open the firewall to an alternative SSH port if set

https://discourse.mailinabox.email/t/opening-up-a-custom-port-for-ssh-after-install/55/2

open the firewall to an alternative SSH port if set
https://discourse.mailinabox.email/t/opening-up-a-custom-port-for-ssh-after-install/55/2
dd915536 · Joshua Tauberer · 98651dee · dd915536
Commit dd915536 authored Sep 20, 2014 by Joshua Tauberer
Hide whitespace changes
Inline Side-by-side

Showing with 14 additions and 0 deletions

system.sh setup/system.sh +14 -0

No files found.
--- a/setup/system.sh
+++ b/setup/system.sh
@@ -35,8 +35,22 @@ if [ -z "$DISABLE_FIREWALL" ]; then
 	# Various virtualized environments like Docker and some VPSs don't provide
 	# a kernel that supports iptables. To avoid error-like output in these cases,
 	# let us disable the firewall.
+
 	apt_install ufw
+
 	ufw_allow ssh;
+
+	# ssh might be running on an alternate port. Use sshd -T to dump sshd's
+	# settings, find the port it is supposedly running on, and open that port
+	# too.
+	SSH_PORT=$(sshd -T 2>/dev/null | grep "^port " | sed "s/port //")
+	if [ ! -z "$SSH_PORT" ]; then
+		if [ "$SSH_PORT" != "22" ]; then
+			echo Opening alternate SSH port $SSH_PORT.
+			ufw_allow $SSH_PORT;
+		fi
+	fi
+
 	ufw --force enable;
 fi