gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
fd54253f66
secubox-openwrt/package/secubox/secubox-cve-triage/files/etc/config/cve-triage
CyberMind-FR 44493ebfe3 feat: Add CVE Triage Agent and Vortex DNS, fix webmail login 
New Packages:
- secubox-cve-triage: AI-powered CVE analysis and vulnerability management
  - NVD API integration for CVE data
  - CrowdSec CVE alert correlation
  - LocalAI-powered impact analysis
  - Approval workflow for patch recommendations
  - Multi-source monitoring (opkg, LXC, Docker)

- luci-app-cve-triage: Dashboard with alerts, pending queue, risk score

- secubox-vortex-dns: Meshed multi-dynamic subdomain delegation
  - Master/slave hierarchical DNS delegation
  - Wildcard domain management
  - First Peek auto-registration
  - Gossip-based exposure config sync
  - Submastering for nested hierarchies

Fixes:
- Webmail 401 login: config.docker.inc.php was overriding IMAP host
  to ssl://mail.secubox.in:993 which Docker couldn't reach
- Fixed mailctl webmail configure to use socat proxy (172.17.0.1:10143)

Documentation:
- Added LXC cgroup:mixed fix to FAQ-TROUBLESHOOTING.md
- Updated CLAUDE.md to include FAQ consultation at startup

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-05 12:19:54 +01:00

64 lines
1.5 KiB
Plaintext
Raw Blame History

config cve-triage 'main'
option enabled '1'
option interval '3600'
option localai_url 'http://127.0.0.1:8081'
option localai_model 'tinyllama-1.1b-chat-v1.0.Q4_K_M'
# Only triage CVEs with severity >= this level (low/medium/high/critical)
option min_severity 'high'
# Only report CVEs affecting installed packages
option affected_only '1'
# Auto-apply patches (0=queue for approval, 1=auto-apply)
option auto_apply_patches '0'
# Minimum confidence score (0-100) for auto-actions
option min_confidence '80'
# Maximum recommendations per cycle
option max_recommendations '10'
# CVE data sources
config source 'nvd'
option enabled '1'
option type 'nvd_api'
option url 'https://services.nvd.nist.gov/rest/json/cves/2.0'
option cache_hours '24'
config source 'crowdsec_cve'
option enabled '1'
option type 'crowdsec'
option filter_cve '1'
config source 'openwrt_sa'
option enabled '1'
option type 'openwrt_security'
option url 'https://openwrt.org/advisory/start'
# Package sources to monitor
config packages 'opkg'
option enabled '1'
option type 'opkg'
config packages 'lxc'
option enabled '1'
option type 'lxc_packages'
config packages 'docker'
option enabled '1'
option type 'docker_images'
# Output targets
config target 'recommendations'
option enabled '1'
option path '/var/lib/cve-triage/recommendations.json'
config target 'alerts'
option enabled '1'
option path '/var/lib/cve-triage/alerts.json'
# Queue for pending actions (approval workflow)
config queue 'pending'
option path '/var/lib/cve-triage/pending_actions.json'
Reference in New Issue View Git Blame Copy Permalink