AidasK · November 2, 2023 07:10 · dvershinin · May 11, 2019
diff --git a/README.md b/README.md
diff --git a/cloudflare-update-ip-ranges.sh b/cloudflare-update-ip-ranges.sh
 #!/bin/bash

 set -e

 # Location of the nginx config file that contains the CloudFlare IP addresses.
 CF_NGINX_CONFIG="/etc/nginx/cloudflare"

 # The URLs with the actual IP addresses used by CloudFlare.
 CF_URL_IP4="https://www.cloudflare.com/ips-v4/"
 CF_URL_IP6="https://www.cloudflare.com/ips-v6/"

 # Temporary files.
 CF_TEMP_IP4="/tmp/cloudflare-ips-v4.txt"
 CF_TEMP_IP6="/tmp/cloudflare-ips-v6.txt"

 # Download the files.
 if [ -f /usr/bin/curl ];
 then
    curl --silent -L --output $CF_TEMP_IP4 $CF_URL_IP4
    curl --silent -L --output $CF_TEMP_IP6 $CF_URL_IP6
 elif [ -f /usr/bin/wget ];
 then
    wget --quiet --output-document=$CF_TEMP_IP4 --no-check-certificate $CF_URL_IP4
    wget --quiet --output-document=$CF_TEMP_IP6 --no-check-certificate $CF_URL_IP6
 else
    echo "Unable to download CloudFlare files."
    exit 1
 fi

 if [ ! -s $CF_TEMP_IP4 ]
 then
    echo "Cloudflare IP4 file is empty: $CF_TEMP_IP4"
    exit 1
 fi

 if [ ! -s $CF_TEMP_IP6 ]
 then
    echo "Cloudflare IP6 file is empty: $CF_TEMP_IP6"
    exit 1
 fi

 # Generate the new config file.
 echo "# CloudFlare IP Ranges" > $CF_NGINX_CONFIG
 echo "# Generated at $(date) by $0" >> $CF_NGINX_CONFIG
 echo "" >> $CF_NGINX_CONFIG

 echo "# - IPv4 ($CF_URL_IP4)" >> $CF_NGINX_CONFIG
 awk '{ print "set_real_ip_from " $0 ";" }' $CF_TEMP_IP4 >> $CF_NGINX_CONFIG
 echo "" >> $CF_NGINX_CONFIG

 echo "# - IPv6 ($CF_URL_IP6)" >> $CF_NGINX_CONFIG
 awk '{ print "set_real_ip_from " $0 ";" }' $CF_TEMP_IP6 >> $CF_NGINX_CONFIG
 echo "" >> $CF_NGINX_CONFIG

 #echo "real_ip_header CF-Connecting-IP;" >> $CF_NGINX_CONFIG
 echo "" >> $CF_NGINX_CONFIG

 # Remove the temporary files.
 rm $CF_TEMP_IP4 $CF_TEMP_IP6

 # Reload the nginx config.
 #if hash systemctl 2>/dev/null; then
 #    systemctl restart nginx
 #else
 #    service nginx reload
 #fi
 nginx -s reload
	#!/bin/bash

	set -e

	# Location of the nginx config file that contains the CloudFlare IP addresses.
	CF_NGINX_CONFIG="/etc/nginx/cloudflare"

	# The URLs with the actual IP addresses used by CloudFlare.
	CF_URL_IP4="https://www.cloudflare.com/ips-v4/"
	CF_URL_IP6="https://www.cloudflare.com/ips-v6/"

	# Temporary files.
	CF_TEMP_IP4="/tmp/cloudflare-ips-v4.txt"
	CF_TEMP_IP6="/tmp/cloudflare-ips-v6.txt"

	# Download the files.
	if [ -f /usr/bin/curl ];
	then
	curl --silent -L --output $CF_TEMP_IP4 $CF_URL_IP4
	curl --silent -L --output $CF_TEMP_IP6 $CF_URL_IP6
	elif [ -f /usr/bin/wget ];
	then
	wget --quiet --output-document=$CF_TEMP_IP4 --no-check-certificate $CF_URL_IP4
	wget --quiet --output-document=$CF_TEMP_IP6 --no-check-certificate $CF_URL_IP6
	else
	echo "Unable to download CloudFlare files."
	exit 1
	fi

	if [ ! -s $CF_TEMP_IP4 ]
	then
	echo "Cloudflare IP4 file is empty: $CF_TEMP_IP4"
	exit 1
	fi

	if [ ! -s $CF_TEMP_IP6 ]
	then
	echo "Cloudflare IP6 file is empty: $CF_TEMP_IP6"
	exit 1
	fi

	# Generate the new config file.
	echo "# CloudFlare IP Ranges" > $CF_NGINX_CONFIG
	echo "# Generated at $(date) by $0" >> $CF_NGINX_CONFIG
	echo "" >> $CF_NGINX_CONFIG

	echo "# - IPv4 ($CF_URL_IP4)" >> $CF_NGINX_CONFIG
	awk '{ print "set_real_ip_from " $0 ";" }' $CF_TEMP_IP4 >> $CF_NGINX_CONFIG
	echo "" >> $CF_NGINX_CONFIG

	echo "# - IPv6 ($CF_URL_IP6)" >> $CF_NGINX_CONFIG
	awk '{ print "set_real_ip_from " $0 ";" }' $CF_TEMP_IP6 >> $CF_NGINX_CONFIG
	echo "" >> $CF_NGINX_CONFIG

	#echo "real_ip_header CF-Connecting-IP;" >> $CF_NGINX_CONFIG
	echo "" >> $CF_NGINX_CONFIG

	# Remove the temporary files.
	rm $CF_TEMP_IP4 $CF_TEMP_IP6

	# Reload the nginx config.
	#if hash systemctl 2>/dev/null; then
	# systemctl restart nginx
	#else
	# service nginx reload
	#fi
	nginx -s reload