Optionally enable http/https

2023-09-03 16:58:01 +02:00 · 2023-09-03 16:58:01 +02:00 · f58217a54a
parent e479918bc1
commit f58217a54a
1 changed files with 15 additions and 2 deletions
--- a/install.sh
+++ b/install.sh
@ -48,6 +48,14 @@ case "$REPLY_SSH_KEYS" in
  * ) echo "invalid";;
 esac

+echo
+read -p "Configure for http+https? " -n 1 -r REPLY_HTTPHTTPS
+case "$REPLY_HTTPHTTPS" in 
+  y|Y ) echo "yes";;
+  n|N ) echo "no";;
+  * ) echo "invalid";;
+esac
+
 # Make a sane environment
 echo -e "\e[1;32mSetting up environment...\e[0m"
 echo "deb https://deb.debian.org/debian/ bookworm main contrib non-free-firmware non-free" > /etc/apt/sources.list
@ -230,8 +238,13 @@ echo -e "\e[1;32mConfiguring firewall...\e[0m"
 ufw default deny incoming
 ufw default allow outgoing
 ufw allow ${SSH_PORT}/tcp
-ufw allow http
-ufw allow https
+
+if [[ $REPLY_HTTPHTTPS =~ ^[Yy]$ ]]
+then
+  ufw allow http
+  ufw allow https
+fi
+
 ufw enable

 # Install crowdsec