From 90c1c007b807e5e17bfaffc82017884ef6d559de Mon Sep 17 00:00:00 2001
From: anmol <github@datamol.org>
Date: Mon, 19 Nov 2018 16:15:24 +0530
Subject: [PATCH] Security:Close the port for peertube

---
 scripts/install |  3 ---
 scripts/restore |  3 ---
 scripts/upgrade | 11 +++++++++--
 3 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/scripts/install b/scripts/install
index 37bccd8..565b343 100644
--- a/scripts/install
+++ b/scripts/install
@@ -69,9 +69,6 @@ ynh_app_setting_set "$app" is_public   "$is_public"
 
 # Find a free port
 port=$(ynh_find_port 9000)
-
-# Open this port
-yunohost firewall allow Both "$port" 2>&1
 ynh_app_setting_set "$app" port "$port"
 
 #=================================================
diff --git a/scripts/restore b/scripts/restore
index 5ad4961..a35ef5e 100644
--- a/scripts/restore
+++ b/scripts/restore
@@ -62,9 +62,6 @@ ynh_restore_file "/etc/nginx/conf.d/$domain.d/$app.conf"
 
 ynh_restore_file "$final_path"
 
-# Open this port
-yunohost firewall allow Both "$port" 2>&1
-
 #=================================================
 # RECREATE THE DEDICATED USER
 #=================================================
diff --git a/scripts/upgrade b/scripts/upgrade
index bfd1bfe..dcf1ff3 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -77,8 +77,15 @@ datadir="/home/yunohost.app/${app}/storage"
 # Create app folders
 mkdir -p "$datadir"
 
-# Open this port
-yunohost firewall allow Both "$port" 2>&1
+#=================================================
+# CLOSE A PORT
+#=================================================
+
+if yunohost firewall list | grep -q "\- $port$"
+then
+	echo "Close port $port"
+	yunohost firewall disallow Both "$port" 2>&1
+fi
 
 #=================================================
 # CREATE DEDICATED USER