moved blocklist installation to its own script, and moved it to the end of the installation, even after the first user so it can setup all the iptables after everything has been setup

setup/blocklist.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+# Add Blocklist.de malicious IP Addresses to Daily Crontab
+# Also IPtables-persistent to save IP addresses upon reboot
+# Added by Alon "ChiefGyk" Ganon
+cp conf/blocklist/sync-fail2ban /etc/cron.daily/sync-fail2ban
+chmod a+x /etc/cron.daily/sync-fail2ban
+time /etc/cron.daily/sync-fail2ban
+echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
+echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections
+apt_install iptables-persistent
+iptables-save > /etc/iptables/rules.v4
+ip6tables-save > /etc/iptables/rules.v6

setup/start.sh

@@ -127,6 +127,9 @@ management/ssl_certificates.py -q
 # If there aren't any mail users yet, create one.
 source setup/firstuser.sh
 
+#Setup Blocklist
+source setup/blocklist.sh
+
 # Done.
 echo
 echo "-----------------------------------------------"

setup/system.sh

@@ -298,15 +298,3 @@ cat conf/fail2ban/jail.local \
 cp conf/fail2ban/dovecotimap.conf /etc/fail2ban/filter.d/dovecotimap.conf
 
 restart_service fail2ban
-
-# Add Blocklist.de malicious IP Addresses to Daily Crontab
-# Also IPtables-persistent to save IP addresses upon reboot
-# Added by Alon "ChiefGyk" Ganon
-cp conf/blocklist/sync-fail2ban /etc/cron.daily/sync-fail2ban
-chmod a+x /etc/cron.daily/sync-fail2ban
-time /etc/cron.daily/sync-fail2ban
-echo iptables-persistent iptables-persistent/autosave_v4 boolean true | sudo debconf-set-selections
-echo iptables-persistent iptables-persistent/autosave_v6 boolean true | sudo debconf-set-selections
-apt_install iptables-persistent
-iptables-save > /etc/iptables/rules.v4
-ip6tables-save > /etc/iptables/rules.v6