Make firewall script more general

AgenttiX · AgenttiX · commit c65df89806df · 2025-07-28T18:22:59.000+03:00
diff --git a/security/firewall.sh b/security/firewall.sh
@@ -0,0 +1,32 @@
+#!/bin/bash -e
+
+if [ "${EUID}" -ne 0 ]; then
+   echo "This script should be run as root."
+   exit 1
+fi
+
+if command -v mosh &> /dev/null; then
+  ufw allow mosh comment "Mosh"
+fi
+
+ufw allow ssh comment "SSH"
+
+if command -v syncthing &> /dev/null; then
+  ufw allow 22000/tcp comment "Syncthing"
+  ufw allow 21027/udp comment "Syncthing Discovery"
+
+  while true; do
+    read -p "Do you want to allow Syncthing remote GUI access? (y/n) " yn
+
+    case $yn in
+      [yY] ) echo "Enabling remote GUI access"
+        ufw allow 8384 comment "Syncthing GUI"
+        break;;
+      [nN] ) echo "Skipping remote GUI access"
+        exit;;
+      * ) echo "Invalid response";;
+    esac
+  done
+fi
+
+ufw enable
diff --git a/security/syncthing_firewall.sh b/security/syncthing_firewall.sh
diff --git a/ssh/setup_ssh_server.sh b/ssh/setup_ssh_server.sh
@@ -16,7 +16,7 @@ systemctl restart ssh
 
 if command -v &> /dev/null; then
   echo "Creating UFW firewall rule and enabling UFW."
-  ufw allow ssh comment SSH
+  ufw allow ssh comment "SSH"
   ufw enable
 else
   echo "UFW was not found."
