road to swarm - still some mess to fix
This commit is contained in:
bunkerity
@@ -6,6 +6,14 @@
|
||||
# copy old conf to cache
|
||||
cp /etc/nginx/block-abusers.conf /cache
|
||||
|
||||
# if we are running nginx
|
||||
if [ -f /tmp/nginx.pid ] ; then
|
||||
RELOAD="/usr/sbin/nginx -s reload > /dev/null 2>&1"
|
||||
# if we are in autoconf
|
||||
elif [ -f /tmp/autoconf.sock ] ; then
|
||||
RELOAD="/opt/entrypoint/reload.py"
|
||||
fi
|
||||
|
||||
# generate the new conf
|
||||
curl -s "https://iplists.firehol.org/files/firehol_abusers_30d.netset" | grep -v "^\#.*" |
|
||||
while read entry ; do
|
||||
@@ -21,8 +29,8 @@ if [ "$lines" -gt 1 ] ; then
|
||||
job_log "[BLACKLIST] abusers list updated ($lines entries)"
|
||||
# reload nginx with the new config
|
||||
mv /tmp/block-abusers.conf /etc/nginx/block-abusers.conf
|
||||
if [ -f /tmp/nginx.pid ] ; then
|
||||
/usr/sbin/nginx -s reload > /dev/null 2>&1
|
||||
if [ "$RELOAD" != "" ] ; then
|
||||
$RELOAD
|
||||
# new config is ok : save it in the cache
|
||||
if [ "$?" -eq 0 ] ; then
|
||||
cp /etc/nginx/block-abusers.conf /cache
|
||||
@@ -30,7 +38,7 @@ if [ "$lines" -gt 1 ] ; then
|
||||
else
|
||||
job_log "[NGINX] failed nginx reload after abusers list update fallback to old list"
|
||||
cp /cache/block-abusers.conf /etc/nginx
|
||||
/usr/sbin/nginx -s reload > /dev/null 2>&1
|
||||
$RELOAD
|
||||
fi
|
||||
else
|
||||
cp /etc/nginx/block-abusers.conf /cache
|
||||
|
||||
@@ -6,8 +6,4 @@ if [ "$?" -ne 0 ] ; then
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# fix rights
|
||||
chown -R root:nginx /etc/letsencrypt
|
||||
chmod -R 740 /etc/letsencrypt
|
||||
find /etc/letsencrypt -type d -exec chmod 750 {} \;
|
||||
exit 0
|
||||
|
||||
@@ -5,14 +5,17 @@
|
||||
|
||||
job_log "[CERTBOT] certificates have been renewed"
|
||||
|
||||
# fix rights
|
||||
chown -R root:nginx /etc/letsencrypt
|
||||
chmod -R 740 /etc/letsencrypt
|
||||
find /etc/letsencrypt -type d -exec chmod 750 {} \;
|
||||
# if we are running nginx
|
||||
if [ -f /tmp/nginx.pid ] ; then
|
||||
RELOAD="/usr/sbin/nginx -s reload > /dev/null 2>&1"
|
||||
# if we are in autoconf
|
||||
elif [ -f /tmp/autoconf.sock ] ; then
|
||||
RELOAD="echo reload > /tmp/autoconf.sock"
|
||||
fi
|
||||
|
||||
# reload nginx
|
||||
if [ -f /tmp/nginx.pid ] ; then
|
||||
/usr/sbin/nginx -s reload > /dev/null 2>&1
|
||||
if [ "$RELOAD" != "" ] ; then
|
||||
$RELOAD
|
||||
if [ "$?" -eq 0 ] ; then
|
||||
job_log "[NGINX] successfull nginx reload after certbot renew"
|
||||
else
|
||||
|
||||
@@ -6,6 +6,14 @@
|
||||
# copy old conf to cache
|
||||
cp /etc/nginx/block-tor-exit-node.conf /cache
|
||||
|
||||
# if we are running nginx
|
||||
if [ -f /tmp/nginx.pid ] ; then
|
||||
RELOAD="/usr/sbin/nginx -s reload > /dev/null 2>&1"
|
||||
# if we are in autoconf
|
||||
elif [ -f /tmp/autoconf.sock ] ; then
|
||||
RELOAD="/opt/entrypoint/reload.py"
|
||||
fi
|
||||
|
||||
# generate the new conf
|
||||
curl -s "https://iplists.firehol.org/files/tor_exits.ipset" | grep -v "^\#.*" |
|
||||
while read entry ; do
|
||||
@@ -21,8 +29,8 @@ if [ "$lines" -gt 1 ] ; then
|
||||
job_log "[BLACKLIST] TOR exit node list updated ($lines entries)"
