Created
January 24, 2022 13:32
-
-
Save PRIHLOP/6d3c7beb055aa17c9e7b7b7ddd705d35 to your computer and use it in GitHub Desktop.
Bash script to update CloudFlare IP ranges and create config for Nginx.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# Location of the nginx config file that contains the CloudFlare IP addresses. | |
CF_NGINX_CONFIG="/etc/nginx/cloudflare-ip-addresses" | |
# The URLs with the actual IP addresses used by CloudFlare. | |
CF_URL_IP4="https://www.cloudflare.com/ips-v4" | |
CF_URL_IP6="https://www.cloudflare.com/ips-v6" | |
# Temporary files. | |
CF_TEMP_IP4="/tmp/cloudflare-ips-v4.txt" | |
CF_TEMP_IP6="/tmp/cloudflare-ips-v6.txt" | |
# Download the files. | |
if [ -f /usr/bin/curl ]; | |
then | |
curl --silent --output $CF_TEMP_IP4 $CF_URL_IP4 | |
curl --silent --output $CF_TEMP_IP6 $CF_URL_IP6 | |
elif [ -f /usr/bin/wget ]; | |
then | |
wget --quiet --output-document=$CF_TEMP_IP4 --no-check-certificate $CF_URL_IP4 | |
wget --quiet --output-document=$CF_TEMP_IP6 --no-check-certificate $CF_URL_IP6 | |
else | |
echo "Unable to download CloudFlare files." | |
exit 1 | |
fi | |
# Generate the new config file. | |
echo "# CloudFlare IP Ranges" > $CF_NGINX_CONFIG | |
echo "# Generated at $(date) by $0" >> $CF_NGINX_CONFIG | |
echo "" >> $CF_NGINX_CONFIG | |
echo "# - IPv4 ($CF_URL_IP4)" >> $CF_NGINX_CONFIG | |
awk '{ print "set_real_ip_from " $0 ";" }' $CF_TEMP_IP4 >> $CF_NGINX_CONFIG | |
echo "" >> $CF_NGINX_CONFIG | |
echo "# - IPv6 ($CF_URL_IP6)" >> $CF_NGINX_CONFIG | |
awk '{ print "set_real_ip_from " $0 ";" }' $CF_TEMP_IP6 >> $CF_NGINX_CONFIG | |
echo "" >> $CF_NGINX_CONFIG | |
echo "real_ip_header CF-Connecting-IP;" >> $CF_NGINX_CONFIG | |
echo "" >> $CF_NGINX_CONFIG | |
# Remove the temporary files. | |
rm $CF_TEMP_IP4 $CF_TEMP_IP6 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment