Skip to content
Permalink
Browse files

Firewall services configuration

  • Loading branch information...
NEMS Linux
NEMS Linux committed Feb 27, 2019
1 parent 374285b commit fd335852cfcda94a6268e98b2a64a8f7c442fbac
Binary file not shown.
@@ -0,0 +1,52 @@
#!/bin/bash
echo $0 > /var/www/html/userfiles/nems-build.cur
platform=$(/usr/local/share/nems/nems-scripts/info.sh platform) # This is why we have to do this after 150-nems

# Update package list
apt update

# Install the firewall
apt -y install firewalld

# Stop it if started so we can load new services
systemctl stop firewalld

# Unmask the service
systemctl unmask firewalld

# Setup firewall rules
if [[ -d /usr/lib/firewalld/services ]]; then
rm -rf /usr/lib/firewalld/services
cp -R /root/nems/nems-migrator/data/1.5/firewalld/services /usr/lib/firewalld/
chown -R root:root /usr/lib/firewalld/services
fi

# Start the firewall
systemctl enable firewalld
systemctl start firewalld

# Set the default zone to public
firewall-cmd --set-default-zone=public

# Enable needed services

# NEMS Dashboard
firewall-cmd --permanent --zone=public --add-service=http
firewall-cmd --permanent --zone=public --add-service=https

# mDNS
firewall-cmd --permanent --zone=public --add-service=mdns

# 9590 Port Listener
firewall-cmd --permanent --zone=public --add-service=9590

# monit
firewall-cmd --permanent --zone=public --add-service=monit


if (( $platform < '10' )); then
firewall-cmd --permanent --zone=public --add-service=rpi-monitor
fi

# Reload the current services
systemctl reload firewalld
@@ -3,7 +3,7 @@ echo $0 > /var/www/html/userfiles/nems-build.cur

platform=$(/usr/local/bin/nems-info platform)

if [[ $platform < 10 ]]; then
if (( $platform < '10' ); then
printf "Installing support for PiWatcher hardware... "
# enable I2C
@@ -3,7 +3,7 @@ echo $0 > /var/www/html/userfiles/nems-build.cur

platform=$(/usr/local/bin/nems-info platform)

if [[ $platform < 10 ]]; then
if (( $platform < '10' )); then

# Try apt first
echo "Installing raspi-config... "
@@ -3,7 +3,7 @@ echo $0 > /var/www/html/userfiles/nems-build.cur

platform=$(/usr/local/share/nems/nems-scripts/info.sh platform) # This is why we have to do this after 150-nems

if [[ $platform < 10 ]]; then
if (( $platform < '10' )); then
echo "Installing rpimonitor... "
apt update
apt -y install dirmngr
@@ -10,12 +10,5 @@ echo $0 > /var/www/html/userfiles/nems-build.cur
# Install Cockpit
apt update
apt -y install cockpit
apt -y install firewalld
apt -y install cokcpit-networking
apt -y install cockpit-networking

systemctl unmask firewalld
systemctl enable firwalld
systemctl start firewalld

# Setup firewall rules
firewall-cmd --permanent --add-port=3306/tcp

0 comments on commit fd33585

Please sign in to comment.
You can’t perform that action at this time.