15b7f45ab2
refactor(makefiles): Standardize PKG_FILE_MODES comments across all modules
...
- Add comprehensive file permissions documentation to all 15 Makefiles
- Standardized comment block explains:
- RPCD scripts: 755 (CRITICAL - required for ubus calls)
- Helper scripts: 755 (if executable)
- Config files: 644 (readable by all)
- CSS/JS files: 644 (set automatically by luci.mk)
- Ensures consistency and clarity for developers
- Critical for proper module functionality (RPCD must be executable)
- Follows OpenWrt package best practices
Affected modules:
- luci-app-auth-guardian
- luci-app-bandwidth-manager
- luci-app-cdn-cache
- luci-app-client-guardian
- luci-app-crowdsec-dashboard
- luci-app-ksm-manager
- luci-app-media-flow
- luci-app-netdata-dashboard
- luci-app-netifyd-dashboard
- luci-app-network-modes
- luci-app-secubox (includes fix-permissions.sh helper)
- luci-app-system-hub
- luci-app-traffic-shaper
- luci-app-vhost-manager
- luci-app-wireguard-dashboard
2025-12-28 14:34:31 +01:00
403283419c
docs: Reorganize documentation structure and add architecture diagrams
...
Major documentation improvements and restructuring for better maintainability
and navigation.
## Structural Changes
### New Documentation Organization
- Move all documentation to DOCS/ directory for better organization
- Create DOCS/archive/ for historical documents
- Move deployment scripts to secubox-tools/ directory
### Archived Documents
- COMPLETION_REPORT.md → archive/ (project milestone)
- MODULE-ENABLE-DISABLE-DESIGN.md → archive/ (feature implemented)
- BUILD_ISSUES.md → archive/ (issues resolved)
- Add archive/README.md with archiving policy and document index
## Documentation Enhancements
### Version Standardization
- Add version headers to CLAUDE.md (v1.0.0)
- Add version headers to BUILD_ISSUES.md (v1.0.0)
- Standardize date format to YYYY-MM-DD across all docs
### Cross-References & Navigation
- Add "See Also" sections to PERMISSIONS-GUIDE.md
- Add "See Also" sections to VALIDATION-GUIDE.md
- Link quick references to detailed guides
- Improve documentation discoverability
### Architecture Diagrams (Mermaid)
Add 3 professional diagrams to DEVELOPMENT-GUIDELINES.md:
1. **System Architecture Diagram** (§2)
- Complete data flow: Browser → LuCI → RPCD → ubus → System
- Color-coded components by layer
- Shows JavaScript, RPC, RPCD daemon, UCI, system services
2. **Deployment Workflow Diagram** (§9)
- Step-by-step deployment process with validation checkpoints
- Error recovery paths for common issues (403, 404, -32000)
- Local validation, file transfer, permission fixes, service restarts
3. **Component Hierarchy Diagram** (§1)
- Standard page structure and CSS class relationships
- Page → Header → Stats → Content → Cards → Buttons
- Shows design system component organization
## New Files
### TODO-ANALYSE.md
- Comprehensive documentation improvement roadmap
- Tasks categorized: Immediate, Short-term, Long-term, Optional
- Progress tracking with acceptance criteria
- Covers testing, security, performance guides
- Documentation automation plans
## Benefits
✅ Cleaner project structure (docs in DOCS/, tools in secubox-tools/)
✅ Better documentation navigation with cross-references
✅ Visual understanding through architecture diagrams
✅ Historical documents archived but accessible
✅ Standardized versioning across all documentation
✅ Clear roadmap for future documentation improvements
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-28 09:52:15 +01:00
81a0448fde
makefile
2025-12-28 08:05:06 +01:00
a53e5f7068
feat: Add comprehensive permission management system (v0.3.1)
...
