gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
952 Commits 4 Branches 293 Tags 320 MiB
ae26317815
Commit Graph

7 Commits

Author SHA1 Message Date
CyberMind-FR
304ac7b9a1 feat: P2P App Store, Remote Access & Mesh Media packages 
P2P App Store Emancipation:
- secubox-p2p: Package distribution via mesh peers (CGI API, RPCD, CLI)
- packages.js: LuCI view with LOCAL/PEER badges, fetch/install actions
- devstatus.js: Dev Status widget with Gitea commits, v1.0 progress tracking
- secubox-feed: sync-content command for auto-installing content packages
- ACL fix for P2P feed RPCD methods

Remote Access:
- secubox-app-rustdesk: Native hbbs/hbbr relay server from GitHub releases
- secubox-app-guacamole: LXC Debian container with guacd + Tomcat (partial)

Content Distribution:
- secubox-content-pkg: Auto-package Metablogizer/Streamlit as IPKs
- Auto-publish hooks in metablogizerctl and streamlitctl

Mesh Media:
- secubox-app-ksmbd: In-kernel SMB3 server with ksmbdctl CLI
- Pre-configured shares for Jellyfin, Lyrion, Backup

UI Consistency:
- client-guardian: Ported to sh-page-header chip layout
- auth-guardian: Ported to sh-page-header chip layout

Fixes:
- services.js: RPC expect unwrapping bug fix
- metablogizer: Chunked upload for uhttpd 64KB limit

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-05 00:33:53 +01:00
CyberMind-FR
1652b39137 feat(p2p): Add decentralized threat intelligence sharing via mesh 
Share CrowdSec bans and mitmproxy detections between mesh nodes using
the existing blockchain chain + gossip sync. Received IOCs from trusted
peers are auto-applied as CrowdSec decisions based on a three-tier trust
model (direct/transitive/unknown).

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-03 11:13:51 +01:00
CyberMind-FR
a9130715e9 feat(p2p): Add SecuBox Factory unified dashboard with signed Merkle snapshots 
Implement mesh-distributed, cryptographically-validated control center:

- Add factory.sh library with Ed25519 signing via signify-openbsd
- Add Merkle tree calculation for /etc/config validation
- Add CGI endpoints: dashboard, tools, run, snapshot, pubkey
- Add KISS Web UI (~280 lines vanilla JS, inline CSS, zero deps)
- Add gossip-based 3-peer fanout for snapshot synchronization
- Add offline operations queue with replay on reconnect
- Add LuCI iframe integration under MirrorBox > Factory tab
- Configure uhttpd alias for /factory/ on port 7331
- Bump secubox-p2p version to 0.4.0

Factory UI accessible at http://<device>:7331/factory/

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 08:03:54 +01:00
CyberMind-FR
b2fc1b27d8 feat(p2p): Add MirrorBox overview and profiles pages 
Overview Page (SOC Admin Landing):
- Architecture diagram with layer visualization
- Modular component cards with status indicators
- Network topology with animated orbital nodes
- System status grid with health indicators
- Development roadmap timeline

Profiles Page (Dynamic Cloning):
- Component readiness tracking with progress bars
- Quick presets for common configurations
- Package feeds management with toggles
- Saved profiles list with load/delete
- Clone & deploy actions (export, import, sync, push)

Menu Structure:
- Renamed P2P Hub to MirrorBox
- Added Overview as landing page
- Added Profiles for cloning management

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-30 19:46:28 +01:00
CyberMind-FR
4b2241c86e feat(p2p): Add MirrorBox auto-init, self-recovery, and ACL fixes 
MirrorBox Auto-Init:
- Add blockchain-like gigogne P2P structure with peer zero (P0) genesis
- Auto-create self-mesh on page load with configurable depth
- Preserve MirrorBox peers during refresh cycles

Self-Recovery System:
- Add secubox-restore script for bootstrapping new OpenWrt boxes
- Generate customized bootstrap.sh in Gitea backups
- Support interactive and command-line restore modes

ACL Fixes:
- Add missing deploy/pull methods to luci-app-secubox-p2p ACL
- Add luci.gitea and luci.secubox-p2p access to luci-app-secubox ACL
- Fix null display issue in hub.js (changed to empty string)

Backup Enhancements:
- Fix syntax error in RPCD heredoc (openwrt_version line)
- Add branch reference to Gitea API calls (main branch)
- Include bootstrap.sh and secubox-restore in backup push

Documentation:
- Add comprehensive README.md for SecuBox P2P module

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-30 19:46:28 +01:00
CyberMind-FR
b7acc04a20 fix(p2p): Add ACL permissions for Gitea and backup RPCD methods 
Add missing ACL permissions for new RPCD methods:

Read permissions:
- get_gitea_config
- list_gitea_repos
- get_gitea_commits
- list_local_backups

Write permissions:
- set_gitea_config
- create_gitea_repo
- push_gitea_backup
- pull_gitea_backup
- create_local_backup
- restore_local_backup

Fixes: RPC call failed with error -32002: Access denied

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-30 19:46:28 +01:00
CyberMind-FR
2b913d5005 feat(p2p): Add SecuBox P2P Hub packages and Services Registry 
- Add secubox-p2p backend package:
  - UCI configuration for P2P settings, DNS federation, WireGuard mesh, HAProxy
  - RPCD handler for peer management, service discovery, mesh configuration
  - Init script and main P2P manager daemon

- Add luci-app-secubox-p2p frontend package:
  - Main hub view with master control, network matrix visualization
  - Peers management with discovery and manual add
  - Services view showing local and shared services
  - Mesh network configuration (DNS, WireGuard, HAProxy)
  - Settings for P2P and registry configuration

- Add Services Registry view to luci-app-secubox
- Add listProfiles/applyProfile to secubox-admin API
- Fix P2P ACL permissions
- Remove old hub.js from luci-app-secubox (moved to dedicated package)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-30 19:46:28 +01:00