I'm using for all of my infrastructure Zabbix - an open-source software tool to monitor infrastructure.
There is a Zabbix-server that functions as a web-dashboard, and a Zabbix-agent that you can install on anything like (Windows server, Linux distros, Networking products, Management of Servers). However, Zabbix-agent to function properly requires opening TCP/10050 port on clients.
I know Cloudron does not recommend messing with the firewall, but just for this application, I would like to open this port. Also, this app is not in the app store so this is my only alternative.
Is there a recommended way, or can you provide more information what is the best practice to open a specific port in cloudron instance?
In one thread on this forum, somebody linked to this config file: https://git.cloudron.io/cloudron/box/-/blob/master/setup/start/cloudron-firewall.sh. However, I'm not sure if this is recommended practice, and even after some cloudron update, this file could be overwritten.
I would like simple rule, either in IPTABLES or UFW:
iptables -A INPUT -s <MY_PUBLIC_IP_WHERE_IS_ZABBIX_SERVER_RUNNING>/32 -p tcp -m tcp --dport 10050 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 10050 -j DROP
UFW: sudo ufw allow from <MY_PUBLIC_IP_WHERE_IS_ZABBIX_SERVER_RUNNING> proto tcp to any port 10050
I believe this is not that hard, I'm just looking for some "recommended practices"