bachir
/
alpine-web-werver


			
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556
							#!/bin/sh

# TODO check if root

echo -e '
  _  __             _
 | |/ /_ _  ___  __| |__
 | . <| . \/ _ \/ _| / /
 |_|\_\_||_\___/\__|_\_\
'
echo -e "Installing knockd to control ssh port opening"

. bin/checkroot.sh

# get the current position
_cwd="$(pwd)"

# check for assets forlder
_assets="$_cwd/assets"
if [ ! -d "$_assets" ]; then
  _assets="$_cwd/../assets"
  if [ ! -d "$_assets" ]; then
    echo "!! can't find assets directory !!"
    exit
  fi
fi

sleep 2
apk add knock


echo -n "checking if ufw is installed"
ufw_installed=$(apk list -I | grep "ufw")
if ! $ufw_installed; then
  echo -n "ufw installed"

  mv /etc/knockd.conf /etc/knockd.conf.ori
  cp "$_assets"/knockd.conf /etc/knockd.conf
  echo -n "define a sequence number for opening ssh (as 7000,8000,9000) : "
  read sq
  sed -i "s/7000,8000,9000/$sq/g" /etc/knockd.conf

  rc-update add knockd
  /etc/init.d/knockd start

  ufw delete allow ssh

  echo -e "knockd installed and configured"
  echo -e "please note this sequence for future ssh knocking"
  echo "$sq"
else
  #. bin/ufw.sh
  echo -n "ufw not installed, needed by knockd, configuration aborted"
fi

sleep 3