61 lines
1.5 KiB
Bash
61 lines
1.5 KiB
Bash
|
#!/usr/bin/env bash
|
||
|
|
#
|
||
|
|
# Transforme MAINTENANCE_IP_LIST="1.2.3.4, 5.6.7.8" en un snippet Nginx :
|
||
|
|
#
|
||
|
|
# geo $ip_in_list {
|
||
|
|
# default 0;
|
||
|
|
# 1.2.3.4 1;
|
||
|
|
# 5.6.7.8 1;
|
||
|
|
# }
|
||
|
|
#
|
||
|
|
# Toute IP malformée (non IPv4 valide) provoque une sortie en erreur.
|
||
|
|
# Usage : build-ip-list.sh <fichier_de_sortie>
|
||
|
|
|
||
|
|
set -euo pipefail
|
||
|
|
|
||
|
|
if [[ $# -ne 1 ]]; then
|
||
|
|
echo "usage: $(basename "$0") <output_file>" >&2
|
||
|
|
exit 2
|
||
|
|
fi
|
||
|
|
|
||
|
|
output_file="$1"
|
||
|
|
|
||
|
|
if [[ -z "${MAINTENANCE_IP_LIST:-}" ]]; then
|
||
|
|
echo "ERROR: MAINTENANCE_IP_LIST est vide ou non défini." >&2
|
||
|
|
exit 1
|
||
|
|
fi
|
||
|
|
|
||
|
|
# Regex IPv4 stricte : chaque octet entre 0 et 255.
|
||
|
|
ipv4_regex='^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)(\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)){3}$'
|
||
|
|
|
||
|
|
declare -a ips=()
|
||
|
|
|
||
|
|
# Découpe sur la virgule, trim les espaces, ignore les entrées vides.
|
||
|
|
IFS=',' read -ra raw_entries <<< "$MAINTENANCE_IP_LIST"
|
||
|
|
for raw in "${raw_entries[@]}"; do
|
||
|
|
ip="${raw// /}"
|
||
|
|
[[ -z "$ip" ]] && continue
|
||
|
|
if ! [[ "$ip" =~ $ipv4_regex ]]; then
|
||
|
|
echo "ERROR: IP invalide dans MAINTENANCE_IP_LIST : '$ip'" >&2
|
||
|
|
exit 1
|
||
|
|
fi
|
||
|
|
ips+=("$ip")
|
||
|
|
done
|
||
|
|
|
||
|
|
if [[ ${#ips[@]} -eq 0 ]]; then
|
||
|
|
echo "ERROR: MAINTENANCE_IP_LIST ne contient aucune IP exploitable." >&2
|
||
|
|
exit 1
|
||
|
|
fi
|
||
|
|
|
||
|
|
{
|
||
|
|
echo "# Généré automatiquement par scripts/build-ip-list.sh — ne pas éditer à la main."
|
||
|
|
echo "geo \$ip_in_list {"
|
||
|
|
echo " default 0;"
|
||
|
|
for ip in "${ips[@]}"; do
|
||
|
|
printf ' %-15s 1;\n' "$ip"
|
||
|
|
done
|
||
|
|
echo "}"
|
||
|
|
} > "$output_file"
|
||
|
|
|
||
|
|
echo "build-ip-list: ${#ips[@]} IP écrites dans $output_file" >&2
|