Implement three-tier permission management across all SecuBox modules:
**1. Package-Level Permissions (PKG_FILE_MODES)**
- Add PKG_FILE_MODES to all 15 module Makefiles
- RPCD scripts: 755 (executable)
- CSS/JS/JSON files: 644 (default, no config needed)
- Ensures correct permissions at installation time
**2. Runtime Permission Fix**
- New script: /usr/libexec/secubox/fix-permissions.sh
- RPCD method: luci.secubox fix_permissions
- UI control: "🔧 Fix Perms" button in Quick Actions
- Fixes all permissions and restarts services
**3. Automation & Documentation**
- secubox-tools/add-pkg-file-modes.sh: Auto-configure PKG_FILE_MODES
- PERMISSIONS-GUIDE.md: Comprehensive permissions guide
- MODULE-ENABLE-DISABLE-DESIGN.md: Enable/disable system design doc
- Updated Makefile template with PKG_FILE_MODES pattern
**Modules Updated:**
- luci-app-auth-guardian
- luci-app-bandwidth-manager
- luci-app-cdn-cache
- luci-app-client-guardian
- luci-app-crowdsec-dashboard
- luci-app-ksm-manager
- luci-app-media-flow
- luci-app-netdata-dashboard
- luci-app-netifyd-dashboard
- luci-app-network-modes
- luci-app-secubox (+ fix-permissions.sh script)
- luci-app-system-hub
- luci-app-traffic-shaper
- luci-app-vhost-manager
- luci-app-wireguard-dashboard
**Benefits:**
- No more manual permission fixes after installation
- Users can fix permissions from UI without SSH access
- Proper OpenWrt package management compliance
- Automated detection and configuration
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-28 02:19:30 +01:00
40a8437a2a
feat: apply Design System v0.3.0 to all 15 SecuBox modules
...
Extended the demo-inspired design system from system-hub to all SecuBox modules
for complete visual consistency across the entire platform.
🎨 Design System v0.3.0 Applied
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
📦 Modules Updated (15 total):
- ✅ luci-app-auth-guardian
- ✅ luci-app-bandwidth-manager
- ✅ luci-app-cdn-cache
- ✅ luci-app-client-guardian
- ✅ luci-app-crowdsec-dashboard
- ✅ luci-app-ksm-manager
- ✅ luci-app-media-flow
- ✅ luci-app-netdata-dashboard
- ✅ luci-app-netifyd-dashboard
- ✅ luci-app-network-modes
- ✅ luci-app-secubox
- ✅ luci-app-system-hub
- ✅ luci-app-traffic-shaper
- ✅ luci-app-vhost-manager
- ✅ luci-app-wireguard-dashboard
🎨 Design System Features
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Dark Mode Palette (Demo-inspired):
- Background: #0a0a0f → #12121a → #1a1a24
- Text: #fafafa / #a0a0b0
- Borders: #2a2a35
- Primary gradient: #6366f1 → #8b5cf6 (Indigo-Violet)
Typography:
- Body: Inter (Google Fonts)
- Monospace: JetBrains Mono (for metrics, IDs, code)
Components:
- Compact stats badges (130px min)
- Gradient text titles with background-clip
- Cards with gradient border hover effects
- Sticky navigation tabs with backdrop-filter
- Filter tabs with gradient active state
- Buttons with cubic-bezier transitions
- Status badges (success/danger/warning/info)
Responsive Grid Layouts:
- Stats: repeat(auto-fit, minmax(130px, 1fr))
- Metrics: repeat(auto-fit, minmax(240px, 1fr))
- Cards: repeat(auto-fit, minmax(300px, 1fr))
📄 Files Added (14 new):
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Created common.css for each module:
- templates/common-css-template.css (master template)
- */resources/*/common.css (14 modules)
📝 Files Modified (42):
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Makefiles (13 modules):
- Updated PKG_VERSION from 0.0.9 → 0.2.2
- auth-guardian, bandwidth-manager, cdn-cache, client-guardian
- crowdsec-dashboard, ksm-manager, media-flow, netdata-dashboard
- netifyd-dashboard, network-modes, traffic-shaper, vhost-manager
- wireguard-dashboard
API.js files (14 modules):
- Added "// Version: 0.2.2" comment
- Consistent version tracking across all modules
Dashboard CSS (13 modules):
- Added "Version: 0.3.0" in file headers
- Updated to use Design System variables
SecuBox CSS (6 files):
- alerts.css, dashboard.css, modules.css
- monitoring.css, secubox.css
- All updated to version 0.3.0
🔧 CSS Variables System
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
All modules now use consistent --sh-* CSS variables:
