direct-online/vito
2
0
Fork 0
mirror of https://github.com/vitodeploy/vito.git synced 2025-07-04 07:22:34 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge (#127)

Browse Source
This commit is contained in:
Saeed Vaziry
2024-03-24 09:56:34 +01:00
committed by GitHub
parent 884f18db63
commit 4d051330d6
1055 changed files with 14493 additions and 20278 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
app/SSH/Services/Firewall/AbstractFirewall.php Executable file
View File

@ -0,0 +1,16 @@
<?php
namespace App\SSH\Services\Firewall;
use App\Models\Service;
use App\SSH\Services\ServiceInterface;
abstract class AbstractFirewall implements Firewall, ServiceInterface
{
protected Service $service;
public function __construct(Service $service)
{
$this->service = $service;
}
}

10
app/SSH/Services/Firewall/Firewall.php Executable file
View File

@ -0,0 +1,10 @@
<?php
namespace App\SSH\Services\Firewall;
interface Firewall
{
public function addRule(string $type, string $protocol, int $port, string $source, ?string $mask): void;
public function removeRule(string $type, string $protocol, int $port, string $source, ?string $mask): void;
}

46
app/SSH/Services/Firewall/Ufw.php Executable file
View File

@ -0,0 +1,46 @@
<?php
namespace App\SSH\Services\Firewall;
use App\SSH\HasScripts;
class Ufw extends AbstractFirewall
{
use HasScripts;
public function install(): void
{
$this->service->server->ssh()->exec(
$this->getScript('ufw/install-ufw.sh'),
'install-ufw'
);
}
public function addRule(string $type, string $protocol, int $port, string $source, ?string $mask): void
{
$this->service->server->ssh()->exec(
$this->getScript('ufw/add-rule.sh', [
'type' => $type,
'protocol' => $protocol,
'port' => $port,
'source' => $source,
'mask' => $mask || $mask == 0 ? '/'.$mask : '',
]),
'add-firewall-rule'
);
}
public function removeRule(string $type, string $protocol, int $port, string $source, ?string $mask): void
{
$this->service->server->ssh()->exec(
$this->getScript('ufw/remove-rule.sh', [
'type' => $type,
'protocol' => $protocol,
'port' => $port,
'source' => $source,
'mask' => $mask || $mask == 0 ? '/'.$mask : '',
]),
'remove-firewall-rule'
);
}
}

11
app/SSH/Services/Firewall/scripts/ufw/add-rule.sh Executable file
View File

@ -0,0 +1,11 @@
if ! sudo ufw __type__ from __source____mask__ to any proto __protocol__ port __port__; then
echo 'VITO_SSH_ERROR' && exit 1
fi
if ! sudo ufw reload; then
echo 'VITO_SSH_ERROR' && exit 1
fi
if ! sudo service ufw restart; then
echo 'VITO_SSH_ERROR' && exit 1
fi

27
app/SSH/Services/Firewall/scripts/ufw/install-ufw.sh Executable file
View File

@ -0,0 +1,27 @@
if ! sudo ufw default deny incoming; then
echo 'VITO_SSH_ERROR' && exit 1
fi
if ! sudo ufw default allow outgoing; then
echo 'VITO_SSH_ERROR' && exit 1
fi
if ! sudo ufw allow from 0.0.0.0/0 to any proto tcp port 22; then
echo 'VITO_SSH_ERROR' && exit 1
fi
if ! sudo ufw allow from 0.0.0.0/0 to any proto tcp port 80; then
echo 'VITO_SSH_ERROR' && exit 1
fi
if ! sudo ufw allow from 0.0.0.0/0 to any proto tcp port 443; then
echo 'VITO_SSH_ERROR' && exit 1
fi
if ! sudo ufw --force enable; then
echo 'VITO_SSH_ERROR' && exit 1
fi
if ! sudo ufw reload; then
echo 'VITO_SSH_ERROR' && exit 1
fi

11
app/SSH/Services/Firewall/scripts/ufw/remove-rule.sh Executable file
View File

@ -0,0 +1,11 @@
if ! sudo ufw delete __type__ from __source____mask__ to any proto __protocol__ port __port__; then
echo 'VITO_SSH_ERROR' && exit 1
fi
if ! sudo ufw reload; then
echo 'VITO_SSH_ERROR' && exit 1
fi
if ! sudo service ufw restart; then
echo 'VITO_SSH_ERROR' && exit 1
fi