update-home-ip.sh
| @@ -1,11 +1,21 @@ | |||
| 1 | 1 | #!/usr/bin/env bash | |
| 2 | 2 | ||
| 3 | + | # ------------------------------------------------------------------------------ | |
| 4 | + | # This will either allow automically with allowed IP or ask for auth otherwise | |
| 3 | 5 | # in /etc/nginx/sites-available/search.lema.org | |
| 6 | + | # ------------------------------------------------------------------------------ | |
| 4 | 7 | # satisfy any; | |
| 5 | 8 | # include /etc/nginx/home_allow.conf; | |
| 6 | 9 | # auth_basic "Restricted"; | |
| 7 | 10 | # auth_basic_user_file /etc/nginx/.htpasswd; | |
| 11 | + | # ------------------------------------------------------------------------------ | |
| 8 | 12 | ||
| 13 | + | # ------------------------------------------------------------------------------ | |
| 14 | + | # call it every x minutes to stay up to day | |
| 15 | + | # sudo crontab -e | |
| 16 | + | # ------------------------------------------------------------------------------ | |
| 17 | + | # */5 * * * * /etc/nginx/update-home-ip.sh > /var/log/home_ip_update.log 2>&1 | |
| 18 | + | # ------------------------------------------------------------------------------ | |
| 9 | 19 | ||
| 10 | 20 | ||
| 11 | 21 | CNAME="casinha.lema.org" | |
update-home-ip.sh(файл создан)
| @@ -0,0 +1,29 @@ | |||
| 1 | + | #!/usr/bin/env bash | |
| 2 | + | ||
| 3 | + | # in /etc/nginx/sites-available/search.lema.org | |
| 4 | + | # satisfy any; | |
| 5 | + | # include /etc/nginx/home_allow.conf; | |
| 6 | + | # auth_basic "Restricted"; | |
| 7 | + | # auth_basic_user_file /etc/nginx/.htpasswd; | |
| 8 | + | ||
| 9 | + | ||
| 10 | + | ||
| 11 | + | CNAME="casinha.lema.org" | |
| 12 | + | INCLUDE_FILE="/etc/nginx/home_allow.conf" | |
| 13 | + | CURRENT_IP=$(dig +short "$CNAME" | grep -Eo '([0-9]{1,3}\.){3}[0-9]{1,3}' | head -n 1) | |
| 14 | + | ||
| 15 | + | if [[ -z "$CURRENT_IP" ]]; then | |
| 16 | + | echo "Could not resolve $CNAME" | |
| 17 | + | exit 1 | |
| 18 | + | fi | |
| 19 | + | ||
| 20 | + | NEW_CONTENT="allow $CURRENT_IP;\ndeny all;" | |
| 21 | + | ||
| 22 | + | # Only reload if IP changed | |
| 23 | + | if ! grep -q "allow $CURRENT_IP;" "$INCLUDE_FILE"; then | |
| 24 | + | echo -e "$NEW_CONTENT" > "$INCLUDE_FILE" | |
| 25 | + | nginx -t && nginx -s reload | |
| 26 | + | echo "Updated Nginx allow list with IP $CURRENT_IP" | |
| 27 | + | else | |
| 28 | + | echo "IP unchanged, nothing to do." | |
| 29 | + | fi | |
Новее
Позже