From ba4185a42efdfdae46a81fb348fbb463993e4a5a Mon Sep 17 00:00:00 2001 From: bunkerity Date: Mon, 3 May 2021 14:18:10 +0200 Subject: [PATCH] jobs - fix automatic reload --- scripts/abusers.sh | 20 ++++++++++---------- scripts/certbot-renew-hook.sh | 6 +++--- scripts/exit-nodes.sh | 20 ++++++++++---------- scripts/geoip.sh | 6 +++--- scripts/proxies.sh | 20 ++++++++++---------- scripts/referrers.sh | 20 ++++++++++---------- scripts/user-agents.sh | 20 ++++++++++---------- 7 files changed, 56 insertions(+), 56 deletions(-) diff --git a/scripts/abusers.sh b/scripts/abusers.sh index a140d7a..246464f 100755 --- a/scripts/abusers.sh +++ b/scripts/abusers.sh @@ -6,19 +6,19 @@ # copy old conf to cache cp /etc/nginx/block-abusers.conf /cache -# if we are running nginx -if [ -f /tmp/nginx.pid ] ; then - RELOAD="/usr/sbin/nginx -s reload > /dev/null 2>&1" -# if we are in autoconf -elif [ -S /tmp/autoconf.sock ] ; then - RELOAD="/opt/entrypoint/reload.py" -fi - # generate the new conf curl -s "https://iplists.firehol.org/files/firehol_abusers_30d.netset" | \ grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/?[0-9]*$" | \ sed 's/^/deny /;s/$/;/' > /tmp/block-abusers.conf +# if we are running nginx +if [ -f /tmp/nginx.pid ] ; then + RELOAD="/usr/sbin/nginx -s reload" +# if we are in autoconf +elif [ -S /tmp/autoconf.sock ] ; then + RELOAD="/opt/entrypoint/reload.py" +fi + # check if we have at least 1 line lines="$(wc -l /tmp/block-abusers.conf | cut -d ' ' -f 1)" if [ "$lines" -gt 1 ] ; then @@ -26,7 +26,7 @@ if [ "$lines" -gt 1 ] ; then # reload nginx with the new config mv /tmp/block-abusers.conf /etc/nginx/block-abusers.conf if [ "$RELOAD" != "" ] ; then - $RELOAD + $RELOAD > /dev/null 2>&1 # new config is ok : save it in the cache if [ "$?" -eq 0 ] ; then cp /etc/nginx/block-abusers.conf /cache @@ -34,7 +34,7 @@ if [ "$lines" -gt 1 ] ; then else job_log "[NGINX] failed nginx reload after abusers list update fallback to old list" cp /cache/block-abusers.conf /etc/nginx - $RELOAD + $RELOAD > /dev/null 2>&1 fi else cp /etc/nginx/block-abusers.conf /cache diff --git a/scripts/certbot-renew-hook.sh b/scripts/certbot-renew-hook.sh index 0dc9b19..ac55a52 100644 --- a/scripts/certbot-renew-hook.sh +++ b/scripts/certbot-renew-hook.sh @@ -7,15 +7,15 @@ job_log "[CERTBOT] certificates have been renewed" # if we are running nginx if [ -f /tmp/nginx.pid ] ; then - RELOAD="/usr/sbin/nginx -s reload > /dev/null 2>&1" + RELOAD="/usr/sbin/nginx -s reload" # if we are in autoconf elif [ -S /tmp/autoconf.sock ] ; then - RELOAD="echo reload > /tmp/autoconf.sock" + RELOAD="/opt/entrypoint/reload.py" fi # reload nginx if [ "$RELOAD" != "" ] ; then - $RELOAD + $RELOAD > /dev/null 2>&1 if [ "$?" -eq 0 ] ; then job_log "[NGINX] successfull nginx reload after certbot renew" else diff --git a/scripts/exit-nodes.sh b/scripts/exit-nodes.sh index e6d9b4a..b32a5b6 100644 --- a/scripts/exit-nodes.sh +++ b/scripts/exit-nodes.sh @@ -6,19 +6,19 @@ # copy old conf to cache cp /etc/nginx/block-tor-exit-node.conf /cache -# if we are running nginx -if [ -f /tmp/nginx.pid ] ; then - RELOAD="/usr/sbin/nginx -s reload > /dev/null 2>&1" -# if we are in autoconf -elif [ -S /tmp/autoconf.sock ] ; then - RELOAD="/opt/entrypoint/reload.py" -fi - # generate the new conf curl -s "https://iplists.firehol.org/files/tor_exits.ipset" | \ grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/?