From f58217a54ab5a23a0d4a88a00cfae76dc455e45c Mon Sep 17 00:00:00 2001
From: Martijn de Boer <git@sexybiggetje.nl>
Date: Sun, 3 Sep 2023 16:58:01 +0200
Subject: [PATCH] Optionally enable http/https

---
 install.sh | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

diff --git a/install.sh b/install.sh
index 2f354ba..545cabb 100644
--- a/install.sh
+++ b/install.sh
@@ -48,6 +48,14 @@ case "$REPLY_SSH_KEYS" in
   * ) echo "invalid";;
 esac
 
+echo
+read -p "Configure for http+https? " -n 1 -r REPLY_HTTPHTTPS
+case "$REPLY_HTTPHTTPS" in 
+  y|Y ) echo "yes";;
+  n|N ) echo "no";;
+  * ) echo "invalid";;
+esac
+
 # Make a sane environment
 echo -e "\e[1;32mSetting up environment...\e[0m"
 echo "deb https://deb.debian.org/debian/ bookworm main contrib non-free-firmware non-free" > /etc/apt/sources.list
@@ -230,8 +238,13 @@ echo -e "\e[1;32mConfiguring firewall...\e[0m"
 ufw default deny incoming
 ufw default allow outgoing
 ufw allow ${SSH_PORT}/tcp
-ufw allow http
-ufw allow https
+
+if [[ $REPLY_HTTPHTTPS =~ ^[Yy]$ ]]
+then
+  ufw allow http
+  ufw allow https
+fi
+
 ufw enable
 
 # Install crowdsec