Use DOM property assignment (cb.checked = value) instead of HTML
attribute ('checked': false) which browsers treat as checked since
any attribute presence means ON for boolean HTML attributes.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Collapse 4-tab UI into single-table view. Enrich scan with real names
from uhttpd UCI, streamlit UCI, docker containers, glances and Lyrion.
Add vhost_list RPCD method to show HAProxy domains and uhttpd instances.
Fix RPC expect unwrapping, trim CSS from 870 to 178 lines.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The install_requirements() function only matched requirements.txt exactly,
missing files like requirements_bazi.txt shipped in user ZIP uploads. Now
falls back to any requirements*.txt file. RPCD upload handlers (upload_zip,
upload_finalize) also trigger pip install inside the container at deploy time.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
uhttpd-mod-ubus silently rejects JSON-RPC requests >64KB with "Parse error",
causing uploads of .py files >48KB to fail with "No related RPC reply".
- Add chunked upload (upload_chunk + upload_finalize) that splits base64
content into 40KB pieces sent sequentially, then reassembles server-side
- Frontend auto-selects chunked upload when content exceeds 40KB
- Stop polling during upload to prevent RPC batch conflicts
- RPCD handlers use cat-to-tempfile instead of shell variables for stdin
to avoid BusyBox argument size limits
- Container startup script handles top-level .py files (not just subdirs)
- streamlitctl cmd_instance_start also handles top-level .py files
- Add upload_chunk and upload_finalize to ACL
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Read all files as ArrayBuffer and use Uint8Array chunked encoding
for base64, replacing btoa(text) which throws DOMException on
non-ASCII characters (accents, CJK, etc).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Fix ZIP upload: install unzip dependency, fix empty array check
(jsonfilter returns "[ ]" not "[]"), redirect unzip stdout to
prevent JSON corruption, use readAsArrayBuffer instead of
deprecated readAsBinaryString, add .catch() error handler
- Fix list_apps to scan subdirectories for ZIP-uploaded apps,
skip Streamlit pages/ convention dir, prefer app.py as entry point
- Fix set_active_app: replace broken streamlitctl call with direct
UCI update
- Fix remove_app: replace broken streamlitctl call with direct
file removal and UCI cleanup
- Fix add_app: replace broken streamlitctl call with direct UCI
- Add rename_app and rename_instance RPCD methods with ACL entries
- Activate now auto-creates an instance with next available port
- Apps list shows UCI display name separate from filesystem ID
- Sanitize uploaded filenames for UCI compatibility
- Add rename buttons and modals for apps and instances
- Add error notifications for failed deletes
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Adds get_gitea_config, gitea_list_repos to read permissions and
save_gitea_config, gitea_clone, gitea_pull, preview_zip, upload_zip
to write permissions, fixing "Access denied" (-32002) errors.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Add gte-small embedding model preset to localaictl with proper YAML
config (embeddings: true, context_size: 512)
- Fix RPC expect declarations across api.js, dashboard.js, models.js to
use empty expect objects, preserving full response including error fields
- Replace fragile sed/awk JSON escaping in RPCD chat and completion
handlers with file I/O streaming through awk for robust handling of
special characters in LLM responses
- Switch RPCD chat handler from curl to wget to avoid missing output
file on timeout (curl doesn't create -o file on exit code 28)
- Bypass RPCD 30s script timeout for chat by calling LocalAI API
directly from the browser via fetch()
- Add embeddings flag to models RPC and filter embedding models from
chat view model selector
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Health check grep was case-sensitive ("ok") but LocalAI returns "OK".
Uptime detection fell into the lxc-info branch (command exists on router)
even though no localai container runs, causing uptime to always be 0.
Simplified to always use /proc/PID which works for both native and
containerized processes.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Server endpoints were stored only in browser sessionStorage, lost on tab
close/refresh. Now endpoints are saved in a dedicated UCI config file
(wireguard_dashboard) with RPCD methods to manage them. The wizard
auto-saves the endpoint after tunnel creation, and peers/QR views use a
dropdown of saved endpoints instead of requiring manual re-entry.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Change generateConfig/generateQR RPC declarations to use empty expect
so error responses are not silently discarded by LuCI's RPC unwrapper
- Simplify handleShowQR to always check backend for stored key first
- Auto-detect next available interface name in wizard (wg1 if wg0 exists)
- Pass private key to addPeer in wizard's createPeers for QR persistence
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The base64-encoded SVG QR code exceeded jshn's argument list limit,
causing "Argument list too long" errors. Build the JSON response
manually via file I/O so the large string is never passed as a
command argument.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Store the client private key in UCI config (_client_private_key) when a
peer is created, so QR codes and config files can be generated after
page refresh without prompting the user to manually re-enter the key.
Old peers without stored keys still get the manual entry fallback.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Prevent odhcpd crashes from MAC randomization causing hostname conflicts,
stale lease pile-up, and lease flooding. Adds hostname dedup, stale lease
cleanup, flood detection, CLI commands, RPC methods, and LuCI dashboard card.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Rename package folder to follow secubox-app-* convention and add
luci-app-mac-guardian with KISS dashboard: status cards, client table
with trust/block actions, recent alerts, and configuration form.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Pure-shell WiFi MAC address security monitor detecting randomized MACs,
OUI anomalies, MAC floods, and spoofing. Integrates with CrowdSec via
JSON log parsing and provides real-time hostapd hotplug detection.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Server mode routes all outbound traffic through Tor while preserving
inbound connections (HAProxy, etc) on the public IP. Fixes kill switch
blocking response packets by adding ESTABLISHED,RELATED conntrack rule,
and adds PREROUTING chain for LAN client Tor routing.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
LuCI's E() renders null array children as literal "null" text.
