Update INSTALL.sh

This commit is contained in:
Stefan Pejcic 2024-07-23 11:44:24 +02:00 committed by GitHub
parent 8f7cd43135
commit cce21e68ec
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -367,17 +367,16 @@ while [[ $# -gt 0 ]]; do
--skip-firewall) --skip-firewall)
SKIP_FIREWALL=true SKIP_FIREWALL=true
;; ;;
--csf)
SKIP_FIREWALL=false
UFW_SETUP=false
CSF_SETUP=true
;;
--ufw) --ufw)
SKIP_FIREWALL=false SKIP_FIREWALL=false
UFW_SETUP=true UFW_SETUP=true
CSF_SETUP=false CSF_SETUP=false
;; ;;
--ufw)
SKIP_FIREWALL=false
UFW_SETUP=false
CSF_SETUP=true
;;
--skip-images) --skip-images)
SKIP_IMAGES=true SKIP_IMAGES=true
;; ;;
@ -675,7 +674,7 @@ setup_ufw() {
# TODO: # TODO:
# whitelist root user # whitelist root user
# open ports opencli firewall-reset
# enable iset blocklists # enable iset blocklists
# enable lfd alerts if email is set, otherwise disable # enable lfd alerts if email is set, otherwise disable
# set mail continer for smtp # set mail continer for smtp
@ -684,6 +683,11 @@ setup_ufw() {
if [ "$UFW_SETUP" = true ]; then if [ "$UFW_SETUP" = true ]; then
echo "Setting up UncomplicatedFirewall.." echo "Setting up UncomplicatedFirewall.."
# set ufw to be monitored instead of csf
sed -i 's/ConfigServer Firewall/Uncomplicated Firewall/g' "${ETC_DIR}openadmin/config/services.json" > /dev/null 2>&1 &&
sed -i 's/csf/ufw/g' "${ETC_DIR}openadmin/config/services.json" > /dev/null 2>&1 &&
debug_log wget -qO /usr/local/bin/ufw-docker https://github.com/chaifeng/ufw-docker/raw/master/ufw-docker > /dev/null 2>&1 && debug_log wget -qO /usr/local/bin/ufw-docker https://github.com/chaifeng/ufw-docker/raw/master/ufw-docker > /dev/null 2>&1 &&
debug_log chmod +x /usr/local/bin/ufw-docker debug_log chmod +x /usr/local/bin/ufw-docker
@ -697,7 +701,7 @@ setup_ufw() {
debug_log ufw allow 2083/tcp #openpanel debug_log ufw allow 2083/tcp #openpanel
debug_log ufw allow 2087/tcp #openadmin debug_log ufw allow 2087/tcp #openadmin
if [ "$NO_SSH" = false ]; then if [ "$NO_SSH" = false ]; then
# whitelist user running the script # whitelist user running the script