Skip to content

Commit a8c4685

Browse files
jaapmarcusjaapmarcus
authored
Fix hestiacp#3448 Installers (hestiacp#3449)
1 parent 7d1641e commit a8c4685

File tree

2 files changed

+36
-28
lines changed

2 files changed

+36
-28
lines changed

install/hst-install-debian.sh

Lines changed: 18 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1335,22 +1335,26 @@ if [ -n "$resolver" ]; then
13351335
fi
13361336

13371337
# https://github.com/ergin/nginx-cloudflare-real-ip/
1338-
CLOUDFLARE_FILE_PATH='/etc/nginx/conf.d/cloudflare.inc'
1339-
echo "#Cloudflare" > $CLOUDFLARE_FILE_PATH
1340-
echo "" >> $CLOUDFLARE_FILE_PATH
1338+
cf_ips="$(curl -fsLm2 --retry 1 https://api.cloudflare.com/client/v4/ips)"
13411339

1342-
echo "# - IPv4" >> $CLOUDFLARE_FILE_PATH
1343-
for i in $(curl -s -L https://www.cloudflare.com/ips-v4); do
1344-
echo "set_real_ip_from $i;" >> $CLOUDFLARE_FILE_PATH
1345-
done
1346-
echo "" >> $CLOUDFLARE_FILE_PATH
1347-
echo "# - IPv6" >> $CLOUDFLARE_FILE_PATH
1348-
for i in $(curl -s -L https://www.cloudflare.com/ips-v6); do
1349-
echo "set_real_ip_from $i;" >> $CLOUDFLARE_FILE_PATH
1350-
done
1340+
if [ -n "$cf_ips" ] && [ "$(echo "$cf_ips" | jq -r '.success//""')" = "true" ]; then
1341+
cf_inc="/etc/nginx/conf.d/cloudflare.inc"
13511342

1352-
echo "" >> $CLOUDFLARE_FILE_PATH
1353-
echo "real_ip_header CF-Connecting-IP;" >> $CLOUDFLARE_FILE_PATH
1343+
echo "[ * ] Updating Cloudflare IP Ranges for Nginx..."
1344+
echo "# Cloudflare IP Ranges" > $cf_inc
1345+
echo "" >> $cf_inc
1346+
echo "# IPv4" >> $cf_inc
1347+
for ipv4 in $(echo "$cf_ips" | jq -r '.result.ipv4_cidrs[]//""' | sort); do
1348+
echo "set_real_ip_from $ipv4;" >> $cf_inc
1349+
done
1350+
echo "" >> $cf_inc
1351+
echo "# IPv6" >> $cf_inc
1352+
for ipv6 in $(echo "$cf_ips" | jq -r '.result.ipv6_cidrs[]//""' | sort); do
1353+
echo "set_real_ip_from $ipv6;" >> $cf_inc
1354+
done
1355+
echo "" >> $cf_inc
1356+
echo "real_ip_header CF-Connecting-IP;" >> $cf_inc
1357+
fi
13541358

13551359
update-rc.d nginx defaults > /dev/null 2>&1
13561360
systemctl start nginx >> $LOG

install/hst-install-ubuntu.sh

Lines changed: 18 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1383,22 +1383,26 @@ if [ -n "$resolver" ]; then
13831383
fi
13841384

13851385
# https://github.com/ergin/nginx-cloudflare-real-ip/
1386-
CLOUDFLARE_FILE_PATH='/etc/nginx/conf.d/cloudflare.inc'
1387-
echo "#Cloudflare" > $CLOUDFLARE_FILE_PATH
1388-
echo "" >> $CLOUDFLARE_FILE_PATH
1386+
cf_ips="$(curl -fsLm2 --retry 1 https://api.cloudflare.com/client/v4/ips)"
13891387

1390-
echo "# - IPv4" >> $CLOUDFLARE_FILE_PATH
1391-
for i in $(curl -s -L https://www.cloudflare.com/ips-v4); do
1392-
echo "set_real_ip_from $i;" >> $CLOUDFLARE_FILE_PATH
1393-
done
1394-
echo "" >> $CLOUDFLARE_FILE_PATH
1395-
echo "# - IPv6" >> $CLOUDFLARE_FILE_PATH
1396-
for i in $(curl -s -L https://www.cloudflare.com/ips-v6); do
1397-
echo "set_real_ip_from $i;" >> $CLOUDFLARE_FILE_PATH
1398-
done
1388+
if [ -n "$cf_ips" ] && [ "$(echo "$cf_ips" | jq -r '.success//""')" = "true" ]; then
1389+
cf_inc="/etc/nginx/conf.d/cloudflare.inc"
13991390

1400-
echo "" >> $CLOUDFLARE_FILE_PATH
1401-
echo "real_ip_header CF-Connecting-IP;" >> $CLOUDFLARE_FILE_PATH
1391+
echo "[ * ] Updating Cloudflare IP Ranges for Nginx..."
1392+
echo "# Cloudflare IP Ranges" > $cf_inc
1393+
echo "" >> $cf_inc
1394+
echo "# IPv4" >> $cf_inc
1395+
for ipv4 in $(echo "$cf_ips" | jq -r '.result.ipv4_cidrs[]//""' | sort); do
1396+
echo "set_real_ip_from $ipv4;" >> $cf_inc
1397+
done
1398+
echo "" >> $cf_inc
1399+
echo "# IPv6" >> $cf_inc
1400+
for ipv6 in $(echo "$cf_ips" | jq -r '.result.ipv6_cidrs[]//""' | sort); do
1401+
echo "set_real_ip_from $ipv6;" >> $cf_inc
1402+
done
1403+
echo "" >> $cf_inc
1404+
echo "real_ip_header CF-Connecting-IP;" >> $cf_inc
1405+
fi
14021406

14031407
update-rc.d nginx defaults > /dev/null 2>&1
14041408
systemctl start nginx >> $LOG

0 commit comments

Comments
 (0)