| 1 | run: |
| 2 | - file: |
| 3 | path: /tmp/add-cloudflare-ips |
| 4 | chmod: +x |
| 5 | contents: | |
| 6 | #!/bin/bash -e |
| 7 | # Download list of CloudFlare ips |
| 8 | wget https://www.cloudflare.com/ips-v4 -O - > /tmp/cloudflare-ips |
| 9 | wget https://www.cloudflare.com/ips-v6 -O - >> /tmp/cloudflare-ips |
| 10 | # Make into nginx commands and escape for inclusion into sed append command |
| 11 | CONTENTS=$(</tmp/cloudflare-ips sed 's/^/set_real_ip_from /' | sed 's/$/;/' | tr '\n' '\\' | sed 's/\\/\\n/g') |
| 12 | |
| 13 | echo CloudFlare IPs: |
| 14 | echo $(echo | sed "/^/a $CONTENTS") |
| 15 | # Insert into discourse.conf |
| 16 | sed -i "/sendfile on;/a $CONTENTS\nreal_ip_header CF-Connecting-IP;" /etc/nginx/conf.d/discourse.conf |
| 17 | # Clean up |
| 18 | rm /tmp/cloudflare-ips |
| 19 | |
| 20 | - exec: "/tmp/add-cloudflare-ips" |
| 21 | - exec: "rm /tmp/add-cloudflare-ips" |