Skip to content

Commit 015b20a

Browse files
clarkchentwclarkchentw
authored
Code cleanup (hestiacp#2542)
* Remove duplicate code in installer * Update Cloudflare IP range * Add upgrade script and sort Cloudflare IP list
1 parent baaba4e commit 015b20a

File tree

3 files changed

+18
-11
lines changed

3 files changed

+18
-11
lines changed

install/deb/nginx/nginx.conf

Lines changed: 7 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -99,12 +99,13 @@ http {
9999
set_real_ip_from 190.93.240.0/20;
100100
set_real_ip_from 197.234.240.0/22;
101101
set_real_ip_from 198.41.128.0/17;
102-
#set_real_ip_from 2400:cb00::/32;
103-
#set_real_ip_from 2405:b500::/32;
104-
#set_real_ip_from 2606:4700::/32;
105-
#set_real_ip_from 2803:f800::/32;
106-
#set_real_ip_from 2c0f:f248::/32;
107-
#set_real_ip_from 2a06:98c0::/29;
102+
# set_real_ip_from 2400:cb00::/32;
103+
# set_real_ip_from 2405:8100::/32;
104+
# set_real_ip_from 2405:b500::/32;
105+
# set_real_ip_from 2606:4700::/32;
106+
# set_real_ip_from 2803:f800::/32;
107+
# set_real_ip_from 2a06:98c0::/29;
108+
# set_real_ip_from 2c0f:f248::/32;
108109
real_ip_header CF-Connecting-IP;
109110

110111
# SSL PCI compliance

install/hst-install-ubuntu.sh

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1315,11 +1315,6 @@ chown root:mail $HESTIA/ssl/*
13151315
chmod 660 $HESTIA/ssl/*
13161316
rm /tmp/hst.pem
13171317

1318-
# Adding nologin as a valid system shell
1319-
if [ -z "$(grep nologin /etc/shells)" ]; then
1320-
echo "/usr/sbin/nologin" >> /etc/shells
1321-
fi
1322-
13231318
# Install dhparam.pem
13241319
cp -f $HESTIA_INSTALL_DIR/ssl/dhparam.pem /etc/ssl
13251320

install/upgrade/versions/1.6.0.sh

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -67,3 +67,14 @@ fi
6767
if [[ ! -d $HESTIA/data/api ]]; then
6868
cp -rf $HESTIA_INSTALL_DIR/api $HESTIA/data/
6969
fi
70+
71+
# Update Cloudflare address
72+
if [ -f /etc/nginx/nginx.conf ] && [ "$(grep 'set_real_ip_from 2405:8100::/32' /etc/nginx/nginx.conf)" = "" ];then
73+
echo "[ * ] Updating nginx configuration with changes to Cloudflare IP addresses"
74+
sed -i "/#set_real_ip_from 2405:b500::\/32;/d" /etc/nginx/nginx.conf
75+
sed -i "/#set_real_ip_from 2606:4700::\/32;/d" /etc/nginx/nginx.conf
76+
sed -i "/#set_real_ip_from 2803:f800::\/32;/d" /etc/nginx/nginx.conf
77+
sed -i "/#set_real_ip_from 2c0f:f248::\/32;/d" /etc/nginx/nginx.conf
78+
sed -i "/#set_real_ip_from 2a06:98c0::\/29;/d" /etc/nginx/nginx.conf
79+
sed -i "s/#set_real_ip_from 2400:cb00::\/32;/# set_real_ip_from 2400:cb00::\/32;\n # set_real_ip_from 2606:4700::\/32;\n # set_real_ip_from 2803:f800::\/32;\n # set_real_ip_from 2405:b500::\/32;\n # set_real_ip_from 2405:8100::\/32;\n # set_real_ip_from 2a06:98c0::\/29;\n # set_real_ip_from 2c0f:f248::\/32;/g" /etc/nginx/nginx.conf
80+
fi

0 commit comments

Comments
 (0)