joby/webserver-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix for duplicate banned IPs in nginx config

Browse source
This commit is contained in:
Joby 2024-10-23 17:31:33 -06:00
parent 4f3c885605
commit 94f57a5f00
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
install/nginx-cloudflare-fail2ban.sh
View file

@ -21,16 +21,19 @@ map $http_cf_connecting_ip $is_banned {
CONFFILE CONFFILE
# Create fail2ban action # Create fail2ban action
echo "Creating fail2ban action..."
tee /etc/fail2ban/action.d/nginx-banned-ips.conf << 'ACTIONFILE' tee /etc/fail2ban/action.d/nginx-banned-ips.conf << 'ACTIONFILE'
[Definition] [Definition]
actionstart = actionstart =
actionstop = actionstop =
actioncheck = actioncheck =
actionban = echo '<ip> 1;' >> /etc/nginx/conf.d/banned_ips.conf && nginx -s reload actionban = grep -q '^<ip> 1;$' /etc/nginx/conf.d/banned_ips.conf || echo '<ip> 1;' >> /etc/nginx/conf.d/banned_ips.conf && nginx -s reload
actionunban = sed -i '/<ip>/d' /etc/nginx/conf.d/banned_ips.conf && nginx -s reload actionunban = sed -i '/^<ip> 1;$/d' /etc/nginx/conf.d/banned_ips.conf && nginx -s reload
ACTIONFILE ACTIONFILE
# Clean up existing duplicates
sort -u /etc/nginx/conf.d/banned_ips.conf > /etc/nginx/conf.d/banned_ips.conf.tmp && \
mv /etc/nginx/conf.d/banned_ips.conf.tmp /etc/nginx/conf.d/banned_ips.conf
# Test NGINX configuration # Test NGINX configuration
echo "Testing NGINX configuration..." echo "Testing NGINX configuration..."
nginx -t nginx -t