Skip to content

Instantly share code, notes, and snippets.

@selfagency
Last active September 15, 2023 12:21
Show Gist options
  • Save selfagency/4a4c2aa4340323ed56f74ef57f8bde1c to your computer and use it in GitHub Desktop.
Save selfagency/4a4c2aa4340323ed56f74ef57f8bde1c to your computer and use it in GitHub Desktop.
[update digital ocean firewall] update digital ocean firewall rules to add current ip and remove old external ips
# Requires doctl and the "public-ip-cli" npm module to be globally installed.
#!/bin/sh
FWID="YOUR_FIREWALL_ID"
IPV4=$("${HOME}/.nodebrew/current/bin/public-ip" --4)
#IPV6=$("${HOME}/.nodebrew/current/bin/public-ip" --6)
printf "🔥 Updating DO firewall rules\n\n"
OLD_RULES="$(doctl compute firewall get "${FWID}" --format InboundRules | tr ' ' '\n' | grep -E 'ports:22|ports:2022' | tr '\n' ' ' | sed '$ s/.$//')"
if [ "${OLD_RULES}" = "\"\"" ]; then
printf "No rules to remove.\n\n"
else
printf "Removing %s\n\n" "${OLD_RULES}"
REMOVE="doctl compute firewall remove-rules ${FWID} --inbound-rules=${OLD_RULES} -v"
# echo "${REMOVE}"
eval "${REMOVE}"
fi
# NEW_RULES="\"protocol:tcp,ports:22,address:${IPV4},address:${IPV6}
# protocol:udp,ports:60000-61000,address:${IPV4},address:${IPV6}\""
NEW_RULES="\"protocol:tcp,ports:22,address:${IPV4} protocol:udp,ports:60000-61000,address:${IPV4}\""
printf "Adding %s\n\n" "${NEW_RULES}"
ADD="doctl compute firewall add-rules ${FWID} --inbound-rules=${NEW_RULES} -v"
# echo "${ADD}"
eval "${ADD}"
printf "🏁 Done."
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment