gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
9d46ff51f3
secubox-openwrt/package/secubox/secubox-p2p/root/etc/uci-defaults/99-secubox-p2p-api
CyberMind-FR a9130715e9 feat(p2p): Add SecuBox Factory unified dashboard with signed Merkle snapshots 
Implement mesh-distributed, cryptographically-validated control center:

- Add factory.sh library with Ed25519 signing via signify-openbsd
- Add Merkle tree calculation for /etc/config validation
- Add CGI endpoints: dashboard, tools, run, snapshot, pubkey
- Add KISS Web UI (~280 lines vanilla JS, inline CSS, zero deps)
- Add gossip-based 3-peer fanout for snapshot synchronization
- Add offline operations queue with replay on reconnect
- Add LuCI iframe integration under MirrorBox > Factory tab
- Configure uhttpd alias for /factory/ on port 7331
- Bump secubox-p2p version to 0.4.0

Factory UI accessible at http://<device>:7331/factory/

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-31 08:03:54 +01:00

50 lines
1.6 KiB
Bash
Raw Blame History

#!/bin/sh
# Configure uhttpd instance for P2P REST API and Factory UI on port 7331
# Check if p2p_api instance already exists
if ! uci -q get uhttpd.p2p_api >/dev/null 2>&1; then
uci set uhttpd.p2p_api=uhttpd
uci set uhttpd.p2p_api.listen_http='0.0.0.0:7331'
uci set uhttpd.p2p_api.home='/www/api'
uci set uhttpd.p2p_api.cgi_prefix='/'
uci set uhttpd.p2p_api.no_symlinks='0'
uci set uhttpd.p2p_api.no_dirlists='1'
uci set uhttpd.p2p_api.script_timeout='60'
uci set uhttpd.p2p_api.network_timeout='30'
uci commit uhttpd
fi
# Add alias for Factory UI (serves /www/factory at /factory/)
# This allows Factory UI to be served alongside the API on port 7331
current_aliases=$(uci -q get uhttpd.p2p_api.alias 2>/dev/null)
if ! echo "$current_aliases" | grep -q "/factory/"; then
uci add_list uhttpd.p2p_api.alias='/factory/=/www/factory'
uci commit uhttpd
fi
# Add firewall rule for P2P API port (LAN only by default)
if ! uci show firewall 2>/dev/null | grep -q "P2P-API"; then
uci add firewall rule
uci set firewall.@rule[-1].name='P2P-API'
uci set firewall.@rule[-1].src='lan'
uci set firewall.@rule[-1].dest_port='7331'
uci set firewall.@rule[-1].proto='tcp'
uci set firewall.@rule[-1].target='ACCEPT'
uci set firewall.@rule[-1].enabled='1'
uci commit firewall
fi
# Add mDNS firewall rule if not exists
if ! uci show firewall 2>/dev/null | grep -q "mDNS"; then
uci add firewall rule
uci set firewall.@rule[-1].name='mDNS'
uci set firewall.@rule[-1].src='lan'
uci set firewall.@rule[-1].dest_port='5353'
uci set firewall.@rule[-1].proto='udp'
uci set firewall.@rule[-1].target='ACCEPT'
uci set firewall.@rule[-1].enabled='1'
uci commit firewall
fi
exit 0
Reference in New Issue View Git Blame Copy Permalink