gandalf/secubox-openwrt
gandalf/secubox-openwrt
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
e7c9411d79
secubox-openwrt/package/secubox/secubox-app-crowdsec
History
CyberMind-FR e7c9411d79 feat: Release v0.8.2 - Admin Control Center, Documentation Mirror & Docker Automation 
This release adds major new features for SecuBox management and deployment:

## New Features

### 1. LuCI Admin Control Center (luci-app-secubox-admin)
- Unified admin dashboard for managing all SecuBox appstore plugins
- **Control Panel**: Real-time stats, system health, alerts, quick actions
- **Apps Manager**: Browse catalog, install/remove apps with search & filtering
- **App Settings**: Per-app configuration, start/stop controls
- **System Health**: Live monitoring (CPU, RAM, disk) with auto-refresh
- **System Logs**: Centralized log viewer with download capability
- Fully integrated with existing RPCD backend (luci.secubox)
- Mobile-responsive design with polished UI components

### 2. Documentation Mirror in SecuBox Bonus
- Integrated complete development documentation into luci-app-secubox-bonus
- 64+ documentation files now available offline at /luci-static/secubox/docs/
- Beautiful landing page (index-main.html) with 4 sections:
  - Development guides & references
  - Live module demos
  - Tutorials & blog posts
  - Marketing campaign pages
- Accessible locally on router without internet connection

### 3. Automated Docker Plugin Installation
- Enhanced secubox-appstore CLI with full Docker automation
- One-click installation from web UI now fully automated:
  - Auto-detects Docker runtime from catalog
  - Discovers and executes control scripts (*ctl install)
  - Pulls Docker images automatically
  - Creates directories and configures UCI
  - Enables init services
- No manual CLI steps required for Docker apps
- Works for all Docker apps: AdGuard Home, Mail-in-a-Box, Nextcloud, etc.

### 4. Mail-in-a-Box Plugin
- New Docker-based email server plugin (secubox-app-mailinabox)
- Complete package with:
  - UCI configuration (8 port mappings, feature flags)
  - Control script (mailinaboxctl) with install/check/update/status/logs
  - Procd init script with auto-restart
  - Catalog manifest (category: hosting, maturity: beta)
- Network mode: host (required for mail server)
- Persistent storage: mail, SSL, data, DNS volumes

## Improvements

### Build System
- Updated local-build.sh to include luci-app-* packages from package/secubox/
- Now automatically discovers and builds luci-app-secubox-admin and similar packages
- Fixed Makefile include paths for feed structure

### Package Releases
- Incremented PKG_RELEASE for all 31 SecuBox packages
- Ensures clean upgrade path from previous versions

### Catalog Updates
- Mail-in-a-Box entry moved from "productivity" to "hosting" category
- Status changed to "beta" reflecting community Docker image maturity
- Storage requirement increased: 1024MB → 2048MB
- Added port 25 accessibility note

## Files Changed

### New Packages (2)
- package/secubox/luci-app-secubox-admin/ (12 files)
- package/secubox/secubox-app-mailinabox/ (4 files)

### Enhanced Packages (1)
- package/secubox/luci-app-secubox-bonus/ (65 new docs files)

### Modified Core (3)
- package/secubox/secubox-core/root/usr/sbin/secubox-appstore
- package/secubox/secubox-core/root/usr/share/secubox/catalog.json
- secubox-tools/local-build.sh

### All Makefiles (31 packages)
- Incremented PKG_RELEASE for clean upgrade path

## Technical Details

**Admin Control Center Architecture:**
- Frontend: 5 views (dashboard, apps, settings, health, logs)
- API: Wrapper around luci.secubox RPCD methods
- Components: Reusable UI library (cards, badges, alerts, loaders)
- Styling: Common + admin-specific CSS with responsive design
- Auto-refresh: Polling for live updates (5-30s intervals)

**Docker Automation Flow:**
```
Web UI → RPCD → secubox-appstore CLI → opkg install → *ctl install →
docker pull → directories → UCI config → init enable → ✓ Ready
```

