bunkerweb/scripts/abusers.sh

#!/bin/sh

# load some functions
. /opt/entrypoint/utils.sh

# copy old conf to cache
cp /etc/nginx/block-abusers.conf /cache

# if we are running nginx
if [ -f /tmp/nginx.pid ] ; then
	RELOAD="/usr/sbin/nginx -s reload > /dev/null 2>&1"
# if we are in autoconf
elif [ -S /tmp/autoconf.sock ] ; then
	RELOAD="/opt/entrypoint/reload.py"
fi

# generate the new conf
curl -s "https://iplists.firehol.org/files/firehol_abusers_30d.netset" | grep -v "^\#.*" |
while read entry ; do
	check=$(echo $entry | grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/?[0-9]*$")
	if [ "$check" != "" ] ; then
		echo "deny ${entry};" >> /tmp/block-abusers.conf
	fi
done

# check if we have at least 1 line
lines="$(wc -l /tmp/block-abusers.conf | cut -d ' ' -f 1)"
if [ "$lines" -gt 1 ] ; then
	job_log "[BLACKLIST] abusers list updated ($lines entries)"
	# reload nginx with the new config
	mv /tmp/block-abusers.conf /etc/nginx/block-abusers.conf
	if [ "$RELOAD" != "" ] ; then
		$RELOAD
		# new config is ok : save it in the cache
		if [ "$?" -eq 0 ] ; then
			cp /etc/nginx/block-abusers.conf /cache
			job_log "[NGINX] successfull nginx reload after abusers list update"
		else
			job_log "[NGINX] failed nginx reload after abusers list update fallback to old list"
			cp /cache/block-abusers.conf /etc/nginx
			$RELOAD
		fi
	else
		cp /etc/nginx/block-abusers.conf /cache
	fi
else
	job_log "[BLACKLIST] can't update abusers list"
fi

rm -f /tmp/block-abusers.conf 2> /dev/null
block proxies and abusers 2020-10-04 19:07:39 +00:00			`#!/bin/sh`

JOBS - fallback to old conf in case reload failed 2020-12-16 14:22:49 +00:00			`# load some functions`
road to v1.2.3 - fixing bugs 2021-03-17 16:55:56 +00:00			`. /opt/entrypoint/utils.sh`
JOBS - be more verbose about jobs failure/success 2020-12-16 10:43:41 +00:00
JOBS - fallback to old conf in case reload failed 2020-12-16 14:22:49 +00:00			`# copy old conf to cache`
			`cp /etc/nginx/block-abusers.conf /cache`

road to swarm - still some mess to fix 2021-03-16 16:56:24 +00:00			`# if we are running nginx`
			`if [ -f /tmp/nginx.pid ] ; then`
			`RELOAD="/usr/sbin/nginx -s reload > /dev/null 2>&1"`
			`# if we are in autoconf`
road to swarm - automatic reload after jobs 2021-03-17 11:16:56 +00:00			`elif [ -S /tmp/autoconf.sock ] ; then`
road to swarm - still some mess to fix 2021-03-16 16:56:24 +00:00			`RELOAD="/opt/entrypoint/reload.py"`
			`fi`

JOBS - fallback to old conf in case reload failed 2020-12-16 14:22:49 +00:00			`# generate the new conf`
block proxies and abusers 2020-10-04 19:07:39 +00:00			`curl -s "https://iplists.firehol.org/files/firehol_abusers_30d.netset" \| grep -v "^\#.*" \|`
			`while read entry ; do`
display fail2ban.log and logging bug fix 2020-10-24 18:48:04 +00:00			`check=$(echo $entry \| grep -E "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/?[0-9]*$")`
			`if [ "$check" != "" ] ; then`
JOBS - fallback to old conf in case reload failed 2020-12-16 14:22:49 +00:00			`echo "deny ${entry};" >> /tmp/block-abusers.conf`
display fail2ban.log and logging bug fix 2020-10-24 18:48:04 +00:00			`fi`
block proxies and abusers 2020-10-04 19:07:39 +00:00			`done`
JOBS - be more verbose about jobs failure/success 2020-12-16 10:43:41 +00:00
JOBS - fallback to old conf in case reload failed 2020-12-16 14:22:49 +00:00			`# check if we have at least 1 line`
			`lines="$(wc -l /tmp/block-abusers.conf \| cut -d ' ' -f 1)"`
JOBS - be more verbose about jobs failure/success 2020-12-16 10:43:41 +00:00			`if [ "$lines" -gt 1 ] ; then`
			`job_log "[BLACKLIST] abusers list updated ($lines entries)"`
JOBS - fallback to old conf in case reload failed 2020-12-16 14:22:49 +00:00			`# reload nginx with the new config`
			`mv /tmp/block-abusers.conf /etc/nginx/block-abusers.conf`
road to swarm - still some mess to fix 2021-03-16 16:56:24 +00:00			`if [ "$RELOAD" != "" ] ; then`
			`$RELOAD`
JOBS - fallback to old conf in case reload failed 2020-12-16 14:22:49 +00:00			`# new config is ok : save it in the cache`
			`if [ "$?" -eq 0 ] ; then`
			`cp /etc/nginx/block-abusers.conf /cache`
			`job_log "[NGINX] successfull nginx reload after abusers list update"`
			`else`
			`job_log "[NGINX] failed nginx reload after abusers list update fallback to old list"`
			`cp /cache/block-abusers.conf /etc/nginx`
road to swarm - still some mess to fix 2021-03-16 16:56:24 +00:00			`$RELOAD`
JOBS - fallback to old conf in case reload failed 2020-12-16 14:22:49 +00:00			`fi`
			`else`
			`cp /etc/nginx/block-abusers.conf /cache`
			`fi`
JOBS - be more verbose about jobs failure/success 2020-12-16 10:43:41 +00:00			`else`
			`job_log "[BLACKLIST] can't update abusers list"`
			`fi`

JOBS - fallback to old conf in case reload failed 2020-12-16 14:22:49 +00:00			`rm -f /tmp/block-abusers.conf 2> /dev/null`