Use >/dev/null 2>&1 instead of just 2>/dev/null when sourcing
master-link.sh and calling chain_add_block, mesh_init, peer_add,
factory_trust_peer, and gossip_sync to prevent p2p-mesh.sh usage
text and block hashes from corrupting CGI JSON responses.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Read LXC path from /etc/lxc/lxc.conf instead of hardcoding /var/lib/lxc
(OpenWrt uses /srv/lxc by default)
- Skip Alpine rootfs download if file already exists in /tmp
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- secubox-app-mitmproxy: Sensitivity-based auto-ban system
- luci-app-mitmproxy: Updated frontend
- luci-app-crowdsec-dashboard: Ban button on alerts page
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replace pipe-to-while loops with grep/cut to avoid subshell variable
scope issues in method_status, method_get_providers, and method_set_provider.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Updated packages:
- luci-app-ollama: KISS UI rewrite
- luci-app-secubox-netdiag: Temperature monitoring and port mode controls
- secubox-core, secubox-p2p: Latest versions
- All other packages rebuilt with current SDK
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Change nav paths from services/crowdsec to security/crowdsec in alerts,
bouncers, decisions, and settings views to match the new menu location.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The RPCD returns data directly without wrapping in a 'result' object,
but api.js was using expect: { result: {} } which caused empty data
in the UI (0 sites shown instead of 6).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Replace overview.js with dashboard.js using standard cbi-* classes
- Add api.js module for RPC declarations
- Show port, runtime, backend_running status in sites table
- Add sync_config, discover_vhosts, import_vhost RPC methods
- Update ACL with new method permissions
- Menu: Sites -> Dashboard
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
When an app has no description, return empty string instead of null
to prevent "null" text from being rendered in the instances table.
Also: secubox-p2p bumped to v0.6.0-r3 with catalog fix.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Use POST method for creating new files and PUT for updates.
Gitea requires this distinction - PUT with no SHA fails for new files.
Changes:
- Use POST for creating new files in catalog_push_gitea()
- Use PUT only when existing SHA is available (updates)
- Add explicit branch parameter for consistency
- Bump version to 0.6.0-r2
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add HAProxy → mitmproxy → Backend inspection chain for filtering
all vhost traffic through mitmproxy with threat detection
- Add haproxy_router.py addon for Host-based request routing
- Add mitmproxyctl commands: sync-routes, haproxy-enable, haproxy-disable
- Add auth token to status response for Web UI auto-authentication
- Add HAProxy Backend Inspection section to LuCI status page with
enable/disable/sync controls
- Add HAProxy Router settings section to LuCI settings page
- LXC container now supports dual-port mode (8888 + 8889 for HAProxy)
- Token displayed with copy button in dashboard
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Swiss Army knife for SecuBox with interactive menu and direct commands:
- status: System overview with services, docker, mesh
- mesh: P2P mesh operations (peers, discover, sync)
- security: CrowdSec status, threats, block/unblock
- docker: Container management
- haproxy: Vhosts and reload
- network: Diagnostics, ports, connections
- recover: Snapshot/restore operations
- feed: Package management
Also updates feed with Jitsi packages and core v0.10.0-r11.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
