From ba6efe65e6152c84e7f174d39fd6065bc4e6472a Mon Sep 17 00:00:00 2001
From: mahesh bhatiya <maheshbhatiya304@gmail.com>
Date: Sun, 29 Jun 2025 18:43:33 +0530
Subject: [PATCH] feat(cli): add enable-firewall command to configure UFW with
 default and custom ports

---
 cmd/enable_firewall.go | 54 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)
 create mode 100644 cmd/enable_firewall.go

diff --git a/cmd/enable_firewall.go b/cmd/enable_firewall.go
new file mode 100644
index 0000000..24b26fb
--- /dev/null
+++ b/cmd/enable_firewall.go
@@ -0,0 +1,54 @@
+package cmd
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/spf13/cobra"
+	"stackroost/internal"
+	"stackroost/internal/logger"
+)
+
+var firewallPorts []int
+
+var enableFirewallCmd = &cobra.Command{
+	Use:   "enable-firewall",
+	Short: "Enable UFW and allow common and custom ports",
+	Run: func(cmd *cobra.Command, args []string) {
+		logger.Info("Enabling UFW (Uncomplicated Firewall)")
+
+		// Install ufw if not installed
+		if err := internal.RunCommand("sudo", "apt-get", "install", "-y", "ufw"); err != nil {
+			logger.Error(fmt.Sprintf("Failed to install UFW: %v", err))
+			os.Exit(1)
+		}
+
+		// Allow essential ports
+		defaultPorts := []int{22, 80, 443}
+		for _, port := range defaultPorts {
+			logger.Info(fmt.Sprintf("Allowing port: %d", port))
+			internal.RunCommand("sudo", "ufw", "allow", fmt.Sprintf("%d", port))
+		}
+
+		// Allow custom ports
+		for _, port := range firewallPorts {
+			logger.Info(fmt.Sprintf("Allowing custom port: %d", port))
+			internal.RunCommand("sudo", "ufw", "allow", fmt.Sprintf("%d", port))
+		}
+
+		// Enable ufw
+		logger.Info("Enabling UFW")
+		internal.RunCommand("sudo", "ufw", "--force", "enable")
+
+		// Show status
+		logger.Info("Firewall status:")
+		internal.RunCommand("sudo", "ufw", "status", "verbose")
+
+		logger.Success("Firewall configured and enabled successfully")
+	},
+}
+
+func init() {
+	rootCmd.AddCommand(enableFirewallCmd)
+	enableFirewallCmd.Flags().IntSliceVarP(&firewallPorts, "port", "p", []int{}, "Additional custom ports to allow (comma separated)")
+}