From 9198a000385715d56d51c278ba2bd50509687e23 Mon Sep 17 00:00:00 2001 From: Sunil Mohan Adapa Date: Fri, 11 Nov 2022 11:16:19 -0800 Subject: [PATCH] deluge: Add protection to local service using firewall Tests: - When app is freshly installed, nft rules are inserted. - Trying to connect to local daemon from fbx user fails. - Functional tests pass. Signed-off-by: Sunil Mohan Adapa Reviewed-by: James Valleroy --- plinth/modules/deluge/__init__.py | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/plinth/modules/deluge/__init__.py b/plinth/modules/deluge/__init__.py index bf4605fee..ffcb1e639 100644 --- a/plinth/modules/deluge/__init__.py +++ b/plinth/modules/deluge/__init__.py @@ -8,7 +8,8 @@ from plinth import frontpage, menu from plinth.daemon import Daemon from plinth.modules.apache.components import Webserver from plinth.modules.backups.components import BackupRestore -from plinth.modules.firewall.components import Firewall +from plinth.modules.firewall.components import (Firewall, + FirewallLocalProtection) from plinth.modules.users import add_user_to_share_group from plinth.modules.users.components import UsersAndGroups from plinth.package import Packages @@ -29,7 +30,7 @@ class DelugeApp(app_module.App): app_id = 'deluge' - _version = 6 + _version = 7 def __init__(self): """Create components for the app.""" @@ -68,6 +69,10 @@ class DelugeApp(app_module.App): ports=['http', 'https'], is_external=True) self.add(firewall) + firewall_local_protection = FirewallLocalProtection( + 'firewall-local-protection-deluge', ['8112']) + self.add(firewall_local_protection) + webserver = Webserver('webserver-deluge', 'deluge-plinth', urls=['https://{host}/deluge']) self.add(webserver)