Use concat with empty arrays instead of ternary-to-null for
conditional peer/IOC table sections and top-level sections.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The process name is mitmweb (not mitmdump) when running inside the
mitmproxy LXC container. Use pgrep -f mitmweb for correct detection.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Share CrowdSec bans and mitmproxy detections between mesh nodes using
the existing blockchain chain + gossip sync. Received IOCs from trusted
peers are auto-applied as CrowdSec decisions based on a three-tier trust
model (direct/transitive/unknown).
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Generate a minimal IPK on-the-fly when a client visits the master-link
landing page, so the "Download Package" step always works even without
a pre-built IPK bundle. The IPK configures the peer via postinst uci
commands (avoiding file conflicts with secubox-master-link), and can be
installed directly via opkg install URL from SSH.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Add wan_access UCI option and LuCI checkbox to optionally open Lyrion
ports (9000, 9090, 3483 TCP+UDP) on the WAN interface. WAN rules are
automatically removed when the option is disabled.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Open LAN firewall ports (TCP 9000/9090/3483, UDP 3483) on install and
service start so Squeezebox devices can discover and connect to Lyrion.
Fix LXC config to use host networking properly and add missing Docker
TCP 9090 CLI port mapping.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Read timestamp, approved_at, and other fields into variables before
`cat > "$request_file"` truncates the file. Fixes invalid JSON output
(`"timestamp": ,`) in ml_join_approve, ml_join_reject, and
ml_promote_to_submaster.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Hyphens in RPCD filenames break ubus CLI argument parsing. Rename
luci.master-link to luci.master_link and update all references in
the JS view, ACL, and Makefile. Also pipe RPCD method output through
tr -d '\n\t' so ubus receives single-line JSON it can parse.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Use >/dev/null 2>&1 instead of just 2>/dev/null when sourcing
master-link.sh and calling chain_add_block, mesh_init, peer_add,
factory_trust_peer, and gossip_sync to prevent p2p-mesh.sh usage
text and block hashes from corrupting CGI JSON responses.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Implement secubox-master-link (backend) and luci-app-master-link (LuCI
frontend) for secure node onboarding into the SecuBox mesh via
HMAC-SHA256 join tokens, blockchain-backed peer trust, and gigogne
(nested) hierarchy with depth limiting.
Backend provides: token management, join/approve/reject protocol, IPK
bundle serving, CGI API endpoints, and a dark-themed landing page for
new nodes. Frontend provides a 3-tab LuCI view (overview, join requests,
mesh tree) with RPCD integration.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
grep -c returns exit code 1 when no matches found (even though it
outputs 0), causing `|| echo 0` to append an extra 0 and corrupt
the JSON response. This broke ubus calls and LuCI status display.
Use `: ${var:=0}` pattern instead to provide defaults.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- Read LXC path from /etc/lxc/lxc.conf instead of hardcoding /var/lib/lxc
(OpenWrt uses /srv/lxc by default)
- Skip Alpine rootfs download if file already exists in /tmp
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The factory_audit_log function's ubus call was only redirecting stderr,
allowing stdout JSON output to leak into CGI responses when Gitea backup
is enabled. This caused JSON parse errors in the Factory dashboard when
creating snapshots.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
- secubox-app-mitmproxy: Sensitivity-based auto-ban system
- luci-app-mitmproxy: Updated frontend
- luci-app-crowdsec-dashboard: Ban button on alerts page
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
WAF Auto-ban Features:
- Three sensitivity levels: aggressive, moderate, permissive
- Aggressive: Immediate ban on first critical threat
- Moderate: Ban after 3 attempts in 5 minutes (default)
- Permissive: Ban after 5 attempts in 1 hour
- Attempt tracking with configurable thresholds
Critical threats (immediate in aggressive/moderate):
- CVE exploits, SQL injection, Command injection
- XXE, Log4Shell, SSTI attacks
CrowdSec Integration:
- Auto-ban requests written to /srv/mitmproxy/autoban-requests.log
- Cron job processes bans every minute via mitmproxyctl
- Bans sent to CrowdSec for network-wide enforcement
New Commands:
- mitmproxyctl process-autoban: Process pending bans
- mitmproxyctl reload-autoban: Reload config after UCI changes
CrowdSec Dashboard:
- Added ban button to alerts page
- Modal confirmation with 24h ban duration
- Real-time banned IP tracking
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Integrate SimpleX Chat SMP and XFTP servers for privacy-focused messaging:
- secubox-app-simplex: Backend with LXC container management
- SMP server for message relay (port 5223)
- XFTP server for encrypted file sharing (port 443)
- Auto-download of SimpleX binaries for aarch64/x86_64
- TLS certificate generation (self-signed or Let's Encrypt)
- Firewall and HAProxy integration
- luci-app-simplex: LuCI dashboard with:
- Service status monitoring
- Server address display with copy-to-clipboard
- Full configuration forms for SMP, XFTP, and TLS
- Install/certificate management actions
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Restored the original settings.js functionality as setup.js with
updated nav references. The simplified version was broken.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The settings page was showing "CAPI: Error" because the status
method didn't return the capi_enrolled field. Added CAPI status
check to get_status() so the health display shows correct status.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Content-Type based CVE detection must happen before SSRF patterns
to avoid false positives when routing through localhost.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
