##-------------##
#    Postfix    #
##-------------##

sed -i 's/#inet_interfaces = all/inet_interfaces = loopback-only/g' /etc/postfix/main.cf
sed -i 's/mydestination/#mydestination/g' /etc/postfix/main.cf
sed -i 's/relayhost =/mydestination = '$hostname', localhost.'$hostname', '$hostname'/g' /etc/postfix/main.cf
echo "bounce_notice_recipient = info@$domain" >/etc/postfix/main.cf
cat <<EOF > /etc/aliases
# See man 5 aliases for format
postmaster:    root
root:          $email
EOF
newaliases


##------------##
#   Fail2Ban   #
##------------##

##Disabled
#sed -i 's/root@localhost/'$email'/g' /etc/fail2ban/jail.conf
#wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/sshd.local -O /etc/fail2ban/jail.d/sshd.local
#if [[ $CMS == "Nextcloud" ]]; then
#wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/nextcloud.conf -O /etc/fail2ban/filter.d/nextcloud.conf
#wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/nextcloud.local -O /etc/fail2ban/jail.d/nextcloud.local
#fi
#if [[ $CMS == "Wordpress" ]]; then
#wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/wordpress.conf -O /etc/fail2ban/filter.d/wordpress.conf
#wget -q -t7 "$repo"/raw/branch/"$branch"/config/fail2ban/wordpress.local -O /etc/fail2ban/jail.d/wordpress.local
#fi


##-------##
#   UFW   #
##-------##

sed -i '/IPV6=/c\IPV6=yes' /etc/default/ufw
ufw default deny incoming > $OUTPUT 2>&1
ufw default allow outgoing > $OUTPUT 2>&1
ufw allow 80/tcp > $OUTPUT 2>&1
ufw allow 443/tcp > $OUTPUT 2>&1
ufw limit 4242/tcp > $OUTPUT 2>&1
echo "y" | ufw enable > $OUTPUT 2>&1