ directory for better organization
- Create DOCS/archive/ for historical documents
- Move deployment scripts to secubox-tools/ directory
### Archived Documents
- COMPLETION_REPORT.md → archive/ (project milestone)
- MODULE-ENABLE-DISABLE-DESIGN.md → archive/ (feature implemented)
- BUILD_ISSUES.md → archive/ (issues resolved)
- Add archive/README.md with archiving policy and document index
## Documentation Enhancements
### Version Standardization
- Add version headers to CLAUDE.md (v1.0.0)
- Add version headers to BUILD_ISSUES.md (v1.0.0)
- Standardize date format to YYYY-MM-DD across all docs
### Cross-References & Navigation
- Add "See Also" sections to PERMISSIONS-GUIDE.md
- Add "See Also" sections to VALIDATION-GUIDE.md
- Link quick references to detailed guides
- Improve documentation discoverability
### Architecture Diagrams (Mermaid)
Add 3 professional diagrams to DEVELOPMENT-GUIDELINES.md:
1. **System Architecture Diagram** (§2)
- Complete data flow: Browser → LuCI → RPCD → ubus → System
- Color-coded components by layer
- Shows JavaScript, RPC, RPCD daemon, UCI, system services
2. **Deployment Workflow Diagram** (§9)
- Step-by-step deployment process with validation checkpoints
- Error recovery paths for common issues (403, 404, -32000)
- Local validation, file transfer, permission fixes, service restarts
3. **Component Hierarchy Diagram** (§1)
- Standard page structure and CSS class relationships
- Page → Header → Stats → Content → Cards → Buttons
- Shows design system component organization
## New Files
### TODO-ANALYSE.md
- Comprehensive documentation improvement roadmap
- Tasks categorized: Immediate, Short-term, Long-term, Optional
- Progress tracking with acceptance criteria
- Covers testing, security, performance guides
- Documentation automation plans
## Benefits
✅ Cleaner project structure (docs in DOCS/, tools in secubox-tools/)
✅ Better documentation navigation with cross-references
✅ Visual understanding through architecture diagrams
✅ Historical documents archived but accessible
✅ Standardized versioning across all documentation
✅ Clear roadmap for future documentation improvements
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-28 09:52:15 +01:00
81a0448fde
makefile
2025-12-28 08:05:06 +01:00
a53e5f7068
feat: Add comprehensive permission management system (v0.3.1)
...
Implement three-tier permission management across all SecuBox modules:
**1. Package-Level Permissions (PKG_FILE_MODES)**
- Add PKG_FILE_MODES to all 15 module Makefiles
- RPCD scripts: 755 (executable)
- CSS/JS/JSON files: 644 (default, no config needed)
- Ensures correct permissions at installation time
**2. Runtime Permission Fix**
- New script: /usr/libexec/secubox/fix-permissions.sh
- RPCD method: luci.secubox fix_permissions
- UI control: "🔧 Fix Perms" button in Quick Actions
- Fixes all permissions and restarts services
**3. Automation & Documentation**
- secubox-tools/add-pkg-file-modes.sh: Auto-configure PKG_FILE_MODES
- PERMISSIONS-GUIDE.md: Comprehensive permissions guide
- MODULE-ENABLE-DISABLE-DESIGN.md: Enable/disable system design doc
- Updated Makefile template with PKG_FILE_MODES pattern
**Modules Updated:**
- luci-app-auth-guardian
- luci-app-bandwidth-manager
- luci-app-cdn-cache
- luci-app-client-guardian
- luci-app-crowdsec-dashboard
- luci-app-ksm-manager
- luci-app-media-flow
- luci-app-netdata-dashboard
- luci-app-netifyd-dashboard
- luci-app-network-modes
- luci-app-secubox (+ fix-permissions.sh script)
- luci-app-system-hub
- luci-app-traffic-shaper
- luci-app-vhost-manager
- luci-app-wireguard-dashboard
**Benefits:**
- No more manual permission fixes after installation
- Users can fix permissions from UI without SSH access
- Proper OpenWrt package management compliance
- Automated detection and configuration
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-28 02:19:30 +01:00
40a8437a2a
feat: apply Design System v0.3.0 to all 15 SecuBox modules
...
Extended the demo-inspired design system from system-hub to all SecuBox modules
for complete visual consistency across the entire platform.
🎨 Design System v0.3.0 Applied
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
📦 Modules Updated (15 total):
- ✅ luci-app-auth-guardian
- ✅ luci-app-bandwidth-manager
- ✅ luci-app-cdn-cache
- ✅ luci-app-client-guardian
- ✅ luci-app-crowdsec-dashboard
- ✅ luci-app-ksm-manager
- ✅ luci-app-media-flow
- ✅ luci-app-netdata-dashboard
- ✅ luci-app-netifyd-dashboard
- ✅ luci-app-network-modes
- ✅ luci-app-secubox
- ✅ luci-app-system-hub
- ✅ luci-app-traffic-shaper
- ✅ luci-app-vhost-manager
- ✅ luci-app-wireguard-dashboard
🎨 Design System Features
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Dark Mode Palette (Demo-inspired):
- Background: #0a0a0f → #12121a → #1a1a24
- Text: #fafafa / #a0a0b0
- Borders: #2a2a35
- Primary gradient: #6366f1 → #8b5cf6 (Indigo-Violet)
Typography:
- Body: Inter (Google Fonts)
- Monospace: JetBrains Mono (for metrics, IDs, code)
Components:
- Compact stats badges (130px min)
- Gradient text titles with background-clip
- Cards with gradient border hover effects
- Sticky navigation tabs with backdrop-filter
- Filter tabs with gradient active state
- Buttons with cubic-bezier transitions
- Status badges (success/danger/warning/info)
Responsive Grid Layouts:
- Stats: repeat(auto-fit, minmax(130px, 1fr))
- Metrics: repeat(auto-fit, minmax(240px, 1fr))
- Cards: repeat(auto-fit, minmax(300px, 1fr))
📄 Files Added (14 new):
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Created common.css for each module:
- templates/common-css-template.css (master template)
- */resources/*/common.css (14 modules)
📝 Files Modified (42):
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Makefiles (13 modules):
- Updated PKG_VERSION from 0.0.9 → 0.2.2
- auth-guardian, bandwidth-manager, cdn-cache, client-guardian
- crowdsec-dashboard, ksm-manager, media-flow, netdata-dashboard
- netifyd-dashboard, network-modes, traffic-shaper, vhost-manager
- wireguard-dashboard
API.js files (14 modules):
- Added "// Version: 0.2.2" comment
- Consistent version tracking across all modules
Dashboard CSS (13 modules):
- Added "Version: 0.3.0" in file headers
- Updated to use Design System variables
SecuBox CSS (6 files):
- alerts.css, dashboard.css, modules.css
- monitoring.css, secubox.css
- All updated to version 0.3.0
🔧 CSS Variables System
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
All modules now use consistent --sh-* CSS variables:
- --sh-text-primary / --sh-text-secondary
- --sh-bg-primary / --sh-bg-secondary / --sh-bg-tertiary / --sh-bg-card
- --sh-border / --sh-hover-bg / --sh-hover-shadow
- --sh-primary / --sh-primary-end (for gradients)
- --sh-success / --sh-danger / --sh-warning / --sh-info
- --sh-shadow
Benefits:
✓ Instant theme switching (light/dark mode)
✓ Easy color customization via CSS variables
✓ Consistent branding across all modules
✓ Reduced CSS duplication
✓ Better maintainability
📊 Statistics
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Files changed: 56 total
- New files: 14 (common.css + template)
- Modified files: 42
- 13 Makefiles (version updates)
- 14 API.js (version tracking)
- 13 dashboard.css (version headers)
- 6 secubox CSS files
- 1 settings.local.json
Total lines added: ~8,000+ (common.css templates)
Common CSS size: ~420 lines per module
Design system coverage: 100% (all 15 modules)
✅ Validation
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Validation script passed successfully:
- ✓ Check 1: RPCD naming (15 modules)
- ✓ Check 2: Menu paths (100+ views)
- ✓ Check 3: View files (2 warnings - debug files)
- ✓ Check 4: Permissions (15 RPCD scripts)
- ✓ Check 5: JSON syntax (30 files)
- ✓ Check 6: ubus naming (17 objects)
🎯 Migration Notes
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Developers:
1. Import common.css in your HTML/views
2. Use --sh-* CSS variables instead of hardcoded colors
3. Leverage pre-built components (.sh-card, .sh-btn-primary, etc.)
4. Follow responsive grid patterns
5. Test in both light and dark modes
Users:
- All modules now have consistent modern design
- Unified color scheme across entire SecuBox platform
- Better accessibility with improved contrast ratios
- Smooth animations and transitions
- Responsive design for mobile/tablet/desktop
📚 Documentation
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Reference:
- Design demo: https://cybermind.fr/apps/system-hub/demo.html
- Template: templates/common-css-template.css
- Guidelines: DEVELOPMENT-GUIDELINES.md
- Quick start: QUICK-START.md
Next Steps:
- Deploy modules to test environment
- Verify visual consistency
- Collect user feedback
- Fine-tune responsive breakpoints if needed
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-26 20:15:33 +01:00
4bdda363a0
fix: Standardize all plugins to v0.0.9 with unified patterns
...
- Update all 13 plugins maintainer to CyberMind <contact@cybermind.fr>
- Set version to 0.0.9 for internal release
- Fix API modules to use baseclass.extend() pattern (6 plugins)
- Ensure all RPCD scripts use luci.* prefix
- Validate menu/view/ACL coherence across all modules
Affected plugins:
- luci-app-auth-guardian
- luci-app-bandwidth-manager
- luci-app-cdn-cache
- luci-app-client-guardian
- luci-app-crowdsec-dashboard
- luci-app-ksm-manager
- luci-app-media-flow
- luci-app-netdata-dashboard
- luci-app-netifyd-dashboard
- luci-app-network-modes
- luci-app-traffic-shaper
- luci-app-vhost-manager
- luci-app-wireguard-dashboard
Validation: All modules pass validate-modules.sh checks
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-26 16:33:03 +01:00
0b824fc5b1
fix: standardize Makefile includes for GitHub Actions compatibility
...
Standardizes all Makefile include paths to use $(TOPDIR)/feeds/luci/luci.mk
instead of relative paths (../../luci.mk). This fixes firmware build failures
on GitHub Actions while maintaining local build compatibility.
Problem:
- Local builds worked with relative paths (../../luci.mk)
- GitHub Actions builds failed because packages are copied to
openwrt/package/secubox/ where relative paths don't work
- Inconsistent includes across packages caused build failures
Solution:
- Use absolute path: $(TOPDIR)/feeds/luci/luci.mk
- Works in both environments (local feed development AND GitHub Actions)
- Simplifies auth-guardian Makefile to use LuCI.mk template
Changes:
- auth-guardian: Converted to LuCI.mk template format
- bandwidth-manager, ksm-manager, media-flow: Updated includes
- system-hub, traffic-shaper, vhost-manager: Updated includes
All 15 packages now use consistent Makefile format.
Fixes: Firmware generation on GitHub Actions
Related: v0.1.2-alpha
2025-12-25 19:57:01 +01:00
e67df835e2
fix: remove UCI dependencies from menu definitions
...
Removes mandatory UCI config dependencies from dashboard modules to allow
LuCI menus to display even when backend services are not installed.
This fixes 'Permission denied' errors when accessing dashboards for services
that haven't been installed yet (crowdsec, netdata, netifyd, etc.).
Changes:
- Remove uci dependency: crowdsec-dashboard, netdata-dashboard
- Remove uci dependency: netifyd-dashboard, wireguard-dashboard
- Remove uci dependency: client-guardian, media-flow
- Remove uci dependency: network-modes, traffic-shaper
Dashboards will now gracefully handle missing backend services and can
guide users to install required packages.
Related: SecuBox menu organization (v0.1.2-alpha)
2025-12-25 16:23:30 +01:00
cf39eb6e1d
fix: resolve validation issues across all modules
...
- Fixed minified RPC declaration in secubox/modules.js that caused false positive in validation
- Added 30 missing menu entries across 10 modules:
* bandwidth-manager: clients, schedules
* client-guardian: zones, portal, logs, alerts, parental
* crowdsec-dashboard: metrics
* netdata-dashboard: system, processes, realtime, network
* netifyd-dashboard: talkers, risks, devices
* network-modes: router, accesspoint, relay, sniffer
* secubox: settings
* system-hub: components, diagnostics, health, remote, settings
* vhost-manager: internal, ssl, redirects
* wireguard-dashboard: traffic, config
- All modules now pass comprehensive validation (0 errors, 0 warnings)
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-25 09:01:06 +01:00
6200167434
feat: implement Media Flow streaming detection and monitoring module
...