|
||||
# reload nginx with the new config
|
||||
mv /tmp/block-tor-exit-node.conf /etc/nginx/block-tor-exit-node.conf
|
||||
if [ -f /tmp/nginx.pid ] ; then
|
||||
/usr/sbin/nginx -s reload > /dev/null 2>&1
|
||||
if [ "$RELOAD" != "" ] ; then
|
||||
$RELOAD
|
||||
# new config is ok : save it in the cache
|
||||
if [ "$?" -eq 0 ] ; then
|
||||
cp /etc/nginx/block-tor-exit-node.conf /cache
|
||||
@@ -30,7 +38,7 @@ if [ "$lines" -gt 1 ] ; then
|
||||
else
|
||||
job_log "[NGINX] failed nginx reload after TOR exit node list update fallback to old list"
|
||||
cp /cache/block-tor-exit-node.conf /etc/nginx
|
||||
/usr/sbin/nginx -s reload > /dev/null 2>&1
|
||||
$RELOAD
|
||||
fi
|
||||
else
|
||||
cp /etc/nginx/block-tor-exit-node.conf /cache
|
||||
|
||||
@@ -3,6 +3,14 @@
|
||||
# load some functions
|
||||
. /opt/scripts/utils.sh
|
||||
|
||||
# if we are running nginx
|
||||
if [ -f /tmp/nginx.pid ] ; then
|
||||
RELOAD="/usr/sbin/nginx -s reload > /dev/null 2>&1"
|
||||
# if we are in autoconf
|
||||
elif [ -f /tmp/autoconf.sock ] ; then
|
||||
RELOAD="/opt/entrypoint/reload.py"
|
||||
fi
|
||||
|
||||
# MMDB from https://db-ip.com/db/download/ip-to-country-lite
|
||||
URL="https://download.db-ip.com/free/dbip-country-lite-$(date +%Y-%m).mmdb.gz"
|
||||
wget -O /tmp/geoip.mmdb.gz "$URL" > /dev/null 2>&1
|
||||
@@ -13,8 +21,8 @@ if [ "$?" -eq 0 ] && [ -f /tmp/geoip.mmdb.gz ] ; then
|
||||
exit 1
|
||||
fi
|
||||
mv /tmp/geoip.mmdb /etc/nginx
|
||||
if [ -f /tmp/nginx.pid ] ; then
|
||||
/usr/sbin/nginx -s reload > /dev/null 2>&1
|
||||
if [ "$RELOAD" != "" ] ; then
|
||||
$RELOAD
|
||||
if [ "$?" -eq 0 ] ; then
|
||||
cp /etc/nginx/geoip.mmdb /cache
|
||||
job_log "[NGINX] successfull nginx reload after GeoIP DB update"
|
||||
@@ -22,7 +30,7 @@ if [ "$?" -eq 0 ] && [ -f /tmp/geoip.mmdb.gz ] ; then
|
||||
job_log "[NGINX] failed nginx reload after GeoIP DB update"
|
||||
if [ -f /cache/geoip.mmdb ] ; then
|
||||
cp /cache/geoip.mmdb /etc/nginx/geoip.mmdb
|
||||
/usr/sbin/nginx -s reload > /dev/null 2>&1
|
||||
$RELOAD
|
||||
fi
|
||||
fi
|
||||
else
|
||||
|
||||
@@ -6,6 +6,14 @@
|
||||
# copy old conf to cache
|
||||
cp /etc/nginx/block-proxies.conf /cache
|
||||
|
||||
# if we are running nginx
|
||||
if [ -f /tmp/nginx.pid ] ; then
|
||||
RELOAD="/usr/sbin/nginx -s reload > /dev/null 2>&1"
|
||||
# if we are in autoconf
|
||||
elif [ -f /tmp/autoconf.sock ] ; then
|
||||
RELOAD="/opt/entrypoint/reload.py"
|
||||
fi
|
||||
|
||||
# generate the new conf
|
||||
curl -s "https://iplists.firehol.org/files/firehol_proxies.netset" | grep -v "^\#.*" |
|
||||
while read entry ; do
|
||||
@@ -21,8 +29,8 @@ if [ "$lines" -gt 1 ] ; then
|
||||
job_log "[BLACKLIST] proxies list updated ($lines entries)"
|
||||
# reload nginx with the new config
|
||||
mv /tmp/block-proxies.conf /etc/nginx/block-proxies.conf
|
||||
if [ -f /tmp/nginx.pid ] ; then
|
||||
/usr/sbin/nginx -s reload > /dev/null 2>&1
|
||||
if [ "$RELOAD" != "" ] ; then
|
||||
$RELOAD
|
||||
# new config is ok : save it in the cache
|
||||
if [ "$?" -eq 0 ] ; then
|
||||
cp /etc/nginx/block-proxies.conf /cache
|
||||
@@ -30,7 +38,7 @@ if [ "$lines" -gt 1 ] ; then
|
||||
else
|
