external/mailinabox
1
0
Fork 0
mirror of https://github.com/mail-in-a-box/mailinabox.git synced 2025-04-06 00:37:06 +00:00
Code Issues Releases Wiki Activity

Don't add firewall rules for the remote nextcloud if it's not accessible

Browse Source
This commit is contained in:
downtownallday 2022-09-22 11:07:34 -04:00
parent 912b78bb47
commit 68bc176b00
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
setup/mods.available/remote-nextcloud.sh
View File

@ -180,8 +180,10 @@ remote_nextcloud_handler() {
NC_HOST_SRC_IP="$ans" NC_HOST_SRC_IP="$ans"
if [ -z "$NC_HOST_SRC_IP" ]; then if [ -z "$NC_HOST_SRC_IP" ]; then
echo ""
echo "Using Nextcloud ${new_url}" echo "Using Nextcloud ${new_url}"
else else
echo ""
echo "Using Nextcloud ${new_url} (but, the source ip of ldap queries will come from $NC_HOST_SRC_IP)" echo "Using Nextcloud ${new_url} (but, the source ip of ldap queries will come from $NC_HOST_SRC_IP)"
fi fi
@ -220,10 +222,15 @@ remote_nextcloud_handler() {
from_ips=( $NC_HOST_SRC_IP ) from_ips=( $NC_HOST_SRC_IP )
else else
from_ips=( from_ips=(
$(getent ahostsv4 "$NC_HOST" | head -1 | awk '{print $1}') $(getent ahostsv4 "$NC_HOST" | head -1 | awk '{print $1}'; exit 0)
$(getent ahostsv6 "$NC_HOST" | head -1 | awk '{print $1}') $(getent ahostsv6 "$NC_HOST" | head -1 | awk '{print $1}'; exit 0)
) )
if [ ${#from_ips[*]} -eq 0 ]; then
echo ""
echo "Warning: $NC_HOST could not be resolved to an IP address, so no firewall rules were added to allow $NC_HOST to query our LDAP server. You may have to add ufw rules manually to allow the remote nextcloud to query ldaps port 636/tcp."
fi
fi fi
for ip in "${from_ips[@]}"; do for ip in "${from_ips[@]}"; do
hide_output ufw allow proto tcp from "$ip" to any port ldaps comment "remote_nextcloud" hide_output ufw allow proto tcp from "$ip" to any port ldaps comment "remote_nextcloud"
done done