gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,498 Commits 4 Branches 293 Tags 320 MiB
f424ec72c1
Commit Graph

9 Commits

Author SHA1 Message Date
CyberMind-FR
29d309649e feat(wireguard): Implement Reverse MWAN WireGuard v2 Phase 1 
WireGuard mesh peers as backup internet uplinks via mwan3 failover.

CLI (wgctl) uplink commands:
- uplink list/add/remove/status/test - Manage peer uplinks
- uplink failover enable/disable - Toggle automatic failover
- uplink priority/offer/withdraw - Priority and mesh advertising

Uplink Library (/usr/lib/wireguard-dashboard/uplink.sh):
- Gossip protocol integration via secubox-p2p
- WireGuard interface creation with IP allocation (172.31.x.x/16)
- mwan3 failover integration
- Connectivity testing and latency measurement

RPCD Backend (9 new methods):
- Read: uplink_status, uplinks
- Write: add_uplink, remove_uplink, test_uplink, offer_uplink,
         withdraw_uplink, set_uplink_priority, set_uplink_failover

UCI Config (/etc/config/wireguard_uplink):
- Global settings: auto_failover, failover_threshold, ping_interval
- Provider settings: offering state, bandwidth/latency advertisement
- Per-uplink config: interface, peer_pubkey, endpoint, priority

Phase 2 pending: LuCI dashboard integration

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-01 15:43:17 +01:00
CyberMind-FR
02126aa7d3 feat(wireguard-dashboard): Persist server endpoints in UCI for reuse across views 
Server endpoints were stored only in browser sessionStorage, lost on tab
close/refresh. Now endpoints are saved in a dedicated UCI config file
(wireguard_dashboard) with RPCD methods to manage them. The wizard
auto-saves the endpoint after tunnel creation, and peers/QR views use a
dropdown of saved endpoints instead of requiring manual re-entry.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-03 18:32:36 +01:00
CyberMind-FR
75e3f59207 fix(wireguard-dashboard): Bypass jshn for QR code output to avoid argument size limit 
The base64-encoded SVG QR code exceeded jshn's argument list limit,
causing "Argument list too long" errors. Build the JSON response
manually via file I/O so the large string is never passed as a
command argument.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-03 16:57:53 +01:00
CyberMind-FR
2ab0965917 feat(wireguard-dashboard): Persist peer private keys in UCI for QR code generation 
Store the client private key in UCI config (_client_private_key) when a
peer is created, so QR codes and config files can be generated after
page refresh without prompting the user to manually re-enter the key.
Old peers without stored keys still get the manual entry fallback.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-03 16:54:26 +01:00
CyberMind-FR
dcc000c55d fix(wireguard-dashboard): Fix QR code generation 
- Use SVG output instead of PNG (PNG disabled in OpenWrt qrencode)
- Fix endpoint port duplication when port already in endpoint string

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-01 08:56:25 +01:00
CyberMind-FR
329d5febb9 fix(mitmproxy,tor-shield): Add transparent mode firewall support 
- Add RPCD methods to mitmproxy: settings, save_settings, set_mode,
  setup_firewall, clear_firewall
- Add apply_now parameter to tor-shield save_settings to restart
  service and apply iptables rules immediately
- Update ACL files with new permissions
- Add Save & Apply button to tor-shield settings page
- Update api.js files to use correct RPCD method signatures

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-30 19:46:26 +01:00
CyberMind-FR
5e29599682 feat(wireguard-dashboard,webapp): Add setup wizard, admin sessions, and blocking stats 
WireGuard Dashboard v0.7.0:
- Add zone-based setup wizard with 4-step flow
- Add tunnel presets (road-warrior, site-to-site, iot-tunnel)
- Add zone presets (home-user, remote-worker, mobile, iot, guest, server)
- Add interface control (up/down/restart)
- Add peer ping functionality
- Add bandwidth rates monitoring
- Comprehensive wizard CSS styles

SecuBox Webapp v1.5.0:
- Add admin sessions list showing authenticated LuCI users with IP source
- Add blocking statistics (today's bans, blocked attempts, top scenario, unique IPs)
- Integrate stats from CrowdSec decisions and alerts

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-21 15:40:46 +01:00
CyberMind-FR
9ef0b6db18 feat: WireGuard Dashboard v0.5.0 - Bug fixes and enhancements 
Bug fixes:
- Fix QR code generation with JavaScript fallback library
- Add missing API helper functions (getPeerStatusClass, shortenKey)
- Fix traffic stats subshell variable scope bug
- Fix peer add/remove UCI handling with unique section names

Enhancements:
- Add real-time auto-refresh with poll.add() (5s default)
- Add SVG-based traffic charts component
- Add peer configuration wizard with IP auto-suggestion
- Add multi-interface management with tabs

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-09 09:32:31 +01:00
CyberMind-FR
31a87c5d7a feat(structure): reorganize luci-app packages into package/secubox/ + appstore migration 
Major structural reorganization and feature additions:

## Folder Reorganization
- Move 17 luci-app-* packages to package/secubox/ (except luci-app-secubox core hub)
- Update all tooling to support new structure:
  - secubox-tools/quick-deploy.sh: search both locations
  - secubox-tools/validate-modules.sh: validate both directories
  - secubox-tools/fix-permissions.sh: fix permissions in both locations
  - .github/workflows/test-validate.yml: build from both paths
- Update README.md links to new package/secubox/ paths

## AppStore Migration (Complete)
- Add catalog entries for all remaining luci-app packages:
  - network-tweaks.json: Network optimization tools
  - secubox-bonus.json: Documentation & demos hub
- Total: 24 apps in AppStore catalog (22 existing + 2 new)
- New category: 'documentation' for docs/demos/tutorials

## VHost Manager v2.0 Enhancements
- Add profile activation system for Internal Services and Redirects
- Implement createVHost() API wrapper for template-based deployment
- Fix Virtual Hosts view rendering with proper LuCI patterns
- Fix RPCD backend shell script errors (remove invalid local declarations)
- Extend backend validation for nginx return directives (redirect support)
- Add section_id parameter for named VHost profiles
- Add Remove button to Redirects page for feature parity
- Update README to v2.0 with comprehensive feature documentation

## Network Tweaks Dashboard
- Close button added to component details modal

Files changed: 340+ (336 renames with preserved git history)
Packages affected: 19 luci-app, 2 secubox-app, 1 theme, 4 tools

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-01 14:59:38 +01:00