gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,482 Commits 4 Branches 293 Tags 320 MiB
fd54253f66
Commit Graph

14 Commits

Author SHA1 Message Date
CyberMind-FR
a8f6408e58 refactor(luci-app-secubox-admin): Convert dashboard to KissTheme CSS variables 
- Replace hardcoded rgba() colors with var(--kiss-purple), var(--kiss-text), var(--kiss-muted)
- Use color-mix() for transparent purple backgrounds and borders in service links
- Consistent styling with KissTheme design system

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-13 07:30:20 +01:00
CyberMind-FR
81b61802d2 status 2026-03-13 07:24:15 +01:00
CyberMind-FR
e58f479cd4 feat(waf): Update WAF scenarios with 2024-2025 CVEs and OWASP threats 
Add detection patterns for latest actively exploited vulnerabilities:
- CVE-2025-55182 (React2Shell, CVSS 10.0)
- CVE-2025-8110 (Gogs RCE), CVE-2025-53770 (SharePoint)
- CVE-2025-52691 (SmarterMail), CVE-2025-40551 (SolarWinds)
- CVE-2024-47575 (FortiManager), CVE-2024-21887 (Ivanti)
- CVE-2024-3400, CVE-2024-0012, CVE-2024-9474 (PAN-OS)

New attack categories based on OWASP Top 10 2025:
- HTTP Request Smuggling (TE.CL/CL.TE conflicts)
- AI/LLM Prompt Injection (ChatML, instruction markers)
- WAF Bypass techniques (Unicode normalization, double encoding)
- Supply Chain attacks (CI/CD poisoning, dependency confusion)
- Extended SSTI (Jinja2, Freemarker, Velocity, Thymeleaf)
- API Abuse (BOLA/IDOR, mass assignment)

CrowdSec scenarios split into 11 separate files for reliability.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-12 05:02:57 +01:00
CyberMind-FR
b1c22b7f10 feat(dashboard): Add system overview infographic to LuCI admin 
- Add get_system_overview RPCD method
- Add renderSystemOverview to admin dashboard.js
- Display system health, resources, services, network, security stats
- Styled with cyberpunk theme

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-10 10:21:15 +01:00
CyberMind-FR
cc86aa7f84 feat(portal): Add dynamic services discovery from listening ports 
- Add get_services RPCD method to detect listening TCP services
- Map known ports to service names, icons, and categories
- Display clickable service cards in portal Services tab
- Services link directly to their URLs (e.g., :3000 for Gitea)
- Filter to show only externally accessible services with URLs
- Add ACL permissions for portal and admin apps

Detected services include: Gitea, HexoJS, CyberFeed, Streamlit,
HAProxy Stats, Netifyd, LuCI, Lyrion, and more.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-25 08:12:51 +01:00
CyberMind-FR
db3a41928e fix(luci): Fix require syntax in all LuCI views - use slashes instead of dots 
All 'require module.submodule' directives changed to 'require module/submodule'
to match LuCI's module loading convention.

Affected packages:
- luci-app-auth-guardian
- luci-app-glances
- luci-app-localai
- luci-app-magicmirror2
- luci-app-mitmproxy
- luci-app-mmpm
- luci-app-mqtt-bridge
- luci-app-ndpid
- luci-app-network-modes
- luci-app-secubox-admin
- luci-app-secubox-portal
- luci-app-wireguard-dashboard

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-21 17:15:21 +01:00
CyberMind-FR
4b4d1be2f5 feat: Add SecuBox portal header and navigation to luci-app-secubox-admin 
- Added SecuBox portal header (SbHeader) to all 9 admin views
- Added internal ADMIN_NAV navigation bar with dark theme styling
- Added Theme.init() for consistent theming across views
- Updated wrapper pattern for proper header/nav/content structure

Views updated:
- dashboard.js (Control Panel)
- cyber-dashboard.js (Cyber Console)
- apps.js (Apps Manager)
- updates.js (Updates)
- catalog-sources.js (Catalog)
- health.js (Health)
- logs.js (Logs)
- settings.js (Settings)
- advanced-settings.js (Advanced Settings)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-09 16:24:20 +01:00
CyberMind-FR
b610239551 ok 2026-01-08 09:08:46 +01:00
CyberMind-FR
9e7d11cb8e feat: v0.8.3 - Complete theming, responsive & dynamic features 
Major Features:
- 🎨 8 Themes: dark, light, cyberpunk, ocean, sunset, forest, minimal, contrast
- 📱 Fully Responsive: mobile-first with 500+ utility classes
- 📊 Chart.js Integration: 5 chart types (line, bar, doughnut, gauge, sparkline)
- 🔄 Real-time Updates: WebSocket + polling fallback
-  60+ Animations: entrance, attention, loading, continuous, interactive
- 📚 Complete Documentation: 35,000+ words across 5 guides

Theming System:
- Unified cyberpunk theme (643 lines)
- 5 new themes (ocean, sunset, forest, minimal, contrast)
- 30+ CSS custom properties
- Theme switching API

Responsive Design:
- Mobile-first approach (375px - 1920px+)
- 500+ utility classes (spacing, display, flex, grid, typography)
- Responsive components (tables, forms, navigation, modals, cards)
- Touch-friendly targets (44px minimum on mobile)

Dynamic Features:
- 9 widget templates (default, security, network, monitoring, hosting, compact, charts, sparkline)
- Chart.js wrapper utilities (chart-utils.js)
- Real-time client (WebSocket + polling, auto-reconnect)
- Widget renderer with real-time integration

Animations:
- 889 lines of animations (was 389)
- 14 entrance animations
- 10 attention seekers
- 5 loading animations
- Page transitions, modals, tooltips, forms, badges
- JavaScript animation API

Documentation:
- README.md (2,500 words)
- THEME_GUIDE.md (10,000 words)
- RESPONSIVE_GUIDE.md (8,000 words)
- WIDGET_GUIDE.md (9,000 words)
- ANIMATION_GUIDE.md (8,000 words)

Bug Fixes:
- Fixed data-utils.js baseclass implementation
- Fixed realtime-client integration in widget-renderer
- Removed duplicate cyberpunk.css

Files Created: 15
- 5 new themes
- 2 new components (charts.css, featured-apps.css)
- 3 JS modules (chart-utils.js, realtime-client.js)
- 1 library (chart.min.js 201KB)
- 5 documentation guides

Files Modified: 7
- animations.css (+500 lines)
- utilities.css (+460 lines)
- theme.js (+90 lines)
- widget-renderer.js (+50 lines)
- data-utils.js (baseclass fix)
- cyberpunk.css (unified)

Performance:
- CSS bundle: ~150KB minified
- JS core: ~50KB
- Chart.js: 201KB (lazy loaded)
- First Contentful Paint: <1.5s
- Time to Interactive: <2.5s

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-05 08:43:26 +01:00
CyberMind-FR
e13a3f5b84 hello 2026-01-04 19:50:25 +01:00
CyberMind-FR
17065bf776 fix(luci-app-secubox-admin): add graceful RPC fallback to all views 
Fixed "No related RPC reply" errors across all admin views by wrapping
ALL RPC calls in L.resolveDefault() with appropriate fallback values.

This allows the frontend to load gracefully even when the backend RPCD
methods are not yet deployed, showing empty data instead of crashing.

Changes:
- health.js: Wrapped getHealth() → L.resolveDefault(getHealth(), {})
- logs.js: Wrapped getLogs() → L.resolveDefault(getLogs(), { logs: '' })
- settings.js: Wrapped getApps() and getModules() with fallbacks
- apps.js: Wrapped getApps() and getModules() (checkUpdates already wrapped)
- dashboard.js: Wrapped all 4 RPC calls (getApps, getModules, getHealth, getAlerts)
- Incremented PKG_RELEASE: 6 → 7
- Updated DEPLOY_UPDATES.md with v1.0.0-7 details

All admin pages now load successfully regardless of backend deployment status.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-04 15:06:45 +01:00
CyberMind-FR
1c5d8eb29f fix(luci-app-secubox-admin): fix WidgetRenderer constructor error 
Fixed TypeError "WidgetRenderer is not a constructor" in dashboard.js
by removing the 'new' keyword. LuCI's baseclass.extend() creates callable
classes that should not be instantiated with 'new'.

