secubox-openwrt

gandalf/secubox-openwrt

Fork 0

Commit Graph

Author	SHA1	Message	Date
CyberMind-FR	e7b6039c96	feat(portal): Add SSO authentication with SecuBox core users Portal login now authenticates against SecuBox users (UCI config) instead of hardcoded credentials. New RPCD methods in luci.secubox-users: - authenticate: Verify username/password, return session token - recover: Send password reset email - reset_password: Set new password with recovery token Portal pages: - login.html: Login form with password recovery link - reset.html: Password reset form (from email link) Features: - SHA256 password hashing - Session tokens stored in /tmp/secubox-sessions/ - Email-based password recovery via mailctl - Public ACL access (no LuCI login required) - Passwords synced to services if sync_passwords=1 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-21 12:58:38 +01:00
CyberMind-FR	58220065b5	feat(v0.23.0): Matrix homeserver, SaaS Relay CDN caching, Media Hub dashboard Matrix Homeserver (Conduit): - E2EE mesh messaging using Conduit v0.10.12 in LXC container - matrixctl CLI: install/uninstall, user/room management, federation - luci-app-matrix: status cards, user form, emancipate, mesh publish - RPCD backend with 17 methods - Identity (DID) integration and P2P mesh publication SaaS Relay CDN Caching & Session Replay: - CDN cache profiles: minimal, gandalf (default), aggressive - Session replay modes: shared, per_user, master - saasctl cache/session commands for management - Enhanced mitmproxy addon (415 lines) with response caching Media Services Hub Dashboard: - Unified dashboard at /admin/services/media-hub - Category-organized cards (streaming, conferencing, apps, etc.) - Service status indicators with start/stop/restart controls - RPCD backend querying 8 media services Also includes: - HexoJS static upload workflow and multi-user auth - Jitsi config.js Promise handling fix - Feed package updates Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-20 11:44:26 +01:00
CyberMind-FR	b6747c197e	feat(security): Add instant ban feature and user management - Add enhanced instant ban for critical threats (SQL injection, CVE exploits, RCE) - CrowdSec trigger scenario for single-hit bans on severity=critical - Instant ban daemon (10s polling) for rapid response - UCI options: instant_ban_enabled, instant_ban_duration (48h default) - WAF addon updated to route critical threats to instant-ban.log - Add centralized user management (secubox-core-users, luci-app-secubox-users) - CLI tool: secubox-users add/del/passwd/list/sync/status - LuCI dashboard under System > SecuBox Users - Unified user provisioning across Nextcloud, PeerTube, Matrix, Jabber, Email - Add Matrix/Conduit integration (secubox-app-matrix, luci-app-matrix) - LXC-based Conduit homeserver deployment - Full RPCD handler with user/room management - HAProxy integration for federation - Add provision-users.sh script for bulk user creation - Update secubox-feed with new IPKs Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-19 20:17:28 +01:00

Author

SHA1

Message

Date

CyberMind-FR

e7b6039c96

feat(portal): Add SSO authentication with SecuBox core users

Portal login now authenticates against SecuBox users (UCI config)
instead of hardcoded credentials.

New RPCD methods in luci.secubox-users:
- authenticate: Verify username/password, return session token
- recover: Send password reset email
- reset_password: Set new password with recovery token

Portal pages:
- login.html: Login form with password recovery link
- reset.html: Password reset form (from email link)

Features:
- SHA256 password hashing
- Session tokens stored in /tmp/secubox-sessions/
- Email-based password recovery via mailctl
- Public ACL access (no LuCI login required)
- Passwords synced to services if sync_passwords=1

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-21 12:58:38 +01:00

CyberMind-FR

58220065b5

feat(v0.23.0): Matrix homeserver, SaaS Relay CDN caching, Media Hub dashboard

Matrix Homeserver (Conduit):
- E2EE mesh messaging using Conduit v0.10.12 in LXC container
- matrixctl CLI: install/uninstall, user/room management, federation
- luci-app-matrix: status cards, user form, emancipate, mesh publish
- RPCD backend with 17 methods
- Identity (DID) integration and P2P mesh publication

SaaS Relay CDN Caching & Session Replay:
- CDN cache profiles: minimal, gandalf (default), aggressive
- Session replay modes: shared, per_user, master
- saasctl cache/session commands for management
- Enhanced mitmproxy addon (415 lines) with response caching

Media Services Hub Dashboard:
- Unified dashboard at /admin/services/media-hub
- Category-organized cards (streaming, conferencing, apps, etc.)
- Service status indicators with start/stop/restart controls
- RPCD backend querying 8 media services

Also includes:
- HexoJS static upload workflow and multi-user auth
- Jitsi config.js Promise handling fix
- Feed package updates

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-20 11:44:26 +01:00

CyberMind-FR

b6747c197e

feat(security): Add instant ban feature and user management

- Add enhanced instant ban for critical threats (SQL injection, CVE exploits, RCE)
  - CrowdSec trigger scenario for single-hit bans on severity=critical
  - Instant ban daemon (10s polling) for rapid response
  - UCI options: instant_ban_enabled, instant_ban_duration (48h default)
  - WAF addon updated to route critical threats to instant-ban.log

- Add centralized user management (secubox-core-users, luci-app-secubox-users)
  - CLI tool: secubox-users add/del/passwd/list/sync/status
  - LuCI dashboard under System > SecuBox Users
  - Unified user provisioning across Nextcloud, PeerTube, Matrix, Jabber, Email

- Add Matrix/Conduit integration (secubox-app-matrix, luci-app-matrix)
  - LXC-based Conduit homeserver deployment
  - Full RPCD handler with user/room management
  - HAProxy integration for federation

- Add provision-users.sh script for bulk user creation
- Update secubox-feed with new IPKs

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-19 20:17:28 +01:00

3 Commits