jasima/majuna
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

proxy/smart: remove geoip configuration (unused)

Browse source
This commit is contained in:
Iain Learmonth 2022-10-08 18:08:06 +01:00
parent 0c8ecae319
commit 21fffa8a91
2 changed files with 0 additions and 99 deletions
Download patch file Download diff file Expand all files Collapse all files

26
app/terraform/proxy/__init__.py
View file

@ -11,7 +11,6 @@ from app import app
from app.extensions import db from app.extensions import db
from app.models.base import Group from app.models.base import Group
from app.models.mirrors import Proxy, Origin, SmartProxy from app.models.mirrors import Proxy, Origin, SmartProxy
from app.terraform.proxy.lib import all_cdn_prefixes
from app.terraform.terraform import TerraformAutomation from app.terraform.terraform import TerraformAutomation
@ -36,10 +35,6 @@ def update_smart_proxy_instance(group_id: int,
instance.instance_id = instance_id instance.instance_id = instance_id
def sp_trusted_prefixes() -> str:
return "\n".join([f"geoip2_proxy {p};" for p in all_cdn_prefixes()])
class ProxyAutomation(TerraformAutomation): class ProxyAutomation(TerraformAutomation):
subgroup_members_max = sys.maxsize subgroup_members_max = sys.maxsize
""" """
@ -106,31 +101,10 @@ class ProxyAutomation(TerraformAutomation):
Origin.smart.is_(True) Origin.smart.is_(True)
).all() ).all()
self.tmpl_write(f"smart_proxy.{group.id}.conf", """ self.tmpl_write(f"smart_proxy.{group.id}.conf", """
geoip2 /usr/share/GeoIP/GeoIP2-City.mmdb {
auto_reload 5m;
$geoip2_metadata_country_build metadata build_epoch;
$geoip2_data_country_code default=US country iso_code;
}
""" + sp_trusted_prefixes() + """
geoip2_proxy_recursive on;
map $geoip2_data_country_code $redirect_country {
default yes;
""" + "\n".join([f" {cc} no;" for cc in app.config['CENSORED_COUNTRIES']]) + """
}
{% for origin in origins %} {% for origin in origins %}
server { server {
listen 443 ssl; listen 443 ssl;
server_name origin-{{ origin.id }}.{{ provider }}.smart.{{ smart_zone[:-1] }}; server_name origin-{{ origin.id }}.{{ provider }}.smart.{{ smart_zone[:-1] }};
if ($redirect_country = yes) {
set $redirect_test 1;
}
if ($arg_redirect = "false") {
set $redirect_test 0;
}
if ($redirect_test = 2) {
rewrite ^ https://{{ origin.domain_name }}$request_uri? break;
}
location / { location / {
proxy_set_header Accept-Encoding ""; proxy_set_header Accept-Encoding "";
proxy_ssl_server_name on; proxy_ssl_server_name on;

73
app/terraform/proxy/lib.py
View file

@ -1,73 +0,0 @@
import ipaddress
from typing import List, Dict, Any, Optional, Union, Set, Iterable
import requests
class CDNRange:
ipv4_ranges: List[ipaddress.IPv4Network]
ipv6_ranges: List[ipaddress.IPv6Network]
def __init__(self) -> None:
self.ipv4_ranges = list()
self.ipv6_ranges = list()
class AWS(CDNRange):
def __init__(self, *, data: Optional[Dict[str, Any]] = None) -> None:
super().__init__()
if data is None:
data = requests.get("https://ip-ranges.amazonaws.com/ip-ranges.json").json()
self.ipv4_ranges.extend([ipaddress.ip_network(p["ip_prefix"]) for p in data["prefixes"]]) # type: ignore[misc]
self.ipv6_ranges.extend([ipaddress.ip_network(p["ipv6_prefix"]) for p in data["ipv6_prefixes"]]) # type: ignore[misc]
class AWSCloudFront(CDNRange):
def __init__(self, *, data: Optional[Dict[str, List[str]]] = None) -> None:
super().__init__()
if data is None:
data = requests.get("https://d7uri8nf7uskq.cloudfront.net/tools/list-cloudfront-ips").json()
for key in data.keys():
for item in data[key]:
network = ipaddress.ip_network(item)
if isinstance(network, ipaddress.IPv4Network):
self.ipv4_ranges.append(network)
else:
self.ipv6_ranges.append(network)
class AzureFrontDoorBackend(CDNRange):
def __init__(self, *, data: Optional[List[Dict[str, Any]]] = None) -> None:
super().__init__()
if data is None:
data = requests.get(
"https://azureipranges.azurewebsites.net/getPrefixes/Public/AzureFrontDoor.Backend").json()
for item in data[0]["addressPrefixes"]:
range = ipaddress.ip_network(item)
if isinstance(range, ipaddress.IPv4Network):
self.ipv4_ranges.append(range)
else:
self.ipv6_ranges.append(range)
class Fastly(CDNRange):
def __init__(self, *, data: Optional[Dict[str, List[str]]] = None) -> None:
super().__init__()
if data is None:
data = requests.get("https://api.fastly.com/public-ip-list").json()
self.ipv4_ranges.extend([ipaddress.ip_network(p) for p in data["addresses"]]) # type: ignore[misc]
self.ipv6_ranges.extend([ipaddress.ip_network(p) for p in data["ipv6_addresses"]]) # type: ignore[misc]
def all_cdn_prefixes() -> Iterable[str]:
prefixes: Set[Union[ipaddress.IPv4Network, ipaddress.IPv6Network]] = set()
aws = AWS()
prefixes.update(aws.ipv4_ranges)
prefixes.update(aws.ipv6_ranges)
# azure = AzureFrontDoorBackend()
# prefixes.update(azure.ipv4_ranges)
# prefixes.update(azure.ipv6_ranges)
# fastly = Fastly()
# prefixes.update(fastly.ipv4_ranges)
# prefixes.update(fastly.ipv6_ranges)
return [str(p) for p in prefixes]