Changes:
- dashboard.js: Changed from 'new WidgetRenderer({...})' to 'WidgetRenderer({...})'
- Added comprehensive try-catch error handling with fallback error display
- Incremented PKG_RELEASE: 5 → 6
- Updated DEPLOY_UPDATES.md with v1.0.0-6 details

This fix allows the widget system to initialize properly on the dashboard.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-04 14:59:10 +01:00
CyberMind-FR
f2ee564b1a feat: Reactive Widget System for Dashboard (Phase 5) 
Implement comprehensive widget rendering system allowing SecuBox apps to display
live metrics, status, and controls as responsive widgets on the dashboard.

## Widget Rendering Engine

**New**: `/secubox-admin/widget-renderer.js` (~450 lines)

Core widget system with:
- **WidgetRenderer Class**: Main rendering engine with plugin architecture
- **Template System**: Pluggable widget templates by category
- **Auto-refresh**: Configurable polling (default: 30s per widget)
- **Responsive Grid**: CSS Grid with auto, fixed-2, fixed-3, fixed-4 modes
- **Lifecycle Management**: Initialize, update, destroy with cleanup

### Built-in Templates

1. **Security Widget** (`template: 'security'`):
   - Status indicator (ok/warning/error)
   - Metric rows with labels/values
   - Last event timestamp
   - Color-coded border (red)

2. **Network Widget** (`template: 'network'`):
   - Active connections count
   - Bandwidth display (up/down) with auto-formatting
   - Custom metrics support
   - Color-coded border (blue)

3. **Monitoring Widget** (`template: 'monitoring'`):
   - Health status badge (healthy/degraded/down)
   - Metrics grid (responsive cards)
   - Uptime display with formatting
   - Color-coded border (green)

4. **Hosting Widget** (`template: 'hosting'`):
   - Services list with running/stopped status
   - Service status icons (✓/✗)
   - Metrics section
   - Color-coded border (orange)

5. **Compact Widget** (`template: 'compact'`):
   - Small icon + title
   - Large primary metric value
   - Label text
   - Minimal space usage

6. **Default Widget** (`template: 'default'`):
   - Fallback for apps without specific template
   - Icon + title + status
   - Simple display

### Features

- **Custom Templates**: `registerTemplate(name, {render: fn})` API
- **Metric Rendering**: `renderMetric()`, `renderMetricCard()` helpers
- **Data Formatting**: Bandwidth, uptime, timestamps (relative)
- **Error Handling**: Try-catch with error display
- **Loading States**: Spinner + message
- **Polling Management**: Automatic cleanup on destroy

## Widget Styles

**New**: `/secubox-admin/widgets.css` (~600 lines)

Comprehensive responsive styles:

### Grid System
- `.widget-grid-auto`: Auto-fill minmax(300px, 1fr)
- `.widget-grid-fixed-2/3/4`: Fixed column grids
- Responsive breakpoints: 1400px → 1024px → 768px
- Mobile: Single column layout

### Widget Components
- **Widget Item**: Card with shadow, hover effects, transform
- **Widget Header**: Icon + title + status indicator/badge
- **Metrics**: Row layout and grid layout variants
- **Status Colors**: Success (green), warning (orange), error (red), unknown (gray)
- **Loading State**: Animated spinner with message
- **Error State**: Icon + message + details

### Category Styling
- Left border color coding by category
- Security: Red (#f44336)
- Network: Blue (#2196f3)
- Monitoring: Green (#4caf50)
- Hosting: Orange (#ff9800)
- Productivity: Purple (#9c27b0)

### Dark Mode Support
- Media query for `prefers-color-scheme: dark`
- Adjusted backgrounds, borders, text colors
- Maintains readability and contrast

