- Fix file permissions (chmod 644/755) after upload
- Use site_${name} UCI section naming for metablogizer
- Auto-assign port and call metablogizerctl publish
- Generate README.nfo for new droplets
- Handle both old/new section naming in list/remove
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The 'file' command is not available on OpenWrt. Replaced
mime-type detection with extension parsing (.html, .htm, .zip).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Simple drag-and-drop publishing for HTML/ZIP files:
- Auto-detects content type (static/streamlit/hexo)
- Creates vhosts at gk2.secubox.in by default
- Registers with metablogizer or streamlit accordingly
- CLI: dropletctl publish/list/remove/rename
- LuCI drag-drop interface at Services > Droplet
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Replace gsub(/[\[\]]/) with two sub() calls for section parsing
- Use explicit pattern matching for each NFO field
- Single-pass awk extraction for all 7 fields (category, desc, keywords, caps, audience, icon, version)
- Remove NFO parser library dependency (now uses direct awk)
- Simplify capability tracking with tr instead of for loop
Tested: 110 NFO entries now correctly extracted from 239 total items
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Scan all HAProxy vhosts (243 total) in addition to MetaBlogizer/Streamlit
- New "service" type for HAProxy-only vhosts (purple theme)
- Backend-based categorization (jellyfin→Média, gitea→Développement, etc.)
- Stats bar shows Services count
- Category tabs include Services filter
- 236 total items now displayed (vs 3 before)
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- MetaBlog NFO support: read descriptions, keywords, capabilities
- Version badges on cards with NFO version info
- Capability filter cloud: clickable capability badges
- Audience filter bar: filter by target audience
- Dynamic preview modal: click eye button to preview site in iframe
- Enhanced search: searches all NFO metadata fields
- NFO stats counter in stats bar
UI enhancements:
- Preview button appears on hover
- Modal with full-screen iframe preview
- ESC key and click-outside to close
- "Open in new tab" link in preview footer
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Dashboard stats row uses 5 columns but only grid classes 2-4 were
defined, causing statistics to display in a single line.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- WIP.md: Added Config Vault and System Hardware Report to completed items
- WIP.md: Updated Next Up section (removed completed Session Replay)
- HISTORY.md: Added entry 102 for System Hardware Report
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
New packages:
- secubox-app-config-vault: Git-based config versioning CLI (configvaultctl)
- luci-app-config-vault: KISS-themed dashboard with status rings
Features:
- 9 configuration modules (users, network, services, security, etc.)
- Auto-commit and auto-push to private Gitea repository
- Export/import clone tarballs for device provisioning
- Commit history browser with restore capability
Also adds System Hardware Report to secubox-app-reporter:
- CPU/Memory/Disk/Temperature gauges with animations
- Environmental impact card (power/kWh/CO₂ estimates)
- Health recommendations based on system metrics
- Debug log viewer with severity highlighting
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
New meta-status report combining dev + services with enhanced visuals:
- Stats rings with conic gradients (health, services, uptime)
- Channel distribution bars (Tor/DNS/Mesh percentages)
- Stat cards with icons and gradients
- Recent completions and WIP sections
- Roadmap progress visualization
- Top services tables
Email configuration:
- Default to local mailserver (127.0.0.1:25)
- Default recipient: gk2@secubox.in
- No TLS for local delivery
CLI: secubox-reportctl generate meta
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Reports were created with 600 permissions, preventing web access.
Now explicitly sets chmod 644 after file generation.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- HISTORY.md: Added LuCI dashboard and RPCD methods to entry #100
- WIP.md: Updated with LuCI frontend details
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
KISS-themed dashboard for SecuBox Report Generator:
- Status overview with report counts and schedule status
- Quick action cards for dev/services/all reports
- Generate and Send buttons with email support
- Reports list with view/delete actions
- Schedule configuration (daily/weekly/off)
- Email configuration status and test button
RPCD Methods:
- status: Get generator status and report counts
- list_reports: List all generated reports with metadata
- generate/send: Create reports (optionally send via email)
- schedule: Configure cron schedules
- delete_report: Remove report files
- test_email: Send test email
Menu: SecuBox → System → Report Generator
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Two-report system for SecuBox status reporting:
- Development Status Report: health score, HISTORY.md completions, WIP items, roadmap progress
- Services Distribution Report: Tor hidden services, DNS/SSL vhosts, mesh services
Features:
- CLI: secubox-reportctl generate|send|schedule|status|preview|list|clean
- HTML output with KissTheme dark styling
- Email delivery via msmtp/sendmail with MIME multipart
- UCI configuration for SMTP and scheduling
- Cron integration for automated reports
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Replace hardcoded #fff backgrounds with var(--kiss-bg) dark theme
- Convert all text colors to var(--kiss-text) and var(--kiss-muted)
- Update borders to var(--kiss-line) for consistent styling
- Use color-mix() for transparent accent backgrounds
- Map --sb-* variables to --kiss-* for unified theming
Fixes white background issue on admin dashboard.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Replace hardcoded rgba() colors with var(--kiss-purple), var(--kiss-text), var(--kiss-muted)
- Use color-mix() for transparent purple backgrounds and borders in service links
- Consistent styling with KissTheme design system
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add --httpaddr 0.0.0.0 to squeezeboxserver startup args
