From 41797e4501e560e74666e66698c1cfe14840da6b Mon Sep 17 00:00:00 2001 From: Stuart Cardall Date: Sat, 25 Mar 2017 02:06:25 +0000 Subject: [PATCH] improve updatenginxblocker.sh adds compatibility for reloading Nginx on: * Arch Linux (does not have a 'service' command) * OpenRC (older versions do not have /sbin/service) tested on Debian / Arch / Centos / Alpine Linux --- updatenginxblocker.sh | 51 +++++++++++++++++++++++++++++++++---------- 1 file changed, 40 insertions(+), 11 deletions(-) diff --git a/updatenginxblocker.sh b/updatenginxblocker.sh index 31c2f7d7a14..28fc1f7a2e3 100755 --- a/updatenginxblocker.sh +++ b/updatenginxblocker.sh @@ -1,7 +1,9 @@ -#!/bin/bash -# Bash Script for Auto Updating the Nginx Bad Bot Blocker +#!/bin/sh + +# Shell Script for Auto Updating the Nginx Bad Bot Blocker # Copyright - https://github.com/mitchellkrogza # Project Url: https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker +# Alpine / Arch Linux / Debian / Centos script compatibility by Stuart Cardall # MAKE SURE you have your whitelist-ips.conf and whitelist-domains.conf files in /etc/nginx/bots.d # A major change to using include files was introduced in @@ -9,18 +11,45 @@ # PLEASE READ UPDATED CONFIGURATION INSTRUCTIONS BEFORE USING THIS -# Save this file as /bin/updatenginxblocker.sh -# Make it Executable chmod +x /bin/updatenginxblocker.sh +# Save this file as /usr/sbin/updatenginxblocker +# Make it Executable chmod 700 /usr/sbin/updatenginxblocker # RUN THE UPDATE # Here our script runs, pulls the latest update, reloads nginx and emails you a notification -# Place your own valid email address where it says "me@myemail.com" - -cd /etc/nginx/conf.d -sudo wget https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/globalblacklist.conf -O globalblacklist.conf -sudo service nginx reload | mail -s "Nginx Bad Bot Blocker Updated" me@myemail.com -exit 0 + +email="me@myemail.com" +conf_dir=/etc/nginx/conf.d +url=https://raw.githubusercontent.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker/master/conf.d/globalblacklist.conf + +service_cmd() { + # arch linux does not have a 'service' command + local svc= svc_list="service systemctl rc-service" + + for svc in $svc_list; do + svc=$(which $svc 2>/dev/null) + if [ -n "$svc" ]; then + echo $svc + exit 0 + fi + done +} + +# require root +if [ "$(id -u)" != "0" ]; then + echo "This script must be run as root" 1>&2 + exit 1 +fi + +# default to service (centos does not have 'which' by default) +service=${service_cmd:-"service"} + +# download update & email notification +mkdir -p $conf_dir +wget $url -O $conf_dir/globalblacklist.conf +$service nginx reload | mail -s "Nginx Bad Bot Blocker Updated" $email + +exit $? # Add this as a cron to run daily / weekly as you like # Here's a sample CRON entry to update every day at 10pm -# 00 22 * * * /bin/updatenginxblocker.sh +# 00 22 * * * /usr/sbin/updatenginxblocker