### Print Styles
- Break-inside: avoid for widgets
- Border styles for print
- Block layout (no grid)

## Dashboard Integration

**Modified**: `view/secubox-admin/dashboard.js`

Enhanced with widget support:

### Changes
1. Import `widget-renderer` module
2. Add widget renderer instance: `widgetRenderer: null`
3. Load widgets.css stylesheet
4. New section: `renderWidgetsSection(apps)`
   - Filters apps with `widget.enabled === true`
   - Shows widget count
   - Creates container `#dashboard-widgets-container`

5. New method: `initializeWidgets(apps)`
   - Creates WidgetRenderer instance
   - Config: 30s refresh, auto grid mode
   - Renders all enabled widgets

6. Lifecycle: `addFooter()`
   - Cleanup widget renderer on page leave
   - Removes all poll handles

### Widget Section UI
- Card layout matching other dashboard sections
- Header with "App Widgets" title + count
- Container for widget grid
- Initialized via `requestAnimationFrame` (DOM ready)

## Widget Configuration Schema

Apps in catalog.json can include:

```json
{
  "id": "app-id",
  "widget": {
    "enabled": true,
    "template": "security|network|monitoring|hosting|compact|default",
    "refresh_interval": 30,
    "metrics": [
      {
        "id": "active_sessions",
        "label": "Active Sessions",
        "type": "counter",
        "source": "ubus",
        "method": "app.get_sessions"
      }
    ]
  }
}
```

## Data Flow

```
Dashboard Init
  ↓
WidgetRenderer.render()
  ↓
For each app with widget.enabled:
  ├── Create widget container (DOM)
  ├── Show loading spinner
  ├── API.getWidgetData(app_id)
  ↓
RPCD: luci.secubox.get_widget_data(app_id)
  ↓
Return widget data (metrics, status, etc.)
  ↓
Template.render(container, app, data)
  ↓
Display widget with live data
  ↓
Poll every N seconds (refresh_interval)
```

## Widget Renderer API

```javascript
// Create renderer
var renderer = new WidgetRenderer({
  containerId: 'widget-container',
  apps: appsWithWidgets,
  defaultRefreshInterval: 30,
  gridMode: 'auto'  // 'auto', 'fixed-2', 'fixed-3', 'fixed-4'
});

// Render all widgets
renderer.render();

// Register custom template
renderer.registerTemplate('mytemplate', {
  render: function(container, app, data) {
    container.innerHTML = '<div>...</div>';
  }
});

// Cleanup
renderer.destroy();
```

## Key Features Delivered

 **Pluggable template system** for different app categories
 **Responsive grid layout** with breakpoints
 **Auto-refresh** with configurable intervals per widget
 **Error handling** with graceful degradation
 **Loading states** with spinners
 **Dark mode** support via media queries
 **Category styling** with color-coded borders
 **Lifecycle management** with cleanup
 **Formatting utilities** for bandwidth, uptime, timestamps
 **Print-friendly** styles

## Files Changed/Created

**Created (2)**:
- `luci-app-secubox-admin/htdocs/luci-static/resources/secubox-admin/widget-renderer.js`
- `luci-app-secubox-admin/htdocs/luci-static/resources/secubox-admin/widgets.css`

**Modified (1)**:
- `luci-app-secubox-admin/htdocs/luci-static/resources/view/secubox-admin/dashboard.js`

**Total**: ~1,100 lines added

## Next Steps

To enable widgets for apps:
1. Add `widget` section to app entries in catalog.json
2. Implement `get_widget_data()` in app's RPCD handler
3. Return metrics, status, and relevant data
4. Widget will auto-refresh and display on dashboard

Example apps ready for widgets:
- Auth Guardian (security template)
- Bandwidth Manager (network template)
- System monitors (monitoring template)
- Hosting services (hosting template)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-04 14:07:59 +01:00
CyberMind-FR
e7c9411d79 feat: Release v0.8.2 - Admin Control Center, Documentation Mirror & Docker Automation 
This release adds major new features for SecuBox management and deployment:

