gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,482 Commits 4 Branches 293 Tags 320 MiB
fd54253f66
Commit Graph

10 Commits

Author SHA1 Message Date
CyberMind-FR
99d9f307dd feat(secubox-core): Add dynamic KISS Apps discovery methods 
- get_installed_apps: Returns installed apps with menu paths and status
- get_kiss_menu: Returns dynamic menu by category (security, system, productivity, media)
- Enables KISS UI to dynamically show installed apps
- Updated ACL to include new methods

Also on router:
- Created rpcd-watchdog service that monitors rpcd every 60s
- Automatically restarts rpcd if luci module fails

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-03-11 11:16:47 +01:00
CyberMind-FR
13c1e596d2 feat(core): Add 3-tier stats persistence and LuCI tree navigation 
Stats Persistence Layer:
- Add secubox-stats-persist daemon for never-trashed stats
- 3-tier caching: RAM (/tmp) → buffer → persistent (/srv)
- Hourly snapshots (24h), daily aggregates (30d)
- Boot recovery from persistent storage
- Heartbeat line: real-time 60-sample buffer (3min window)
- Evolution view: combined influence score over time

RPCD Stats Module:
- get_timeline: 24h evolution for all collectors
- get_evolution: combined influence score timeline
- get_heartbeat_line: real-time 3min buffer
- get_stats_status: persistence status and current values
- get_history: historical data per collector
- get_collector_cache: current cache value

LuCI Tree Navigation:
- Add clickable tree of all 60+ SecuBox LuCI apps
- Organized by category: Security, Network, Monitoring, Services, etc.
- Real-time search filter
- Available at /secubox-public/luci-tree and /admin/secubox/luci-tree

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-11 11:23:27 +01:00
CyberMind-FR
d8578653b4 feat(metrics): Add active sessions panel to SecuBox Metrics 
- Add get_active_sessions RPCD method to dashboard module
- Display session counts: Tor circuits, HTTPS, Streamlit, Mitmproxy, SSH
- Add ACTIVE SESSIONS panel with yellow/gold theme
- Add RECENT VISITORS panel showing visitor IPs and countries
- Add TOP ENDPOINTS panel showing accessed paths
- Add ACL permissions for get_active_sessions
- Auto-refresh with other metrics every 10 seconds

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-02-10 11:45:29 +01:00
CyberMind-FR
9acab29c34 feat(v0.17): P2P Mesh Recovery, MITM Analytics, Swiss Army Knife 
Major features:
- P2P Mesh distributed recovery infrastructure with blockchain catalog
- MITM analytics proxy for external access monitoring (IP, country, scans)
- SecuBox Swiss unified CLI tool for management & recovery
- Python remote management console (secubox-console)
- Multi-theme landing page generator (mirrorbox, cyberpunk, minimal, terminal, light)
- Service Registry enhancements with health check and network diagnostics
- Services page modernization with Service Registry API integration

New components:
- secubox-swiss: Swiss Army Knife unified management tool
- secubox-mesh: P2P mesh networking and sync
- secubox-recover: Snapshot, profiles, rollback, reborn scripts
- secubox-console: Python remote management app
- secubox_analytics.py: MITM traffic analysis addon

Fixes:
- Service Registry ACL permissions for secubox services page
- Port status display (firewall_open detection)
- RPC response handling for list_services

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-30 19:46:28 +01:00
CyberMind-FR
4b2241c86e feat(p2p): Add MirrorBox auto-init, self-recovery, and ACL fixes 
MirrorBox Auto-Init:
- Add blockchain-like gigogne P2P structure with peer zero (P0) genesis
- Auto-create self-mesh on page load with configurable depth
- Preserve MirrorBox peers during refresh cycles

Self-Recovery System:
- Add secubox-restore script for bootstrapping new OpenWrt boxes
- Generate customized bootstrap.sh in Gitea backups
- Support interactive and command-line restore modes

ACL Fixes:
- Add missing deploy/pull methods to luci-app-secubox-p2p ACL
- Add luci.gitea and luci.secubox-p2p access to luci-app-secubox ACL
- Fix null display issue in hub.js (changed to empty string)

Backup Enhancements:
- Fix syntax error in RPCD heredoc (openwrt_version line)
- Add branch reference to Gitea API calls (main branch)
- Include bootstrap.sh and secubox-restore in backup push

