feat(ufw): auto-open firewall ports after app installation

- cloudpanel: allow ftp, smtp, dns, http, https, smtps, imaps, pop3s, and admin panel ports - coolify: allow http, https, and dashboard port after install - pterodactyl: allow http, https, wings daemon (8080), and sftp (2022) ports - uptime-kuma: allow app port on install - proxmox: add open_firewall_ports() with ufw guard checks and new menu option [9]
2026-05-12 17:46:31 -04:00
parent aba84b26f7
commit dda32051ac
8 changed files with 134 additions and 15 deletions
@@ -12,6 +12,44 @@ eval "$_lib"
 unset _lib
 export LXS_LOG_FILE="/tmp/lxs_system_tools.log"

+# Run a sibling tool script. Prefers a file next to this script (installed
+# layout); falls back to downloading from LXS_RAW_BASE.
+run_sibling() {
+    local script_path=$1
+    shift
+    local script_name self_dir resolved src="${BASH_SOURCE[0]}"
+    script_name=$(basename "$script_path")
+
+    if [ -n "$src" ]; then
+        resolved=$(readlink -f "$src" 2>/dev/null) \
+            || resolved=$(realpath "$src" 2>/dev/null) \
+            || resolved="$src"
+        self_dir=$(dirname "$resolved")
+    fi
+
+    if [ -n "$self_dir" ] && [ -f "${self_dir}/${script_name}" ]; then
+        chmod +x "${self_dir}/${script_name}" 2>/dev/null || true
+        "${self_dir}/${script_name}" "$@"
+        return $?
+    fi
+
+    local temp_file exit_code
+    temp_file=$(mktemp "/tmp/lxs.${script_name%.*}.XXXXXX.sh")
+    echo -e "${PURPLE}[*] Downloading ${BOLD}${script_name}${NC}${PURPLE}...${NC}"
+    if curl -fsSL -H "Cache-Control: no-cache" -o "${temp_file}" "${LXS_RAW_BASE}/${script_path}"; then
+        echo -e "${GREEN}[✓] Downloaded${NC}"
+        chmod +x "${temp_file}"
+        "${temp_file}" "$@"
+        exit_code=$?
+        rm -f "${temp_file}"
+        return $exit_code
+    else
+        echo -e "${RED}[✗] Failed to download ${script_path}${NC}"
+        rm -f "${temp_file}"
+        return 1
+    fi
+}
+
 # Menu: System Tools
 menu_system_tools() {
    while true; do
@@ -28,9 +66,11 @@ menu_system_tools() {
        echo -e "  ${CYAN}[6]${NC} View system logs (last 50 lines)"
        echo -e "  ${CYAN}[7]${NC} Show top resource-consuming processes"
        echo -e "  ${CYAN}[8]${NC} Check disk health (SMART)"
+        echo -e "  ${PURPLE}[9]${NC} Server Benchmark"
+        echo -e "  ${YELLOW}[10]${NC} Harden Server"
        echo -e "  ${RED}[0]${NC} Exit"
        echo ""
-        echo -e -n "${BOLD}Choice [0-8]: ${NC}"
+        echo -e -n "${BOLD}Choice [0-10]: ${NC}"
        read -r choice
        
        echo ""
@@ -266,11 +306,17 @@ menu_system_tools() {
                    fi
                fi
                ;;
+            9)
+                run_sibling "tools/server-benchmark.sh"
+                ;;
+            10)
+                run_sibling "tools/harden.sh"
+                ;;
            0)
                exit 0
                ;;
            *)
-                echo -e "${RED}[✗] Invalid option. Please select 0-8.${NC}"
+                echo -e "${RED}[✗] Invalid option. Please select 0-10.${NC}"
                sleep 2
                continue
                ;;