From 2fad8816a6ec305c87743ad3505387e8a70e4182 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Bompard?= Date: Tue, 6 Aug 2024 18:19:57 +0200 Subject: [PATCH] Restore the GeoIP download script MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Aurélien Bompard --- roles/batcave/files/geoip-download-databases | 49 ------------------- roles/batcave/tasks/main.yml | 13 +++-- .../templates/geoip-download-databases | 24 +++++++++ 3 files changed, 33 insertions(+), 53 deletions(-) delete mode 100755 roles/batcave/files/geoip-download-databases create mode 100755 roles/batcave/templates/geoip-download-databases diff --git a/roles/batcave/files/geoip-download-databases b/roles/batcave/files/geoip-download-databases deleted file mode 100755 index 0bceb57c55..0000000000 --- a/roles/batcave/files/geoip-download-databases +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash -BASE_URL='http://geolite.maxmind.com/download/geoip/database/' -GEOLITE_COUNTRY_DB='GeoLiteCountry/GeoIP.dat' -GEOLITE_COUNTRY_IPV6_DB='GeoIPv6.dat' -GEOLITE_CITY_DB='GeoLiteCity.dat' -GEOLITE_CITY_IPV6_DB='GeoLiteCityv6-beta/GeoLiteCityv6.dat' - -if [ $# -eq 0 ]; then - echo "usage: geoip-download-databases " >&2 - exit 1 -fi - -outdir="$1" -tmpdir=$(mktemp -d) || exit 1 -trap "rm -rf ${tmpdir}" EXIT QUIT HUP KILL TERM - -pushd $tmpdir -wget "${BASE_URL}${GEOLITE_COUNTRY_DB}.gz" || exit 1 -wget "${BASE_URL}${GEOLITE_COUNTRY_IPV6_DB}.gz" || exit 1 -wget "${BASE_URL}${GEOLITE_CITY_DB}.gz" || exit 1 -wget "${BASE_URL}${GEOLITE_CITY_IPV6_DB}.gz" || exit 1 -gunzip * - -function file_size() -{ - local size - size=$(stat -c "%s" $1 2>/dev/null) - if [ -n "${size}" ]; then - echo ${size} - else - echo 0 - fi -} - -# 200KB. The country database should be just over 1MB, while the city database is presently 43MB. -# This is big enough to notice a seriously corrupted download. -MIN_SIZE=$((1024*200)) -IPV6_MIN_SIZE=$((1024*40)) - -if [ $(file_size $(basename ${GEOLITE_COUNTRY_DB})) -gt ${MIN_SIZE} -a \ - $(file_size $(basename ${GEOLITE_CITY_DB})) -gt ${MIN_SIZE} -a \ - $(file_size $(basename ${GEOLITE_COUNTRY_IPV6_DB})) -gt ${IPV6_MIN_SIZE} -a \ - $(file_size $(basename ${GEOLITE_CITY_IPV6_DB})) -gt ${IPV6_MIN_SIZE} ]; then - cp -a $(basename ${GEOLITE_COUNTRY_DB}) $(basename ${GEOLITE_CITY_DB}) $(basename ${GEOLITE_COUNTRY_IPV6_DB}) $(basename ${GEOLITE_CITY_IPV6_DB}) "${outdir}" -else - echo "unable to retrieve databases." >&2 - exit 1 -fi -exit 0 diff --git a/roles/batcave/tasks/main.yml b/roles/batcave/tasks/main.yml index c748f3946b..1ef12b813b 100644 --- a/roles/batcave/tasks/main.yml +++ b/roles/batcave/tasks/main.yml @@ -400,18 +400,23 @@ # - name: Install geoip download databases script - copy: src=geoip-download-databases dest=/usr/local/bin/geoip-download-databases mode=0755 + template: + src: geoip-download-databases + dest: /usr/local/bin/geoip-download-databases + mode: 0755 tags: - batcave - config - when: inventory_hostname.startswith('batcave01.phx2') - name: Install geoip download cron - copy: src=geoip-download-databases.cron dest=/etc/cron.d/geoip-download-databases.cron mode=0644 + copy: + src: geoip-download-databases.cron + dest: /etc/cron.d/geoip-download-databases.cron + mode: 0644 tags: - batcave - config - when: inventory_hostname.startswith('batcave01.phx2') + when: inventory_hostname.startswith('batcave01') # # set selinux context for /srv/web/infra diff --git a/roles/batcave/templates/geoip-download-databases b/roles/batcave/templates/geoip-download-databases new file mode 100755 index 0000000000..abf135447b --- /dev/null +++ b/roles/batcave/templates/geoip-download-databases @@ -0,0 +1,24 @@ +#!/bin/bash +BASE_URL='https://download.maxmind.com/geoip/databases' + +if [ $# -eq 0 ]; then + echo "usage: geoip-download-databases " >&2 + exit 1 +fi + +set -e + +outdir="$1" +tmpdir=$(mktemp -d) || exit 1 +trap "rm -rf ${tmpdir}" EXIT QUIT HUP KILL TERM + +pushd $tmpdir +wget --content-disposition --user={{ maxmind_account_id }} --password={{ maxmind_license_key }} "${BASE_URL}/GeoLite2-Country/download?suffix=tar.gz" +wget --content-disposition --user={{ maxmind_account_id }} --password={{ maxmind_license_key }} "${BASE_URL}/GeoLite2-Country/download?suffix=tar.gz.sha256" +wget --content-disposition --user={{ maxmind_account_id }} --password={{ maxmind_license_key }} "${BASE_URL}/GeoLite2-City/download?suffix=tar.gz" +wget --content-disposition --user={{ maxmind_account_id }} --password={{ maxmind_license_key }} "${BASE_URL}/GeoLite2-City/download?suffix=tar.gz.sha256" + +sha256sum -c *.sha256 + +for tarball in *.tar.gz; do tar -xf "$tarball"; done +cp -a */*.mmdb "${outdir}"