ufw stuff

configs/scripts/ufw-del

@@ -0,0 +1,50 @@
+#! /usr/bin/env python
+import argparse
+import sys
+import logging
+import subprocess
+
+logger = logging.getLogger(__name__)
+
+def main() -> int:
+    # Handle program arguments
+    ap = argparse.ArgumentParser(prog='ufw-del', description='Delete UFW rules by their comment')
+    ap.add_argument('comment', help='Comment to delete')
+    ap.add_argument("--dry-run", help="Don't actually delete the rules", action="store_true")
+    ap.add_argument('-v', '--verbose', help='Enable verbose logging', action='store_true')
+    args = ap.parse_args()
+
+    # Configure logging
+    logging.basicConfig(
+        level=logging.DEBUG if args.verbose else logging.INFO,
+        format='%(levelname)s:	%(message)s',
+    )
+    
+    # Call ufw to get a list of rules
+    logger.info('Getting list of rules...')
+    rules = subprocess.run(['sudo', 'ufw', 'status', 'numbered'], capture_output=True, text=True).stdout.split('\n')
+    rules = [rule for rule in rules if rule.startswith('[')]
+    logger.info(f'Found {len(rules)} rules')
+    
+    # Reshape the rules list to be (number, line) tuples
+    rules = [(int(rule.split('[')[1].split(']')[0].strip()), rule) for rule in rules]
+    
+    # Sort descending by rule number
+    rules.sort(key=lambda x: x[0], reverse=True)
+    
+    # Delete rules with the specified comment
+    for rule_num, rule in rules:
+        if "#" in rule:
+            comment = rule.split('#')[1].strip()
+            if comment == args.comment:
+                rule_id = rule.split("]")[0].strip('[').strip()
+                logger.info(f'Deleting rule {rule_id}...')
+                
+                if not args.dry_run:
+                    subprocess.run(['sudo', 'ufw', 'delete', rule_id])
+            
+
+    return 0
+
+if __name__ == "__main__":
+    sys.exit(main())

configs/scripts/ufw-gen

@@ -0,0 +1,95 @@
+#! /usr/bin/env python
+import argparse
+import sys
+import logging
+import subprocess
+
+logger = logging.getLogger(__name__)
+
+PROFILES = {
+    "minecraft": {
+        "comment": "Minecraft Server",
+        "ports": [(25565, "tcp"), (25565, "udp")],
+    },
+    "unturned": {
+        "comment": "Unturned Server",
+        "ports": [(27015, "tcp"), (27015, "udp"), (27016, "tcp"), (27016, "udp")],
+    },
+    "zola": {
+        "comment": "Zola",
+        "ports": [(1111, "tcp")],
+    },
+}
+
+
+def main() -> int:
+    # Handle program arguments
+    ap = argparse.ArgumentParser(
+        prog="ufw-gen", description="Generate UFW allow commands"
+    )
+    ap.add_argument(
+        "profile",
+        help="Profile to generate UFW allow commands for",
+        choices=PROFILES.keys(),
+    )
+    ap.add_argument("--from", help="Source IP address", default="any", dest="source")
+    ap.add_argument("--to", help="Destination IP address", default="any", dest="dest")
+    ap.add_argument(
+        "--no-sudo", help="Don't prefix commands with sudo", action="store_true"
+    )
+    ap.add_argument(
+        "--dry-run", help="Generate UFW commands in dry-run mode", action="store_true"
+    )
+    ap.add_argument(
+        "--execute", "-x", help="Execute generated UFW commands", action="store_true"
+    )
+    ap.add_argument(
+        "-v", "--verbose", help="Enable verbose logging", action="store_true"
+    )
+    args = ap.parse_args()
+
+    # Configure logging
+    logging.basicConfig(
+        level=logging.DEBUG if args.verbose else logging.INFO,
+        format="%(levelname)s:	%(message)s",
+    )
+
+    # Generate UFW allow commands
+    profile = PROFILES[args.profile]
+    for port, proto in profile["ports"]:
+        sudo_str = "" if args.no_sudo else "sudo "
+        dry_run_str = "--dry-run" if args.dry_run else ""
+
+        # Generate the command
+        command = ["sudo", "ufw"] if not args.no_sudo else ["ufw"]
+        if args.dry_run:
+            command.append("--dry-run")
+        command.extend(
+            [
+                "allow",
+                "from",
+                args.source,
+                "to",
+                args.dest,
+                "port",
+                str(port),
+                "proto",
+                proto,
+                "comment",
+                profile["comment"],
+            ]
+        )
+
+        # Run
+        print(" ".join(command))
+        if args.execute:
+            result = subprocess.run(command).returncode
+            if result != 0:
+                logger.error("Failed to run command: %s", command)
+                return result
+
+    return 0
+
+
+if __name__ == "__main__":
+    sys.exit(main())

configs/shells/bash/macros.sh

@@ -21,6 +21,7 @@ alias yk-totp="ykman oath accounts code"
 alias flush-dns-cache="sudo systemd-resolve --flush-caches"
 alias which-ls="ls -la $(which ls)"
 alias rdns="dig +short -x"
+alias ufw-status="sudo ufw status numbered"
 
 # WHOIS macros
 alias whois-afrinic="whois -h whois.afrinic.net"

install-linux.sh

@@ -115,7 +115,7 @@ set +x
 # If ~/.config/git/config-fragments/personal-info.gitconfig does not exist
 if [ ! -f ~/.config/git/config-fragments/personal-info.gitconfig ]; then
     # Ask if the user wants to install personal GIT config
-    echo "Do you want to install the personal GIT config? (y/n)"
+    echo -n "Do you want to install the personal GIT config? (y/n) "
     read -r install_git_config
     if [ "$install_git_config" = "y" ]; then
         ln -sf $EWCONFIG_ROOT/configs/git/config-fragments/personal-info.gitconfig ~/.config/git/config-fragments/personal-info.gitconfig