- --sh-text-primary / --sh-text-secondary
- --sh-bg-primary / --sh-bg-secondary / --sh-bg-tertiary / --sh-bg-card
- --sh-border / --sh-hover-bg / --sh-hover-shadow
- --sh-primary / --sh-primary-end (for gradients)
- --sh-success / --sh-danger / --sh-warning / --sh-info
- --sh-shadow
Benefits:
✓ Instant theme switching (light/dark mode)
✓ Easy color customization via CSS variables
✓ Consistent branding across all modules
✓ Reduced CSS duplication
✓ Better maintainability
📊 Statistics
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Files changed: 56 total
- New files: 14 (common.css + template)
- Modified files: 42
- 13 Makefiles (version updates)
- 14 API.js (version tracking)
- 13 dashboard.css (version headers)
- 6 secubox CSS files
- 1 settings.local.json
Total lines added: ~8,000+ (common.css templates)
Common CSS size: ~420 lines per module
Design system coverage: 100% (all 15 modules)
✅ Validation
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Validation script passed successfully:
- ✓ Check 1: RPCD naming (15 modules)
- ✓ Check 2: Menu paths (100+ views)
- ✓ Check 3: View files (2 warnings - debug files)
- ✓ Check 4: Permissions (15 RPCD scripts)
- ✓ Check 5: JSON syntax (30 files)
- ✓ Check 6: ubus naming (17 objects)
🎯 Migration Notes
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Developers:
1. Import common.css in your HTML/views
2. Use --sh-* CSS variables instead of hardcoded colors
3. Leverage pre-built components (.sh-card, .sh-btn-primary, etc.)
4. Follow responsive grid patterns
5. Test in both light and dark modes
Users:
- All modules now have consistent modern design
- Unified color scheme across entire SecuBox platform
- Better accessibility with improved contrast ratios
- Smooth animations and transitions
- Responsive design for mobile/tablet/desktop
📚 Documentation
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Reference:
- Design demo: https://cybermind.fr/apps/system-hub/demo.html
- Template: templates/common-css-template.css
- Guidelines: DEVELOPMENT-GUIDELINES.md
- Quick start: QUICK-START.md
Next Steps:
- Deploy modules to test environment
- Verify visual consistency
- Collect user feedback
- Fine-tune responsive breakpoints if needed
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-26 20:15:33 +01:00
4bdda363a0
fix: Standardize all plugins to v0.0.9 with unified patterns
...
- Update all 13 plugins maintainer to CyberMind <contact@cybermind.fr>
- Set version to 0.0.9 for internal release
- Fix API modules to use baseclass.extend() pattern (6 plugins)
- Ensure all RPCD scripts use luci.* prefix
- Validate menu/view/ACL coherence across all modules
Affected plugins:
- luci-app-auth-guardian
- luci-app-bandwidth-manager
- luci-app-cdn-cache
- luci-app-client-guardian
- luci-app-crowdsec-dashboard
- luci-app-ksm-manager
- luci-app-media-flow
- luci-app-netdata-dashboard
- luci-app-netifyd-dashboard
- luci-app-network-modes
- luci-app-traffic-shaper
- luci-app-vhost-manager
- luci-app-wireguard-dashboard
Validation: All modules pass validate-modules.sh checks
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-26 16:33:03 +01:00
0b824fc5b1
fix: standardize Makefile includes for GitHub Actions compatibility
...
Standardizes all Makefile include paths to use $(TOPDIR)/feeds/luci/luci.mk
instead of relative paths (../../luci.mk). This fixes firmware build failures
on GitHub Actions while maintaining local build compatibility.
Problem:
- Local builds worked with relative paths (../../luci.mk)
- GitHub Actions builds failed because packages are copied to
openwrt/package/secubox/ where relative paths don't work
- Inconsistent includes across packages caused build failures
Solution:
- Use absolute path: $(TOPDIR)/feeds/luci/luci.mk
- Works in both environments (local feed development AND GitHub Actions)
- Simplifies auth-guardian Makefile to use LuCI.mk template
Changes:
- auth-guardian: Converted to LuCI.mk template format
- bandwidth-manager, ksm-manager, media-flow: Updated includes
- system-hub, traffic-shaper, vhost-manager: Updated includes
All 15 packages now use consistent Makefile format.
