74bd6524 |
1 | run: |
2 | - file: |
3 | path: /tmp/add-cloudflare-ips |
4 | chmod: +x |
5 | contents: | |
6 | #!/bin/bash -e |
7 | # Download list of CloudFlare ips |
8 | wget https://www.cloudflare.com/ips-v4 -O - > /tmp/cloudflare-ips |
74bd6524 |
9 | wget https://www.cloudflare.com/ips-v6 -O - >> /tmp/cloudflare-ips |
10 | # Make into nginx commands and escape for inclusion into sed append command |
11 | CONTENTS=$(</tmp/cloudflare-ips sed 's/^/set_real_ip_from /' | sed 's/$/;/' | tr '\n' '\\' | sed 's/\\/\\n/g') |
12 | |
13 | echo CloudFlare IPs: |
14 | echo $(echo | sed "/^/a $CONTENTS") |
15 | # Insert into discourse.conf |
16 | sed -i "/sendfile on;/a $CONTENTS\nreal_ip_header CF-Connecting-IP;" /etc/nginx/conf.d/discourse.conf |
17 | # Clean up |
18 | rm /tmp/cloudflare-ips |
19 | |
20 | - exec: "/tmp/add-cloudflare-ips" |
21 | - exec: "rm /tmp/add-cloudflare-ips" |