## New Features

### 1. LuCI Admin Control Center (luci-app-secubox-admin)
- Unified admin dashboard for managing all SecuBox appstore plugins
- **Control Panel**: Real-time stats, system health, alerts, quick actions
- **Apps Manager**: Browse catalog, install/remove apps with search & filtering
- **App Settings**: Per-app configuration, start/stop controls
- **System Health**: Live monitoring (CPU, RAM, disk) with auto-refresh
- **System Logs**: Centralized log viewer with download capability
- Fully integrated with existing RPCD backend (luci.secubox)
- Mobile-responsive design with polished UI components

### 2. Documentation Mirror in SecuBox Bonus
- Integrated complete development documentation into luci-app-secubox-bonus
- 64+ documentation files now available offline at /luci-static/secubox/docs/
- Beautiful landing page (index-main.html) with 4 sections:
  - Development guides & references
  - Live module demos
  - Tutorials & blog posts
  - Marketing campaign pages
- Accessible locally on router without internet connection

### 3. Automated Docker Plugin Installation
- Enhanced secubox-appstore CLI with full Docker automation
- One-click installation from web UI now fully automated:
  - Auto-detects Docker runtime from catalog
  - Discovers and executes control scripts (*ctl install)
  - Pulls Docker images automatically
  - Creates directories and configures UCI
  - Enables init services
- No manual CLI steps required for Docker apps
- Works for all Docker apps: AdGuard Home, Mail-in-a-Box, Nextcloud, etc.

### 4. Mail-in-a-Box Plugin
- New Docker-based email server plugin (secubox-app-mailinabox)
- Complete package with:
  - UCI configuration (8 port mappings, feature flags)
  - Control script (mailinaboxctl) with install/check/update/status/logs
  - Procd init script with auto-restart
  - Catalog manifest (category: hosting, maturity: beta)
- Network mode: host (required for mail server)
- Persistent storage: mail, SSL, data, DNS volumes

## Improvements

### Build System
- Updated local-build.sh to include luci-app-* packages from package/secubox/
- Now automatically discovers and builds luci-app-secubox-admin and similar packages
- Fixed Makefile include paths for feed structure

### Package Releases
- Incremented PKG_RELEASE for all 31 SecuBox packages
- Ensures clean upgrade path from previous versions

### Catalog Updates
- Mail-in-a-Box entry moved from "productivity" to "hosting" category
- Status changed to "beta" reflecting community Docker image maturity
- Storage requirement increased: 1024MB → 2048MB
- Added port 25 accessibility note

## Files Changed

### New Packages (2)
- package/secubox/luci-app-secubox-admin/ (12 files)
- package/secubox/secubox-app-mailinabox/ (4 files)

### Enhanced Packages (1)
- package/secubox/luci-app-secubox-bonus/ (65 new docs files)

### Modified Core (3)
- package/secubox/secubox-core/root/usr/sbin/secubox-appstore
- package/secubox/secubox-core/root/usr/share/secubox/catalog.json
- secubox-tools/local-build.sh

### All Makefiles (31 packages)
- Incremented PKG_RELEASE for clean upgrade path

## Technical Details

**Admin Control Center Architecture:**
- Frontend: 5 views (dashboard, apps, settings, health, logs)
- API: Wrapper around luci.secubox RPCD methods
- Components: Reusable UI library (cards, badges, alerts, loaders)
- Styling: Common + admin-specific CSS with responsive design
- Auto-refresh: Polling for live updates (5-30s intervals)

**Docker Automation Flow:**
```
Web UI → RPCD → secubox-appstore CLI → opkg install → *ctl install →
docker pull → directories → UCI config → init enable → ✓ Ready
```

**Access Points:**
- Admin Control: http://router/cgi-bin/luci/admin/secubox/admin/
- Documentation: http://router/luci-static/secubox/index-main.html
- Demos: http://router/luci-static/secubox/demo-*.html

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-04 08:29:31 +01:00