From 0723059fb3cb2520db0e944a3eb9a53f26712355 Mon Sep 17 00:00:00 2001
From: Martin Mose Hansen <martinmosehansen@me.com>
Date: Wed, 3 Sep 2025 17:08:09 +0200
Subject: [PATCH 1/2] fix: ensure that ufw is enabled

---
 install/first-run/firewall.sh |  3 +++
 migrations/1756911131.sh      | 13 +++++++++++++
 2 files changed, 16 insertions(+)
 create mode 100755 migrations/1756911131.sh

diff --git a/install/first-run/firewall.sh b/install/first-run/firewall.sh
index efd1159f..c802467e 100755
--- a/install/first-run/firewall.sh
+++ b/install/first-run/firewall.sh
@@ -17,6 +17,9 @@ sudo ufw allow in proto udp from 172.16.0.0/12 to 172.17.0.1 port 53 comment 'al
 # Turn on the firewall
 sudo ufw --force enable
 
+# Enable UFW systemd service to start on boot
+sudo systemctl enable ufw
+
 # Turn on Docker protections
 sudo ufw-docker install
 sudo ufw reload
diff --git a/migrations/1756911131.sh b/migrations/1756911131.sh
new file mode 100755
index 00000000..c7e9cd55
--- /dev/null
+++ b/migrations/1756911131.sh
@@ -0,0 +1,13 @@
+echo "Enable UFW systemd service for existing installations"
+
+# Check if UFW is installed and configured but systemd service not enabled
+if command -v ufw >/dev/null 2>&1; then
+  # Check if UFW has rules configured (indicating it was set up by Omarchy)
+  if sudo ufw status | grep -q "Status: active\|22/tcp\|53317"; then
+    # Enable UFW systemd service if not already enabled
+    if ! systemctl is-enabled ufw >/dev/null 2>&1; then
+      sudo systemctl enable ufw
+      echo "UFW systemd service enabled"
+    fi
+  fi
+fi
\ No newline at end of file

From 136a2268ead4dbd4bd3952a76588f256b504fbcd Mon Sep 17 00:00:00 2001
From: Martin Mose Facondini <martinmosehansen@me.com>
Date: Wed, 3 Sep 2025 18:42:58 +0200
Subject: [PATCH 2/2] refactor: pr feedback - ufw

---
 migrations/1756911131.sh | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

diff --git a/migrations/1756911131.sh b/migrations/1756911131.sh
index c7e9cd55..6747ab06 100755
--- a/migrations/1756911131.sh
+++ b/migrations/1756911131.sh
@@ -1,13 +1,11 @@
 echo "Enable UFW systemd service for existing installations"
 
-# Check if UFW is installed and configured but systemd service not enabled
-if command -v ufw >/dev/null 2>&1; then
-  # Check if UFW has rules configured (indicating it was set up by Omarchy)
-  if sudo ufw status | grep -q "Status: active\|22/tcp\|53317"; then
-    # Enable UFW systemd service if not already enabled
-    if ! systemctl is-enabled ufw >/dev/null 2>&1; then
-      sudo systemctl enable ufw
-      echo "UFW systemd service enabled"
+if omarchy-cmd-present ufw; then
+    if sudo ufw status | grep -q "Status: active\|22/tcp\|53317"; then
+        if ! systemctl is-enabled ufw >/dev/null 2>&1; then
+            sudo systemctl enable ufw --now
+            echo "UFW systemd service enabled"
+        fi
     fi
-  fi
-fi
\ No newline at end of file
+fi
+