fix

Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>

host/make.sh

@@ -41,9 +41,8 @@ if xreadYes "# Create bridges?" BRIDGES ; then
 fi
 
 # Firewall
-# XXX this should be done after the setup process...
-if xreadYes "# Update firewall rules?" BRIDGES ; then
-	echo
+if xreadYes "# Update firewall rules?" FIREWALL ; then
+	@ cp --backup -i templates/etc/pve/firewall/cluster.fw /etc/pve/firewall/
 fi
 
 

host/templates/pve/etc/firewall/cluster.fw

@@ -17,7 +17,7 @@ OUT DHCPfwd(REJECT) -i vmbr0 -log nolog
 IN DNS(ACCEPT) -i vmbr0 -log nolog
 IN Ping(ACCEPT) -i vmbr0 -log nolog
 IN SSH(ACCEPT) -i vmbr0 -log nolog
-IN OpenVPN(ACCEPT) -i vmbr0 -log nolog
+|IN OpenVPN(ACCEPT) -i vmbr0 -log nolog
 IN Web(ACCEPT) -i vmbr0 -log nolog
 IN ACCEPT -i vmbr0 -p udp -dport 22027 -log nolog # syncthing
 IN ACCEPT -i vmbr0 -p udp -dport 22000 -log nolog # syncthing

syncthing/make.sh

@@ -78,7 +78,7 @@ sleep ${TIMEOUT:=5}
 		-i /var/lib/syncthing/.config/syncthing/config.xml
 
 echo "# Setup: firewall..."
-@ cp fw/ID.fw /etc/firewall/$ID.fw
+@ cp --backup -i fw/ID.fw /etc/pve/firewall/$ID.fw
 
 echo "# Post config..."
 pctSet $ID "${OPTS_STAGE_2}" $REBOOT