[Documentation] Firewall improvements


First and foremost, thank you for making such a wonderful open source product. Really appreciate it. I have selected the feature requests category, as filing a bug on Github didn’t seem to be particularly outfitted to report bugs in the documentation.

The documentation currently instructs the user to perform the following steps (on the package installation page), if they are installing on Ubuntu:

$ # Open Port 80 and 443 on your Firewall
$ ufw allow 80
$ ufw allow 443
$ ufw reload

In my humble opinion, this could be improved on two points:

  • $ is the general indicator that the command is being ran from a regular, non-privileged user. Without further adjustments (which aren’t mentioned or instructed), a regular user is prohibited to open these ports. I suggest editing this to:
    $ # Open Port 80 and 443 on your Firewall
    $ sudo ufw allow 80
    $ sudo ufw allow 443
    $ sudo ufw reload
    Or by replacing the $ indicator for # - which makes it more clear that this needs to be ran under a privileged account - or one with elevated privileges.
    There are more instances in the documentation that have this “issue”.
  • Running ufw allow 80 and ufw allow 443 means the port will be opened for both the TCP and UDP protocols. The HTTP protocol =< 2 only uses TCP. QUIC on the other hand uses UDP, but only on port 443. So at the very least, I suggest editing this to ufw allow 80/tcp and ufw allow 443. I am not intimately familiar with Ubuntu and thus do not have the knowledge whether the Ubuntu (/nginx) versions supported by Zammad already feature support for QUIC.

If you desire so, I can submit these changes as a pull request on Github. Please point me to the desired repository and branch if that is the case.