||||
job_log "[NGINX] failed nginx reload after proxies list update fallback to old list"
|
||||
cp /cache/block-proxies.conf /etc/nginx
|
||||
/usr/sbin/nginx -s reload > /dev/null 2>&1
|
||||
$RELOAD
|
||||
fi
|
||||
else
|
||||
cp /etc/nginx/block-proxies.conf /cache
|
||||
|
||||
@@ -6,6 +6,14 @@
|
||||
# save old conf
|
||||
cp /etc/nginx/map-referrer.conf /cache
|
||||
|
||||
# if we are running nginx
|
||||
if [ -f /tmp/nginx.pid ] ; then
|
||||
RELOAD="/usr/sbin/nginx -s reload > /dev/null 2>&1"
|
||||
# if we are in autoconf
|
||||
elif [ -f /tmp/autoconf.sock ] ; then
|
||||
RELOAD="/opt/entrypoint/reload.py"
|
||||
fi
|
||||
|
||||
# generate new conf
|
||||
BLACKLIST="$(curl -s https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/_generator_lists/bad-referrers.list)"
|
||||
if [ "$?" -ne 0 ] ; then
|
||||
@@ -23,15 +31,15 @@ lines="$(wc -l /tmp/map-referrer.conf | cut -d ' ' -f 1)"
|
||||
if [ "$lines" -gt 1 ] ; then
|
||||
mv /tmp/map-referrer.conf /etc/nginx/map-referrer.conf
|
||||
job_log "[BLACKLIST] referrers list updated ($lines entries)"
|
||||
if [ -f /tmp/nginx.pid ] ; then
|
||||
/usr/sbin/nginx -s reload > /dev/null 2>&1
|
||||
if [ "$RELOAD" != "" ] ; then
|
||||
$RELOAD
|
||||
if [ "$?" -eq 0 ] ; then
|
||||
cp /etc/nginx/map-referrer.conf /cache
|
||||
job_log "[NGINX] successfull nginx reload after referrers list update"
|
||||
else
|
||||
cp /cache/map-referrer.conf /etc/nginx
|
||||
job_log "[NGINX] failed nginx reload after referrers list update fallback to old list"
|
||||
/usr/sbin/nginx -s reload > /dev/null 2>&1
|
||||
$RELOAD
|
||||
fi
|
||||
else
|
||||
cp /etc/nginx/map-referrer.conf /cache
|
||||
|
||||
@@ -6,6 +6,14 @@
|
||||
# save old conf
|
||||
cp /etc/nginx/map-user-agent.conf /cache
|
||||
|
||||
# if we are running nginx
|
||||
if [ -f /tmp/nginx.pid ] ; then
|
||||
RELOAD="/usr/sbin/nginx -s reload > /dev/null 2>&1"
|
||||
# if we are in autoconf
|
||||
elif [ -f /tmp/autoconf.sock ] ; then
|
||||
RELOAD="/opt/entrypoint/reload.py"
|
||||
fi
|
||||
|
||||
# generate new conf
|
||||
BLACKLIST="$(curl -s https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/_generator_lists/bad-user-agents.list)
|
||||
$(curl -s https://raw.githubusercontent.com/JayBizzle/Crawler-Detect/master/raw/Crawlers.txt)"
|
||||
@@ -25,15 +33,15 @@ lines="$(wc -l /tmp/map-user-agent.conf | cut -d ' ' -f 1)"
|
||||
if [ "$lines" -gt 1 ] ; then
|
||||
mv /tmp/map-user-agent.conf /etc/nginx/map-user-agent.conf
|
||||
job_log "[BLACKLIST] user-agent list updated ($lines entries)"
|
||||
if [ -f /tmp/nginx.pid ] ; then
|
||||
/usr/sbin/nginx -s reload > /dev/null 2>&1
|
||||
if [ "$RELOAD" != "" ] ; then
|
||||
$RELOAD
|
||||
if [ "$?" -eq 0 ] ; then
|
||||
cp /etc/nginx/map-user-agent.conf /cache
|
||||
job_log "[NGINX] successfull nginx reload after user-agent list update"
|
||||
else
|
||||
cp /cache/map-user-agent.conf /etc/nginx
|
||||
job_log "[NGINX] failed nginx reload after user-agent list update fallback to old list"
|
||||
/usr/sbin/nginx -s reload > /dev/null 2>&1
|
||||
$RELOAD
|
||||
fi
|
||||
else
|
||||
cp /etc/nginx/map-user-agent.conf /cache
|
||||
|
||||
Reference in New Issue
Block a user