contrib/ folder with more usefull info for setting server

vodolaz095 · Aug 11, 2015 · 96f440e · 96f440e
1 parent 4891711
commit 96f440e
Show file tree

Hide file tree

Showing 5 changed files with 42 additions and 8 deletions.
diff --git a/.gitignore b/.gitignore
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,6 @@
 # v 1.1.0
-Tons of fixes, console interface is refactored. Console commands of `gossha list`,`gossha log`,`gossha dumpcfg` are added.
+Tons of smallfixes, console interface is refactored. Console commands of `gossha list`,`gossha log`,`gossha dumpcfg` are added.
+More verbose error reporter with link to bug-tracker.
 
 # v 1.0.4
 Newer crypto and gorm libs. More standart and automated `Makefile` behaviour. Readme updated.

diff --git a/Makefile b/Makefile
@@ -33,11 +33,12 @@ check: deps
 
 build: clean engrave deps check
 	go build -o "build/gossha" app/gossha.go
+	git checkout ver.go
 
 dist: build
-	zip $(archiv).zip  build/gossha README.md README_RU.md CHANGELOG.md homedir/ systemd/ -r
-	tar -czvf $(archiv).tar.gz  build/gossha README.md README_RU.md CHANGELOG.md homedir/ systemd/
-	tar -cjvf $(archiv).tar.bz2 build/gossha README.md README_RU.md CHANGELOG.md homedir/ systemd/
+	zip $(archiv).zip  build/gossha README.md README_RU.md CHANGELOG.md homedir/ contrib/ -r
+	tar -czvf $(archiv).tar.gz  build/gossha README.md README_RU.md CHANGELOG.md homedir/ contrib/
+	tar -cjvf $(archiv).tar.bz2 build/gossha README.md README_RU.md CHANGELOG.md homedir/ contrib/
 
 
 sign:

diff --git a/contrib/firewall.sh b/contrib/firewall.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+#Official script to set up firewall properly with GoSSHa SSH chat
+#(c) Ostroumov Anatolij
+# https://github.com/vodolaz095/gossha
+
+
+#drop all rules
+iptables -F
+
+#basic anti ddos
+iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
+iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
+iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
+
+#accept established connections
+iptables -A INPUT -p ALL -m state --state ESTABLISHED,RELATED  -j ACCEPT
+
+#to access localhost
+iptables -A INPUT -i lo -j ACCEPT
+
+#open for ssh server
+iptables -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
+
+#open for GoSSHa server
+iptables -A INPUT -p tcp -m tcp --dport 27015 -j ACCEPT
+
+#allow sending anything
+iptables -P OUTPUT ACCEPT
+
+#do no accept other incoming transmissions
+iptables -P INPUT DROP
diff --git a/systemd/gossha@.service → contrib/systemd/gossha@.service b/systemd/gossha@.service → contrib/systemd/gossha@.service
@@ -1,12 +1,14 @@
 [Unit]
-Description=goSSHa for %i
+Description=Secure SSH based chat for %i
+Wants=network.target
+After=network.target
 
 [Service]
+ProtectSystem=true
 Type=simple
 User=%i
 ExecStart=/usr/bin/gossha
 Restart=always
 
 [Install]
 WantedBy=multi-user.target
-