-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathinstall.sh
More file actions
executable file
·59 lines (50 loc) · 1.75 KB
/
install.sh
File metadata and controls
executable file
·59 lines (50 loc) · 1.75 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
#!/bin/bash
set -e
echo ""
echo " █████╗ ███████╗██╗ ██╗"
echo "██╔══██╗██╔════╝██║ ██║"
echo "███████║█████╗ ██║ █╗ ██║"
echo "██╔══██║██╔══╝ ██║███╗██║"
echo "██║ ██║██║ ╚███╔███╔╝"
echo "╚═╝ ╚═╝╚═╝ ╚══╝╚══╝"
echo " Application Firewall Installer"
echo ""
# Check root
if [ "$EUID" -ne 0 ]; then
echo "Error: Please run as root (sudo ./install.sh)"
exit 1
fi
# Ensure rustup/cargo bin is in PATH (sudo often strips it)
REAL_HOME=$(eval echo "~${SUDO_USER:-$USER}")
if [ -d "$REAL_HOME/.cargo/bin" ]; then
export PATH="$REAL_HOME/.cargo/bin:$PATH"
fi
# Check dependencies
for cmd in nft cargo rustup; do
if ! command -v "$cmd" &>/dev/null; then
echo "Error: $cmd is required but not found"
exit 1
fi
done
echo "[1/4] Building eBPF programs..."
sudo -u "${SUDO_USER:-$USER}" cargo xtask build-ebpf --release
echo "[2/4] Building userspace binary..."
sudo -u "${SUDO_USER:-$USER}" cargo build --release -p afw
echo "[3/4] Installing..."
install -Dm755 target/release/afw /usr/bin/afw
install -Dm644 config/afw.toml /etc/afw/afw.toml
install -dm755 /etc/afw/conf.d
for f in config/conf.d/*.toml; do
install -Dm644 "$f" "/etc/afw/conf.d/$(basename "$f")"
done
install -Dm644 systemd/afw.service /etc/systemd/system/afw.service
install -dm755 /var/log/afw
echo "[4/4] Reloading systemd..."
systemctl daemon-reload
echo ""
echo "AFW installed successfully!"
echo ""
echo " Start: systemctl start afw"
echo " Enable: systemctl enable afw"
echo " Status: afw status"
echo ""