jaw-sh · October 17, 2020 08:29
diff --git a/cloudflare.sh b/cloudflare.sh
 #!/bin/bash

 # Author:   Joshua Moon <josh@jaw.sh>
 # Date:     14-May-2016
 # Purpose:  Creates an up-to-date Cloudflare nginx config file.
 # License:  MIT


 ################################################################################
 # INSTRUCTIONS
 ################################################################################
 #
 #   * Set correct values for below variables.
 #
 #       NGINX_CONFIG
 #       NGINX_REAL_IP_HEADER
 #       NGINX_RELOAD
 #
 #
 #   * Add crontab job. This example would add it to root to run once a day.
 #
 #       # crontab -e -u root
 #       0   0   *   *   *   bash /etc/nginx/cloudflare.sh
 #
 #   * Make sure 'crond' service is running and boots with system startup.
 #
 #       # ---- On RHEL/CentOS ----
 #       # chkconfig --level 345 crond on
 #       # /etc/init.d/crond status
 #
 #       # ---- On Debian/Ubuntu ----
 #       # update-rc.d cron defaults
 #       # /etc/init.d/cron status
 #
 # *
 #


 ################################################################################
 # CUSTOMIZABLE VARIABLES
 ################################################################################
 # Cloudflare API Points
 export URL_CF_IPV4="https://www.cloudflare.com/ips-v4"
 export URL_CF_IPV6="https://www.cloudflare.com/ips-v6"

 # Where the cloudflare.conf set_real_ip nginx configuration file goes.
 # If you place this in your nginx root directory, this should suffice with
 # default configuration.
 export NGINX_CONFIG="/etc/nginx/conf.d/cloudflare.conf"

 # Either of these work. Cloudflare provides both as reference, so do I.
 export NGINX_REAL_IP_HEADER="CF-Connecting-IP"
 #export NGINX_REAL_IP_HEADER="X-Forwarded-For"

 # The line ran to reload config after it has been updated.
 export NGINX_RELOAD="service nginx reload"

 ################################################################################
 # COMMAND NAMES
 ################################################################################
 export CMD_CAT="cat"
 export CMD_CURL="curl"
 export CMD_DATE="date"
 export CMD_TOUCH="touch"
 export CMD_TRUNCATE="truncate"

 ################################################################################
 # SCRIPT
 ################################################################################
 # Truncate existing files.
 ${CMD_TOUCH} ${NGINX_CONFIG}
 ${CMD_TRUNCATE} --size 0 ${NGINX_CONFIG}

 # Generate a file header.
 export TODAY_DATE=$(${CMD_DATE})
 echo "# File automatically generated on ${TODAY_DATE}" >> ${NGINX_CONFIG}

 # Contact the IPv4 list.
 curl -sL ${URL_CF_IPV4} | while read CIDR
 do
    echo "set_real_ip_from ${CIDR};" >> ${NGINX_CONFIG}
 done

 # Contact the IPv6 list.
 curl -sL ${URL_CF_IPV6} | while read CIDR
 do
    echo "set_real_ip_from ${CIDR};" >> ${NGINX_CONFIG}
 done

 echo "" >> ${NGINX_CONFIG}
 echo "real_ip_header ${NGINX_REAL_IP_HEADER};" >> ${NGINX_CONFIG}

 # Echo the file contents.
 ${CMD_CAT} ${NGINX_CONFIG}

 # Reload nginx.
 ${NGINX_RELOAD}
	#!/bin/bash

	# Author: Joshua Moon <josh@jaw.sh>
	# Date: 14-May-2016
	# Purpose: Creates an up-to-date Cloudflare nginx config file.
	# License: MIT


	################################################################################
	# INSTRUCTIONS
	################################################################################
	#
	# * Set correct values for below variables.
	#
	# NGINX_CONFIG
	# NGINX_REAL_IP_HEADER
	# NGINX_RELOAD
	#
	#
	# * Add crontab job. This example would add it to root to run once a day.
	#
	# # crontab -e -u root
	# 0 0 * * * bash /etc/nginx/cloudflare.sh
	#
	# * Make sure 'crond' service is running and boots with system startup.
	#
	# # ---- On RHEL/CentOS ----
	# # chkconfig --level 345 crond on
	# # /etc/init.d/crond status
	#
	# # ---- On Debian/Ubuntu ----
	# # update-rc.d cron defaults
	# # /etc/init.d/cron status
	#
	# *
	#


	################################################################################
	# CUSTOMIZABLE VARIABLES
	################################################################################
	# Cloudflare API Points
	export URL_CF_IPV4="https://www.cloudflare.com/ips-v4"
	export URL_CF_IPV6="https://www.cloudflare.com/ips-v6"

	# Where the cloudflare.conf set_real_ip nginx configuration file goes.
	# If you place this in your nginx root directory, this should suffice with
	# default configuration.
	export NGINX_CONFIG="/etc/nginx/conf.d/cloudflare.conf"

	# Either of these work. Cloudflare provides both as reference, so do I.
	export NGINX_REAL_IP_HEADER="CF-Connecting-IP"
	#export NGINX_REAL_IP_HEADER="X-Forwarded-For"

	# The line ran to reload config after it has been updated.
	export NGINX_RELOAD="service nginx reload"

	################################################################################
	# COMMAND NAMES
	################################################################################
	export CMD_CAT="cat"
	export CMD_CURL="curl"
	export CMD_DATE="date"
	export CMD_TOUCH="touch"
	export CMD_TRUNCATE="truncate"

	################################################################################
	# SCRIPT
	################################################################################
	# Truncate existing files.
	${CMD_TOUCH} ${NGINX_CONFIG}
	${CMD_TRUNCATE} --size 0 ${NGINX_CONFIG}

	# Generate a file header.
	export TODAY_DATE=$(${CMD_DATE})
	echo "# File automatically generated on ${TODAY_DATE}" >> ${NGINX_CONFIG}

	# Contact the IPv4 list.
	curl -sL ${URL_CF_IPV4} \| while read CIDR
	do
	echo "set_real_ip_from ${CIDR};" >> ${NGINX_CONFIG}
	done

	# Contact the IPv6 list.
	curl -sL ${URL_CF_IPV6} \| while read CIDR
	do
	echo "set_real_ip_from ${CIDR};" >> ${NGINX_CONFIG}
	done

	echo "" >> ${NGINX_CONFIG}
	echo "real_ip_header ${NGINX_REAL_IP_HEADER};" >> ${NGINX_CONFIG}

	# Echo the file contents.
	${CMD_CAT} ${NGINX_CONFIG}

	# Reload nginx.
	${NGINX_RELOAD}