From 7a13f62fef542c08fd6fac884481e3b5a91317bd Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sun, 20 Sep 2020 02:10:56 +0200 Subject: [PATCH 1/3] Port shouldn't be opened on the firewall ... it supposed to be only there for reverse proxying --- scripts/install | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/install b/scripts/install index a60559b..7db37be 100755 --- a/scripts/install +++ b/scripts/install @@ -67,14 +67,13 @@ ynh_app_setting_set $app is_public $is_public #================================================= # STANDARD MODIFICATIONS #================================================= -# FIND AND OPEN A PORT +# FIND AN AVAILABLE PORT #================================================= # Find a free port port=$(ynh_find_port 8083) # Open this port ynh_script_progression --message="Opening port $port..." --weight=5 -yunohost firewall allow --no-upnp TCP $port 2>&1 ynh_app_setting_set $app port $port #================================================= From 9de482b23ac465e69665c3dfa21cbb390d73084b Mon Sep 17 00:00:00 2001 From: Krakinou Date: Sun, 20 Sep 2020 17:43:10 +0200 Subject: [PATCH 2/3] remove opening of port 8083 --- .settings/org.eclipse.core.resources.prefs | 2 -- scripts/install | 3 +-- scripts/restore | 1 - scripts/upgrade | 8 ++++++++ 4 files changed, 9 insertions(+), 5 deletions(-) delete mode 100644 .settings/org.eclipse.core.resources.prefs diff --git a/.settings/org.eclipse.core.resources.prefs b/.settings/org.eclipse.core.resources.prefs deleted file mode 100644 index 8e4e3b8..0000000 --- a/.settings/org.eclipse.core.resources.prefs +++ /dev/null @@ -1,2 +0,0 @@ -eclipse.preferences.version=1 -encoding//conf/generate_password_hash.py=utf-8 diff --git a/scripts/install b/scripts/install index 7db37be..8b96265 100755 --- a/scripts/install +++ b/scripts/install @@ -72,8 +72,7 @@ ynh_app_setting_set $app is_public $is_public # Find a free port port=$(ynh_find_port 8083) -# Open this port -ynh_script_progression --message="Opening port $port..." --weight=5 +ynh_script_progression --message="Setting port $port..." --weight=5 ynh_app_setting_set $app port $port #================================================= diff --git a/scripts/restore b/scripts/restore index bdcbcac..70df492 100755 --- a/scripts/restore +++ b/scripts/restore @@ -51,7 +51,6 @@ ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf" #================================================= ynh_script_progression --message="reopening port $port..." --weight=5 -yunohost firewall allow --no-upnp TCP $port 2>&1 ynh_app_setting_set $app port $port #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index d330989..e5e31d6 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -56,6 +56,14 @@ else #on est encore en 0.6.0 current_upstream_app_version='0.6.0' fi +#Close unwanted open port in firewall +if yunohost firewall list | grep -q "\- $port$" +then + ynh_script_progression --message="Closing port $port..." --weight=10 + yunohost firewall disallow TCP $port 2>&1 +fi + + #================================================= # BACKUP BEFORE UPGRADE THEN ACTIVE TRAP #================================================= From 16eab13eaf177e39ea67de9be5278ac0b7d119b4 Mon Sep 17 00:00:00 2001 From: Krakinou Date: Sun, 20 Sep 2020 17:44:52 +0200 Subject: [PATCH 3/3] update closing message --- scripts/upgrade | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/upgrade b/scripts/upgrade index e5e31d6..fcf73ef 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -59,7 +59,7 @@ fi #Close unwanted open port in firewall if yunohost firewall list | grep -q "\- $port$" then - ynh_script_progression --message="Closing port $port..." --weight=10 + ynh_script_progression --message="Closing port $port as it shouldn't be open..." yunohost firewall disallow TCP $port 2>&1 fi