[0-9]*$" | \ sed 's/^/deny /;s/$/;/' > /tmp/block-tor-exit-node.conf +# if we are running nginx +if [ -f /tmp/nginx.pid ] ; then + RELOAD="/usr/sbin/nginx -s reload" +# if we are in autoconf +elif [ -S /tmp/autoconf.sock ] ; then + RELOAD="/opt/entrypoint/reload.py" +fi + # check if we have at least 1 line lines="$(wc -l /tmp/block-tor-exit-node.conf | cut -d ' ' -f 1)" if [ "$lines" -gt 1 ] ; then @@ -26,7 +26,7 @@ if [ "$lines" -gt 1 ] ; then # reload nginx with the new config mv /tmp/block-tor-exit-node.conf /etc/nginx/block-tor-exit-node.conf if [ "$RELOAD" != "" ] ; then - $RELOAD + $RELOAD > /dev/null 2>&1 # new config is ok : save it in the cache if [ "$?" -eq 0 ] ; then cp /etc/nginx/block-tor-exit-node.conf /cache @@ -34,7 +34,7 @@ if [ "$lines" -gt 1 ] ; then else job_log "[NGINX] failed nginx reload after TOR exit node list update fallback to old list" cp /cache/block-tor-exit-node.conf /etc/nginx - $RELOAD + $RELOAD > /dev/null 2>&1 fi else cp /etc/nginx/block-tor-exit-node.conf /cache diff --git a/scripts/geoip.sh b/scripts/geoip.sh index d28bf61..94ff06c 100644 --- a/scripts/geoip.sh +++ b/scripts/geoip.sh @@ -5,7 +5,7 @@ # if we are running nginx if [ -f /tmp/nginx.pid ] ; then - RELOAD="/usr/sbin/nginx -s reload > /dev/null 2>&1" + RELOAD="/usr/sbin/nginx -s reload" # if we are in autoconf elif [ -S /tmp/autoconf.sock ] ; then RELOAD="/opt/entrypoint/reload.py" @@ -22,7 +22,7 @@ if [ "$?" -eq 0 ] && [ -f /tmp/geoip.mmdb.gz ] ; then fi mv /tmp/geoip.mmdb /etc/nginx if [ "$RELOAD" != "" ] ; then - $RELOAD + $RELOAD > /dev/null 2>&1 if [ "$?" -eq 0 ] ; then cp /etc/nginx/geoip.mmdb /cache job_log "[NGINX] successfull nginx reload after GeoIP DB update" @@ -30,7 +30,7 @@ if [ "$?" -eq 0 ] && [ -f /tmp/geoip.mmdb.gz ] ; then job_log "[NGINX] failed nginx reload after GeoIP DB update" if [ -f /cache/geoip.mmdb ] ; then cp /cache/geoip.mmdb /etc/nginx/geoip.mmdb - $RELOAD + $RELOAD > /dev/null 2>&1 fi fi else diff --git a/scripts/proxies.sh b/scripts/proxies.sh index ddcbe03..ab730c3 100755 --- a/scripts/proxies.sh +++ b/scripts/proxies.sh @@ -6,19 +6,19 @@ # copy old conf to cache cp /etc/nginx/block-proxies.conf /cache -# if we are running nginx -if [ -f /tmp/nginx.pid ] ; then - RELOAD="/usr/sbin/nginx -s reload > /dev/null 2>&1" -# if we are in autoconf -elif [ -S /tmp/autoconf.sock ] ; then - RELOAD="/opt/entrypoint/reload.py" -fi - # generate the new conf curl -s "https://iplists.firehol.org/files/firehol_proxies.netset" | \ grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/?[0-9]*$" | \ sed 's/^/deny /;s/$/;/' > /tmp/block-proxies.conf +# if we are running nginx +if [ -f /tmp/nginx.pid ] ; then + RELOAD="/usr/sbin/nginx -s reload" +# if we are in autoconf +elif [ -S /tmp/autoconf.sock ] ; then + RELOAD="/opt/entrypoint/reload.py" +fi + # check if we have at least 1 line lines="$(wc -l /tmp/block-proxies.conf | cut -d ' ' -f 1)" if [ "$lines" -gt 1 ] ; then @@ -26,7 +26,7 @@ if [ "$lines" -gt 1 ] ; then # reload nginx with the new config mv /tmp/block-proxies.conf /etc/nginx/block-proxies.conf if [ "$RELOAD" != "" ] ; then - $RELOAD + $RELOAD > /dev/null 2>&1 # new config is ok : save it in the cache if [ "$?" -eq 0 ] ; then cp /etc/nginx/block-proxies.conf /cache @@ -34,7 +34,7 @@ if [ "$lines" -gt 1 ] ; then else job_log "[NGINX] failed nginx reload after proxies list update fallback to old list" cp /cache/block-proxies.conf /etc/nginx - $RELOAD + $RELOAD > /dev/null 2>&1 fi else