Fixes: Firmware generation on GitHub Actions
Related: v0.1.2-alpha
2025-12-25 19:57:01 +01:00
75da2ddca4
fix: reorganize all modules under SecuBox menu hierarchy
...
- Add missing 'monitoring' and 'services' categories to main SecuBox hub
- Move system-hub, bandwidth-manager, traffic-shaper to SecuBox menus
- Move auth-guardian, ksm-manager to SecuBox security category
- All 15 modules now properly organized in 5 categories
Categories:
- Security & Access: 5 modules (auth-guardian, client-guardian, crowdsec, ksm-manager, netifyd)
- Monitoring & Analytics: 2 modules (mediaflow, netdata)
- Network Management: 5 modules (bandwidth-manager, cdn-cache, network-modes, traffic-shaper, wireguard)
- System & Performance: 1 module (system-hub)
- Services & Applications: 1 module (vhosts)
2025-12-25 14:37:41 +01:00
cf39eb6e1d
fix: resolve validation issues across all modules
...
- Fixed minified RPC declaration in secubox/modules.js that caused false positive in validation
- Added 30 missing menu entries across 10 modules:
* bandwidth-manager: clients, schedules
* client-guardian: zones, portal, logs, alerts, parental
* crowdsec-dashboard: metrics
* netdata-dashboard: system, processes, realtime, network
* netifyd-dashboard: talkers, risks, devices
* network-modes: router, accesspoint, relay, sniffer
* secubox: settings
* system-hub: components, diagnostics, health, remote, settings
* vhost-manager: internal, ssl, redirects
* wireguard-dashboard: traffic, config
- All modules now pass comprehensive validation (0 errors, 0 warnings)
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-25 09:01:06 +01:00
fa9bb2aee7
feat: complete Bandwidth Manager implementation with QoS and quotas
...
Implements comprehensive bandwidth management system with QoS traffic shaping,
client quotas, and SQM/CAKE integration for OpenWrt.
Features:
- QoS traffic shaping with rule-based control (application/port/IP/MAC)
- Per-rule download/upload limits with 8-level priority system
- Time-based scheduling support for rules
- Monthly data quotas per client (MAC address)
- iptables-based usage tracking with real-time statistics
- Configurable quota actions: throttle, block, or notify
- Automatic monthly reset with configurable reset day
- SQM/CAKE integration with NAT-aware configuration
- Link overhead compensation (Ethernet, PPPoE, VLAN)
- Alternative FQ_CoDel and HTB qdisc support
Components:
- RPCD backend (luci.bandwidth-manager): 10 ubus methods
* status, list_rules, add_rule, delete_rule
* list_quotas, get_quota, set_quota, reset_quota
* get_usage_realtime, get_usage_history
- 5 JavaScript views: overview, rules, quotas, usage, settings
- ACL with read/write permissions for all methods
- UCI config with global, SQM, tracking, alerts, rules, and quotas sections
- Comprehensive README with API docs and examples
Technical implementation:
- Traffic tracking via iptables BW_TRACKING chain
- Usage database in /tmp/bandwidth_usage.db (pipe-delimited format)
- Real-time client usage with 5-second auto-refresh
- Historical data with configurable timeframes (1h to 30d)
- Per-client quota progress visualization with color-coded bars
- TC (traffic control) integration for QoS enforcement
Architecture follows SecuBox standards:
- RPCD naming convention (luci. prefix)
- Menu paths match view file structure
- All JavaScript in strict mode
- Form-based configuration management
- Comprehensive error handling
Dependencies: tc, kmod-sched-core, kmod-sched-cake, kmod-ifb, sqm-scripts,
iptables, iptables-mod-conntrack-extra, ip-full
🤖 Generated with [Claude Code](https://claude.com/claude-code )
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2025-12-24 10:48:51 +01:00
f08c14f1d7
fix: hope modules refresh
2025-12-23 18:53:18 +01:00
6971fda569
fix: improve artifact publishing and build diagnostics
2025-12-23 18:40:35 +01:00
2e1fd21d18
css ready
2025-12-23 09:16:28 +01:00
9bad706ec6
Initial commit: SecuBox v1.0.0 - fixed packages makefiles
2025-12-22 16:13:16 +01:00
ef240b650b
Initial commit: SecuBox v1.0.0-try2
2025-12-22 10:43:52 +01:00
