add a mechanism to update geoblock database files (#1566)

2025-10-26 11:27:32 +00:00 · 2020-10-17 01:32:11 +02:00 · 2020-10-17 01:32:11 +02:00 · da00d07991
commit da00d07991
parent a75e64897e
6 changed files with 87 additions and 0 deletions
--- a/geoblockdat/2020-09-Maxmind-Country-IPv4.dat
+++ b/geoblockdat/2020-09-Maxmind-Country-IPv4.dat
--- a/geoblockdat/2020-09-Maxmind-Country-IPv6.dat
+++ b/geoblockdat/2020-09-Maxmind-Country-IPv6.dat
--- a/geoblockdat/README.md
+++ b/geoblockdat/README.md
@ -0,0 +1,22 @@
+# What is this folder about?
+This folder is only meant for storing GeoIP Legacy Databases which are used by the [geoip script](https://github.com/nextcloud/vm/blob/master/network/geoblock.sh).
+
+All .dat files in this folder are from https://www.miyuru.lk/geoiplegacy and converted by Miyuru Sankalpa.
+
+## How to add updated Database files in here?
+1. Check if the files were updated by Miyuru Sankalpa by visiting [twitter](https://twitter.com/miyurulk) or verfiying the **Last Updated** tag on his [website](https://www.miyuru.lk/geoiplegacy)
+2. If the files were updated, download the newest [Maxmind Country IPv4](https://dl.miyuru.lk/geoip/maxmind/country/maxmind4.dat.gz) and [Maxmind Country IPv6](https://dl.miyuru.lk/geoip/maxmind/country/maxmind6.dat.gz) files
+3. Extract them
+4. Create a PR with those updated database files, add them to this folder and follow this naming scheme:
+
+### Naming scheme:
+**for IPv4:**<br>
+`yyyy-mm-Maxmind-Country-IPv4.dat`<br>
+**for IPv6:**<br>
+`yyyy-mm-Maxmind-Country-IPv6.dat`<br>
+_(Year and month should be chosen based on when the files were updated by Sankalpa)_<br><br>
+**One example is:**<br>
+`2020-09-Maxmind-Country-IPv4.dat`<br>
+and<br>
+`2020-09-Maxmind-Country-IPv6.dat`<br>
+_(If the files were updated on September 2020 by Sankalpa)_
--- a/lib.sh
+++ b/lib.sh
@ -92,6 +92,7 @@ DISK="$GITHUB_REPO/disk"
 NETWORK="$GITHUB_REPO/network"
 VAGRANT_DIR="$GITHUB_REPO/vagrant"
 NOT_SUPPORTED="$GITHUB_REPO/not-supported"
+GEOBLOCKDAT="$GITHUB_REPO/geoblockdat"
 NCREPO="https://download.nextcloud.com/server/releases"
 ISSUES="https://github.com/nextcloud/vm/issues"
 # User information
@ -355,6 +356,60 @@ something is wrong here. Please report this to $ISSUES"
    fi
 }

+# Used in geoblock.sh
+get_newest_dat_files() {
+    # IPv4
+    IPV4_NAME=$(curl -s https://github.com/nextcloud/vm/tree/master/geoblockdat \
+    | grep -oP '202[0-9]-[01][0-9]-Maxmind-Country-IPv4\.dat' | sort -r | head -1)
+    if [ -z "$IPV4_NAME" ]
+    then
+        print_text_in_color "$IRed" "Could not get the newest IPv4_name. Not updating the .dat file"
+        sleep 1
+    else
+        if ! [ -f "$SCRIPTS/$IPV4_NAME" ]
+        then
+            print_text_in_color "$ICyan" "Downloading new IPv4 dat file..."
+            sleep 1
+            check_command curl_to_dir "$GEOBLOCKDAT" "$IPV4_NAME" "$SCRIPTS"
+            check_command rm /usr/share/GeoIP/GeoIP.dat
+            check_command cp "$SCRIPTS/$IPV4_NAME" /usr/share/GeoIP
+            check_command mv "/usr/share/GeoIP/$IPV4_NAME" /usr/share/GeoIP/GeoIP.dat
+            chown root:root /usr/share/GeoIP/GeoIP.dat
+            chmod 644 /usr/share/GeoIP/GeoIP.dat
+            find /var/scripts -type f -regex \
+"$SCRIPTS/202[0-9]-[01][0-9]-Maxmind-Country-IPv4\.dat" -not -name "$IPV4_NAME" -delete
+        else
+            print_text_in_color "$ICyan" "The latest IPv4 dat file is already downloaded."
+            sleep 1
+        fi
+    fi
+    # IPv6
+    IPV6_NAME=$(curl -s https://github.com/nextcloud/vm/tree/master/geoblockdat \
+    | grep -oP '202[0-9]-[01][0-9]-Maxmind-Country-IPv6\.dat' | sort -r | head -1)
+    if [ -z "$IPV6_NAME" ]
+    then
+        print_text_in_color "$IRed" "Could not get the newest IPv6_name. Not updating the .dat file"
+        sleep 1
+    else
+        if ! [ -f "$SCRIPTS/$IPV6_NAME" ]
+        then
+            print_text_in_color "$ICyan" "Downloading new IPv6 dat file..."
+            sleep 1
+            check_command curl_to_dir "$GEOBLOCKDAT" "$IPV6_NAME" "$SCRIPTS"
+            check_command rm /usr/share/GeoIP/GeoIPv6.dat
+            check_command cp "$SCRIPTS/$IPV6_NAME" /usr/share/GeoIP
+            check_command mv "/usr/share/GeoIP/$IPV6_NAME" /usr/share/GeoIP/GeoIPv6.dat
+            chown root:root /usr/share/GeoIP/GeoIPv6.dat
+            chmod 644 /usr/share/GeoIP/GeoIPv6.dat
+            find /var/scripts -type f -regex \
+"$SCRIPTS/202[0-9]-[01][0-9]-Maxmind-Country-IPv6\.dat" -not -name "$IPV6_NAME" -delete
+        else
+            print_text_in_color "$ICyan" "The latest IPv6 dat file is already downloaded."
+            sleep 1
+        fi
+    fi
+}
+
 # Check if process is runnnig: is_process_running dpkg
 is_process_running() {
 PROCESS="$1"
--- a/network/geoblock.sh
+++ b/network/geoblock.sh
@ -56,6 +56,9 @@ install_if_not libapache2-mod-geoip
 check_command a2enmod geoip rewrite
 check_command systemctl restart apache2

+# Download newest dat files
+# get_newest_dat_files # TODO: Uncomment this in a followup PR to be able to test this properly
+
 # Restrict to countries and/or continents
 choice=$(whiptail --title "$TITLE"  --checklist \
 "Do you want to restrict to countries and/or continents?
--- a/nextcloud_update.sh
+++ b/nextcloud_update.sh
@ -272,6 +272,13 @@ then
    ln -s "$ADMINERDIR"/latest.php "$ADMINERDIR"/adminer.php
 fi

+# Get newest dat files for geoblock.sh
+if grep -q "^#Geoip-block" /etc/apache2/apache2.conf
+then
+    # get_newest_dat_files # TODO: Uncomment this in a followup PR to be able to test this properly
+    check_command systemctl restart apache2
+fi
+
 # Update docker containers and remove Watchtower if Bitwarden is preseent due to compatibility issue
 # If Watchtower is installed, but Bitwarden is missing, then let watchtower do its thing
 # If Watchtower is installed together with Bitwarden, then remove Watchtower and run updates