cp /etc/nginx/block-proxies.conf /cache diff --git a/scripts/referrers.sh b/scripts/referrers.sh index ea87951..f5b252b 100755 --- a/scripts/referrers.sh +++ b/scripts/referrers.sh @@ -6,14 +6,6 @@ # save old conf cp /etc/nginx/map-referrer.conf /cache -# if we are running nginx -if [ -f /tmp/nginx.pid ] ; then - RELOAD="/usr/sbin/nginx -s reload > /dev/null 2>&1" -# if we are in autoconf -elif [ -S /tmp/autoconf.sock ] ; then - RELOAD="/opt/entrypoint/reload.py" -fi - # generate new conf BLACKLIST="$(curl -s https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/_generator_lists/bad-referrers.list)" if [ "$?" -ne 0 ] ; then @@ -21,20 +13,28 @@ if [ "$?" -ne 0 ] ; then fi echo -e "map \$http_referer \$bad_referrer { hostnames; default no; $(echo -e "$BLACKLIST" | sed 's/^/"~/;s/$/" yes;/') }" > /tmp/map-referrer.conf +# if we are running nginx +if [ -f /tmp/nginx.pid ] ; then + RELOAD="/usr/sbin/nginx -s reload" +# if we are in autoconf +elif [ -S /tmp/autoconf.sock ] ; then + RELOAD="/opt/entrypoint/reload.py" +fi + # check number of lines lines="$(wc -l /tmp/map-referrer.conf | cut -d ' ' -f 1)" if [ "$lines" -gt 1 ] ; then mv /tmp/map-referrer.conf /etc/nginx/map-referrer.conf job_log "[BLACKLIST] referrers list updated ($lines entries)" if [ "$RELOAD" != "" ] ; then - $RELOAD + $RELOAD > /dev/null 2>&1 if [ "$?" -eq 0 ] ; then cp /etc/nginx/map-referrer.conf /cache job_log "[NGINX] successfull nginx reload after referrers list update" else cp /cache/map-referrer.conf /etc/nginx job_log "[NGINX] failed nginx reload after referrers list update fallback to old list" - $RELOAD + $RELOAD > /dev/null 2>&1 fi else cp /etc/nginx/map-referrer.conf /cache diff --git a/scripts/user-agents.sh b/scripts/user-agents.sh index 54c2f8b..473f604 100755 --- a/scripts/user-agents.sh +++ b/scripts/user-agents.sh @@ -6,14 +6,6 @@ # save old conf cp /etc/nginx/map-user-agent.conf /cache -# if we are running nginx -if [ -f /tmp/nginx.pid ] ; then - RELOAD="/usr/sbin/nginx -s reload > /dev/null 2>&1" -# if we are in autoconf -elif [ -S /tmp/autoconf.sock ] ; then - RELOAD="/opt/entrypoint/reload.py" -fi - # generate new conf IFS= BLACKLIST="$(curl -s https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/_generator_lists/bad-user-agents.list; curl -s https://raw.githubusercontent.com/JayBizzle/Crawler-Detect/master/raw/Crawlers.txt | sort -u)" @@ -22,20 +14,28 @@ if [ "$?" -ne 0 ] ; then fi echo -e "map \$http_user_agent \$bad_user_agent { default no; $(echo $BLACKLIST | sed 's: :\\ :g;s:^:~*:;s:$: yes;:') }" > /tmp/map-user-agent.conf +# if we are running nginx +if [ -f /tmp/nginx.pid ] ; then + RELOAD="/usr/sbin/nginx -s reload" +# if we are in autoconf +elif [ -S /tmp/autoconf.sock ] ; then + RELOAD="/opt/entrypoint/reload.py" +fi + # check number of lines lines="$(wc -l /tmp/map-user-agent.conf | cut -d ' ' -f 1)" if [ "$lines" -gt 1 ] ; then mv /tmp/map-user-agent.conf /etc/nginx/map-user-agent.conf job_log "[BLACKLIST] user-agent list updated ($lines entries)" if [ "$RELOAD" != "" ] ; then - $RELOAD + $RELOAD > /dev/null 2>&1 if [ "$?" -eq 0 ] ; then cp /etc/nginx/map-user-agent.conf /cache job_log "[NGINX] successfull nginx reload after user-agent list update" else cp /cache/map-user-agent.conf /etc/nginx job_log "[NGINX] failed nginx reload after user-agent list update fallback to old list" - $RELOAD + $RELOAD > /dev/null 2>&1 fi else cp /etc/nginx/map-user-agent.conf /cache