- Set httpaddr in default server.prefs
- Improve DNS config with multiple nameservers and search domain
Fixes Squeezebox devices on WAN network (192.168.1.x) getting
"connection reset by peer" when trying to stream from Lyrion
bound only to LAN IP (192.168.255.1).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Replace hardcoded RGBA colors with kiss-badge-green/kiss-badge-red
classes for consistent theming of port status indicators.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Edit, pull, and push Streamlit apps via Gitea:
CLI (slforge):
- edit: Open app source in Gitea web editor
- pull: Pull latest changes from Gitea repo
- push: Commit and push local changes to Gitea
- preview: Generate HTML preview of app
- Auto-creates org/repo on first edit
RPCD (5 new methods):
- gitea_status: Check Gitea connectivity and app repo status
- edit: Get Gitea editor URL for app
- pull: Pull from Gitea to local
- push: Push local changes to Gitea
- preview: Generate preview capture
LuCI (overview.js):
- Gitea status card with connection indicator
- Edit button opens Gitea web editor
- Pull button syncs from remote
- Editor modal for inline editing
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- generate_landing() now uses /usr/share/metacatalog/templates/landing.html.tpl
- Fallback to basic inline HTML if template missing
- Enables easier landing page customization
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- New scan_haproxy() function indexes HAProxy vhosts as catalog entries
- Skips entries already indexed from MetaBlogizer/Streamlit sources
- Extracts backend, port, SSL/WAF status from UCI config
- Auto-detects content type from backend name (streamlit, metablog, media, cloud)
- Updated cmd_scan to include haproxy source
- Total entries: 120 -> 246
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
New luci-app-metacatalog package:
- RPCD backend with 10 methods (list_entries, list_books, search, etc.)
- ACL permissions for read/write access
- Menu entry under SecuBox
- KISS-themed dashboard with:
- Stats chips (entries, metablogs, streamlits, books)
- Virtual books shelf with color-coded cards
- Entry links to published content
- Sync button for manual refresh
- Landing page link
Deployed and tested on router.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add automatic mitmproxy route sync after vhost operations
- Route through WAF by default: sets original_backend for route resolution
- Add --nowaf option to bypass WAF routing if needed
- Prevents missing routes when creating new vhosts
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Problem: get_overview RPC was timing out (30s+) due to 12+ sequential
cscli calls with CAPI data, causing "TypeError: can't assign to property
'countries' on 5" in LuCI.
Solution:
- Pre-cached architecture with /tmp/secubox/crowdsec-overview.json
- get_overview() returns cached data instantly (0.08s)
- refresh_overview_cache() runs via cron every minute
- Reduced cscli calls from 12 to 4 (metrics, decisions, alerts, bouncers)
- Extract flat decisions array using jsonfilter
- Manual JSON building to avoid jshn argument size limits
- Add /etc/cron.d/crowdsec-dashboard for periodic refresh
Also includes:
- Streamlit Control: Deploy functionality like metablogizer
- Streamlit Control: Enhanced Security page with WAF/CrowdSec data
- mitmproxy LuCI: Add timeout race to prevent page hang
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- get_installed_apps: Returns installed apps with menu paths and status
- get_kiss_menu: Returns dynamic menu by category (security, system, productivity, media)
- Enables KISS UI to dynamically show installed apps
- Updated ACL to include new methods
Also on router:
- Created rpcd-watchdog service that monitors rpcd every 60s
- Automatically restarts rpcd if luci module fails
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Use printf to generate actual escape sequences instead of literal strings
- Fixes colors not rendering in 'secubox help' output
- POSIX sh heredoc doesn't interpret \033 escapes
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Custom ASCII art banner with SecuBox branding
- Shows helpful info: CLI help, dashboard URL
- Installed to /etc/banner on device
- Added to conffiles for upgrade preservation
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- PeerTube port conflict resolved (9001 → 9002)
- Lyrion moved to port 9000
- Fixed PeerTube database hostname config
- Updated mitmproxy routes for both services
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Without this rule, the build system attempts to run 'make' in the
build directory, which fails because there's no Makefile there.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix get_next_port() to check both uhttpd and metablogizer configs
- Add check-ports command to scan for duplicate port assignments
- Add fix-ports command to auto-assign new ports to duplicates
- Update WIP.md with 2026-03-10 changes
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- WIP.md: Add health check panel and admin routing entries
- HISTORY.md: Add entries #79-80 for health check and WAF routing
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add get_service_health RPCD method to check all HAProxy routes
- Integrate /usr/sbin/service-health-check for backend HTTP probing
- Add health panel in services.js with up/down stats and health %
- Display down services list with tooltips showing IP:port
- Add refresh button for manual health check trigger
- Update ACL with get_service_health read permission
- 5-minute cache for health data with force-refresh option
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- 4-layer architecture visualization (Core, AI, MirrorNet, Certification)
- 22+ features with dependency tracking (dependsOn/usedBy)
- 80+ components with status indicators
- Interactive filters: layer, status, category with localStorage persistence
- Feature cards: click to expand and see full dependencies
- Live RPCD data refresh (60s auto-refresh)
- Standalone HTML page for public access (/dev-status.html)
- ES5 compatible for older browsers
- Milestone timeline to v1.0
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