Complete implementation of Media Flow module for real-time detection and
monitoring of streaming services with quality estimation and alerts.
Features:
---------
1. Streaming Service Detection
- Video: Netflix, YouTube, Disney+, Prime Video, Twitch, HBO, Hulu, Vimeo
- Audio: Spotify, Apple Music, Deezer, SoundCloud, Tidal, Pandora
- Visio: Zoom, Teams, Google Meet, Discord, Skype, WebEx
2. Quality Estimation
- SD (< 1 Mbps), HD (1-3 Mbps), FHD (3-8 Mbps), 4K (> 8 Mbps)
- Based on real-time bandwidth analysis
3. Real-time Monitoring
- Active streams dashboard with 5-second auto-refresh
- Bandwidth consumption per stream
- Client IP tracking
- Service categorization (video/audio/visio)
4. Historical Data
- Session history with timestamps
- Usage statistics per service
- Usage statistics per client
- Configurable retention (last 1000 entries)
5. Configurable Alerts
- Service-specific usage thresholds
- Actions: notify, limit, block
- UCI-based alert configuration
RPCD Backend:
-------------
Script: root/usr/libexec/rpcd/luci.media-flow
Methods implemented:
- status: Module status and netifyd integration check
- get_active_streams: Currently active streaming sessions
- get_stream_history: Historical sessions (configurable timeframe)
- get_stats_by_service: Aggregated stats per service
- get_stats_by_client: Aggregated stats per client IP
- get_service_details: Detailed info for specific service
- set_alert: Configure usage alerts
- list_alerts: List all configured alerts
Integration with netifyd DPI for application detection.
Views:
------
1. dashboard.js - Main overview with active streams and service stats
2. services.js - Detailed per-service statistics and details modal
3. clients.js - Per-client streaming activity
4. history.js - Chronological session list with filters
5. alerts.js - Alert configuration interface
All views follow naming conventions:
- Menu paths match view file locations (media-flow/*)
- RPC object: 'luci.media-flow' matches RPCD script name
- All views use 'use strict'
- All RPC methods exist in RPCD implementation
Files Structure:
----------------
✓ Makefile: Complete with all required fields
✓ RPCD: luci.media-flow (matches ubus object)
✓ ACL: All 8 RPCD methods covered (read/write separated)
✓ Menu: 5 views with correct paths
✓ Views: All menu paths have corresponding .js files
✓ UCI Config: media_flow with global settings and alerts
✓ README: Complete documentation with API reference
Validation:
-----------
✓ RPCD script name matches ubus object (luci.media-flow)
✓ Menu paths match view file locations
✓ ACL permissions cover all RPCD methods
✓ RPCD script is executable
✓ JSON files have valid syntax
✓ All views use strict mode
✓ RPC method calls match RPCD implementations
Dependencies:
-------------
- netifyd: Deep Packet Inspection for application detection
- luci-app-netifyd-dashboard: Integration with Netifyd dashboard
- jq: JSON processing for historical data aggregation
Usage:
------
# View status
ubus call luci.media-flow status
# Get active streaming sessions
ubus call luci.media-flow get_active_streams
# Get 24h history
ubus call luci.media-flow get_stream_history '{"hours": 24}'
# Set alert for Netflix
ubus call luci.media-flow set_alert '{"service": "Netflix", "threshold_hours": 4, "action": "notify"}'
Data Storage:
-------------
- History: /tmp/media-flow-history.json (last 1000 entries)
- Stats: /tmp/media-flow-stats/ (aggregated data)
- Alerts: /etc/config/media_flow (UCI persistence)
All data stored locally, no external telemetry.
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-24 10:20:28 +01:00
f08c14f1d7
fix: hope modules refresh
2025-12-23 18:53:18 +01:00
6971fda569
fix: improve artifact publishing and build diagnostics
2025-12-23 18:40:35 +01:00
2e1fd21d18
css ready
2025-12-23 09:16:28 +01:00
9bad706ec6
Initial commit: SecuBox v1.0.0 - fixed packages makefiles
2025-12-22 16:13:16 +01:00
ef240b650b
Initial commit: SecuBox v1.0.0-try2
2025-12-22 10:43:52 +01:00