**Access Points:**
- Admin Control: http://router/cgi-bin/luci/admin/secubox/admin/
- Documentation: http://router/luci-static/secubox/index-main.html
- Demos: http://router/luci-static/secubox/demo-*.html

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-01-04 08:29:31 +01:00
..
files feat(crowdsec): add secubox-app daemon 2025-12-30 13:00:59 +01:00
patches feat(crowdsec): add secubox-app daemon 2025-12-30 13:00:59 +01:00
Makefile feat: Release v0.8.2 - Admin Control Center, Documentation Mirror & Docker Automation 2026-01-04 08:29:31 +01:00
README.md feat(crowdsec): add secubox-app daemon 2025-12-30 13:00:59 +01:00

README.md

SecuBox App - CrowdSec

Version

  • Package: secubox-app-crowdsec
  • CrowdSec Core: v1.7.4
  • Release: 1
  • Last Updated: December 30, 2024

Description

CrowdSec is an open-source, lightweight security engine that detects and responds to malicious behaviors. This SecuBox package provides CrowdSec for OpenWrt routers.

Key Features (v1.7.4)

  • WAF capability with DropRequest helper for request blocking
  • Refactored syslog acquisition using RestartableStreamer
  • Optional pure-go SQLite driver for better compatibility
  • Enhanced logging configuration with syslog media support
  • Configurable usage metrics export (api.server.disable_usage_metrics_export)
  • Fixed LAPI metrics cardinality issues with Prometheus
  • Data race prevention in Docker acquisition
  • Database query optimization for decision streams

Package Contents

  • Makefile: OpenWrt package definition for CrowdSec v1.7.4
  • files/: Configuration and init scripts
    • crowdsec.initd: Init script for service management
    • crowdsec.config: UCI configuration
    • crowdsec.defaults: Default configuration (uci-defaults)
  • patches/: Patches for OpenWrt compatibility
    • 001-fix_config_data_dir.patch: Fix data directory path for OpenWrt

Installation

# From SecuBox build environment
cd /home/reepost/CyberMindStudio/_files/secubox-openwrt
make package/secubox/secubox-app-crowdsec/compile V=s

# Install on router
opkg install crowdsec_1.7.4-1_*.ipk

Configuration

CrowdSec configuration files are located at:

  • Main config: /etc/crowdsec/config.yaml
  • Acquisition: /etc/crowdsec/acquis.yaml
  • Profiles: /etc/crowdsec/profiles.yaml
  • Local API: /etc/crowdsec/local_api_credentials.yaml

Data directory: /srv/crowdsec/data/

Service Management

# Start CrowdSec
/etc/init.d/crowdsec start

# Stop CrowdSec
/etc/init.d/crowdsec stop

# Restart CrowdSec
/etc/init.d/crowdsec restart

# Check status
/etc/init.d/crowdsec status

CLI Usage

CrowdSec CLI is available via cscli:

# Check version
cscli version

# List decisions
cscli decisions list

# View alerts
cscli alerts list

# Manage collections
cscli collections list
cscli collections install crowdsecurity/nginx

# Manage bouncers
cscli bouncers list
cscli bouncers add firewall-bouncer

Integration with SecuBox

This package integrates with:

  • luci-app-crowdsec-dashboard v0.5.0+
  • SecuBox Theme System
  • SecuBox Logging (secubox-log)

Dependencies

  • Go compiler (build-time)
  • SQLite3
  • OpenWrt base system

References

Changelog

v1.7.4-1 (2024-12-30)

  • Updated from v1.6.2 to v1.7.4
  • Added WAF/AppSec support
  • Improved syslog acquisition
  • Enhanced metrics export configuration
  • Fixed Prometheus cardinality issues

v1.6.2-1 (Previous)

  • Initial SecuBox integration
  • Basic OpenWrt compatibility patches

License

MIT License

Maintainer

CyberMind.fr - Gandalf gandalf@gk2.net