Documentation:
- Add comprehensive README.md for SecuBox P2P module

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-30 19:46:28 +01:00
CyberMind-FR
2b913d5005 feat(p2p): Add SecuBox P2P Hub packages and Services Registry 
- Add secubox-p2p backend package:
  - UCI configuration for P2P settings, DNS federation, WireGuard mesh, HAProxy
  - RPCD handler for peer management, service discovery, mesh configuration
  - Init script and main P2P manager daemon

- Add luci-app-secubox-p2p frontend package:
  - Main hub view with master control, network matrix visualization
  - Peers management with discovery and manual add
  - Services view showing local and shared services
  - Mesh network configuration (DNS, WireGuard, HAProxy)
  - Settings for P2P and registry configuration

- Add Services Registry view to luci-app-secubox
- Add listProfiles/applyProfile to secubox-admin API
- Fix P2P ACL permissions
- Remove old hub.js from luci-app-secubox (moved to dedicated package)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-30 19:46:28 +01:00
CyberMind-FR
906bf6f549 feat: Add HTTP health checks, portal speedtest, and fix cert detection 
- metablogizer: Add HTTP health checks for backend (uhttpd) and frontend (HAProxy)
- metablogizer: Fix BusyBox-compatible certificate expiry detection using openssl checkend
- secubox-portal: Add speed test widget with ping/download/upload measurement
- tor-shield: Fix settings save ensuring UCI sections exist
- cdn-cache: UI improvements and restructure
- streamlit: Fix port conflict (sappix now uses 8503)
- secubox-core: Add proxy mode detection
- security-threats: Dashboard improvements
- haproxy: Init.d and Makefile updates

PKG_RELEASE bumps:
- luci-app-cdn-cache: 3
- luci-app-metablogizer: 2
- luci-app-secubox-portal: 2
- luci-app-secubox-security-threats: 2
- luci-app-secubox: 4
- luci-app-streamlit: 9
- luci-app-tor-shield: 2
- secubox-app-haproxy: 23
- secubox-core: 6

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-30 19:46:26 +01:00
CyberMind-FR
26daa57a4b fix(multi): HAProxy duplicate server, Streamlit headless, dashboard optimization 
Fixes:
- HAProxy: Prevent duplicate server names when both inline and separate
  server UCI sections exist for same backend
- Streamlit: Force --server.headless=true in start script (required for server)
- Dashboard: Optimize get_dashboard_data RPC call (6.56s → 0.09s) by using
  fast catalog counting instead of slow appstore list command
- Exposure: Add themed dashboard with SecuBox styling
- ACL: Add missing RPCD permissions for various LuCI apps

Version bumps:
- luci-app-exposure: 1.0.0-r3
- secubox-core: 0.10.0-r5
- secubox-app-haproxy: 1.0.0-r18
- secubox-app-streamlit: 1.0.0-r2
- Portal: v0.15.51

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-26 11:04:02 +01:00
CyberMind-FR
328c48b4e6 fix(luci-app-secubox): Add get_public_ips to ACL permissions 
The RPC method was returning "Access denied" because it was missing
from the rpcd ACL configuration.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-13 13:07:37 +01:00
CyberMind-FR
675b2d164e feat: Portal service detection, nDPId compat layer, CrowdSec/Netifyd packages 
Portal (luci-app-secubox-portal):
- Fix service status showing 0/9 by checking if init scripts exist
- Only count installed services in status display
- Use pgrep fallback when init script status fails

nDPId Dashboard (luci-app-ndpid):
- Add default /etc/config/ndpid configuration
- Add /etc/init.d/ndpid-compat init script
- Enable compat service in postinst for app detection
- Fix Makefile to install init script and config

CrowdSec Dashboard:
- Add CLAUDE.md with OpenWrt-specific guidelines (pgrep without -x)
- CSS fixes for hiding LuCI left menu in all views
- LAPI repair improvements with retry logic

New Packages:
- secubox-app-crowdsec: OpenWrt-native CrowdSec package
- secubox-app-netifyd: Netifyd DPI integration
- luci-app-secubox: Core SecuBox hub
- luci-theme-secubox: Custom theme

Removed:
- luci-app-secubox-crowdsec (replaced by crowdsec-dashboard)
- secubox-crowdsec-setup (functionality moved to dashboard)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-10 13:51:40 +01:00