# !/bin/bash
# Script to set up UFW (Uncomplicated Firewall) with basic rules

# Update package lists and install UFW
sudo apt update && sudo apt upgrade -y
sudo apt install ufw -y

# Set default policies

sudo ufw allow 22/tcp
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp

# Allow SSH for gitea container on port 2222
sudo ufw allow 2222/tcp

# Allow UDP ports from 60000 to 61000 for mosh
sudo ufw allow 60000:61000/udp

#Solving iptables-persistent issue with UFW and Docker
sudo chown $USER:root /etc/ufw/after.rules

# check if DOCKER-USER chain already exists to avoid duplicates

grep -q 'DOCKER-USER' /etc/ufw/after.rules || echo "Updating ufw iptables" && sudo cat $PWD/.data/ufw/after.rules >> /etc/ufw/after.rules
sudo chown root:root /etc/ufw/after.rules

# Enable UFW
sudo ufw enable
sudo ufw status verbose