diegoweb/update_mod_remoteip_cloudflare.sh

## update_mod_remoteip_cloudflare.sh
#!/bin/bash
# Defining trusted proxy addresses for mod_remoteip to Restore original visitor IPs
# https://support.cloudflare.com/hc/en-us/articles/200170786-Restoring-original-visitor-IPs
# IP's from CloudFlare https://www.cloudflare.com/en-gb/ips/

# Define variables
ipv4_url="https://www.cloudflare.com/ips-v4"
ipv6_url="https://www.cloudflare.com/ips-v6"
filename="remoteip.conf"
destination="/etc/httpd/conf.modules.d"
mail_on=true
email="youremail@domain.com"
restart_apache=true
apache_service="systemctl restart httpd"
mail_service="/usr/sbin/sendmail"
scriptpath=$(realpath "$0")
date=$(date '+%d-%m-%Y %H:%M:%S')

# Download IPv4 file and check if there are IPv4 addresses
ipv4=$(curl -sS "$ipv4_url" 2>&1)
if [ -z "$ipv4" ] || ! echo "$ipv4" | grep -qE '^([0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}$'; then
  echo "Error: Failed to download IPv4 file or file is empty"
  echo -e "To: $email\nSubject: Error to download IPv4 CloudFlare IPs\n\nThe script failed in $date to download them, maybe the file was empty or corrupted without IPs:\n\n URL: $ipv4_url" | $mail_service "$email"
  exit 1
fi

# Download IPv6 file and check if there are IPv6 addresses
ipv6=$(curl -sS "$ipv6_url" 2>&1)
if [ -z "$ipv6" ] || ! echo "$ipv6" | grep -qE '^[0-9a-fA-F:/]+$'; then
  echo "Error: Failed to download IPv6 file or file is empty"
  echo -e "To: $email\nSubject: Error to download IPv6 CloudFlare IPs\n\nThe script failed in $date to download them, maybe the file was empty or corrupted without IPs:\n\n URL: $ipv6_url" | $mail_service "$email"
  exit 1
fi


# Create a new file with the defined filename
touch "$filename"

# Write the Header to the file
echo "RemoteIPHeader CF-Connecting-IP" >> "$filename"

# Write IPv4 addresses to the file
echo "# IPV4" >> "$filename"
echo "RemoteIPTrustedProxy $(echo "$ipv4" | tr '\n' ' ' | sed 's/ $//')" >> "$filename"

# Add an empty line to separate sections (IPv4 from IPv6)
echo "" >> "$filename"

# Write IPv6 addresses to the file
echo "# IPV6" >> "$filename"
echo "RemoteIPTrustedProxy $(echo "$ipv6" | tr '\n' ' ' | sed 's/ $//')" >> "$filename"


# Compare and move file if it's different
if cmp -s "$filename" "$destination/$filename"; then
  echo "No changes detected. Not overwriting $destination/$filename."
  rm "$filename"
else
  mv "$filename" "$destination/$filename"
  echo "File created or overwritten in $destination/$filename"
  if [ "$mail_on" = true ]; then
    echo -e "To: $email\nSubject: $filename has been updated (CloudFlare IPs)\n\nThe $destination/$filename has been overwritten on $date after downloading:\n\n $ipv4_url \n $ipv6_url \n\n Script path: $scriptpath" | $mail_service "$email"
  fi
  if [ "$restart_apache" = true ]; then
    $apache_service
  fi
fi
	#!/bin/bash
	# Defining trusted proxy addresses for mod_remoteip to Restore original visitor IPs
	# https://support.cloudflare.com/hc/en-us/articles/200170786-Restoring-original-visitor-IPs
	# IP's from CloudFlare https://www.cloudflare.com/en-gb/ips/

	# Define variables
	ipv4_url="https://www.cloudflare.com/ips-v4"
	ipv6_url="https://www.cloudflare.com/ips-v6"
	filename="remoteip.conf"
	destination="/etc/httpd/conf.modules.d"
	mail_on=true
	email="youremail@domain.com"
	restart_apache=true
	apache_service="systemctl restart httpd"
	mail_service="/usr/sbin/sendmail"
	scriptpath=$(realpath "$0")
	date=$(date '+%d-%m-%Y %H:%M:%S')

	# Download IPv4 file and check if there are IPv4 addresses
	ipv4=$(curl -sS "$ipv4_url" 2>&1)
	if [ -z "$ipv4" ] \|\| ! echo "$ipv4" \| grep -qE '^([0-9]{1,3}\.){3}[0-9]{1,3}/[0-9]{1,2}$'; then
	echo "Error: Failed to download IPv4 file or file is empty"
	echo -e "To: $email\nSubject: Error to download IPv4 CloudFlare IPs\n\nThe script failed in $date to download them, maybe the file was empty or corrupted without IPs:\n\n URL: $ipv4_url" \| $mail_service "$email"
	exit 1
	fi

	# Download IPv6 file and check if there are IPv6 addresses
	ipv6=$(curl -sS "$ipv6_url" 2>&1)
	if [ -z "$ipv6" ] \|\| ! echo "$ipv6" \| grep -qE '^[0-9a-fA-F:/]+$'; then
	echo "Error: Failed to download IPv6 file or file is empty"
	echo -e "To: $email\nSubject: Error to download IPv6 CloudFlare IPs\n\nThe script failed in $date to download them, maybe the file was empty or corrupted without IPs:\n\n URL: $ipv6_url" \| $mail_service "$email"
	exit 1
	fi


	# Create a new file with the defined filename
	touch "$filename"

	# Write the Header to the file
	echo "RemoteIPHeader CF-Connecting-IP" >> "$filename"

	# Write IPv4 addresses to the file
	echo "# IPV4" >> "$filename"
	echo "RemoteIPTrustedProxy $(echo "$ipv4" \| tr '\n' ' ' \| sed 's/ $//')" >> "$filename"

	# Add an empty line to separate sections (IPv4 from IPv6)
	echo "" >> "$filename"

	# Write IPv6 addresses to the file
	echo "# IPV6" >> "$filename"
	echo "RemoteIPTrustedProxy $(echo "$ipv6" \| tr '\n' ' ' \| sed 's/ $//')" >> "$filename"


	# Compare and move file if it's different
	if cmp -s "$filename" "$destination/$filename"; then
	echo "No changes detected. Not overwriting $destination/$filename."
	rm "$filename"
	else
	mv "$filename" "$destination/$filename"
	echo "File created or overwritten in $destination/$filename"
	if [ "$mail_on" = true ]; then
	echo -e "To: $email\nSubject: $filename has been updated (CloudFlare IPs)\n\nThe $destination/$filename has been overwritten on $date after downloading:\n\n $ipv4_url \n $ipv6_url \n\n Script path: $scriptpath" \| $mail_service "$email"
	fi
	if [ "$restart_apache" = true ]; then
	$apache_service
	fi
	fi