zias/omarchy
1
0
Fork 0
mirror of https://github.com/basecamp/omarchy.git synced 2026-02-17 15:25:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add omarchy-doctor checks

Browse Source
This commit is contained in:
Ryan Hughes
2025-09-28 00:45:37 -04:00
parent 57a977a51d
commit 9dcc6f0aec
14 changed files with 321 additions and 165 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
install/checks/firewall.sh Normal file
View File

@@ -0,0 +1,21 @@
OMARCHY_DESCRIPTION="Firewall Configuration"
omarchy_verify() {
# Check if UFW is enabled
sudo ufw status | grep -q "Status: active" || add_error "UFW firewall not active"
# Check if UFW service is enabled
systemctl is-enabled ufw &>/dev/null || add_error "UFW service not enabled"
# Check default policies - they're on one line as "Default: deny (incoming), allow (outgoing), deny (routed)"
sudo ufw status verbose | grep -q "Default:.*deny (incoming)" || add_error "UFW default incoming policy not set to deny"
sudo ufw status verbose | grep -q "Default:.*allow (outgoing)" || add_error "UFW default outgoing policy not set to allow"
# Check specific rules are present
sudo ufw status numbered | grep -q "53317/udp" || add_error "LocalSend UDP port 53317 not allowed"
sudo ufw status numbered | grep -q "53317/tcp" || add_error "LocalSend TCP port 53317 not allowed"
sudo ufw status numbered | grep -q "22/tcp" || add_error "SSH port 22 not allowed"
# Check Docker DNS rule
sudo ufw status numbered | grep -q "allow-docker-dns" || add_error "Docker DNS rule not configured"
}