Compare commits
11 Commits
753893c836
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| 8a4ec32861 | |||
| 9cb11db43a | |||
| 5d8c3c313c | |||
| 6900c4dd75 | |||
| 43a088d118 | |||
| 7518619a74 | |||
| 95e14caeb6 | |||
| b87c8a9a6d | |||
| 3e57aaa098 | |||
| e074327e49 | |||
| 01b0b8228e |
111
compose.yml
111
compose.yml
@@ -1,73 +1,110 @@
|
|||||||
services:
|
services:
|
||||||
flodpodmaster:
|
flodpodmaster:
|
||||||
image: git.send.nrw/sendnrw/flod-pod:latest
|
image: git.send.nrw/sendnrw/flod-pod:latest
|
||||||
container_name: ipblock-master
|
container_name: flodpodmaster
|
||||||
|
labels:
|
||||||
|
- traefik.enable=true
|
||||||
|
- traefik.http.routers.flodpodmaster.rule=Host(`flod-proxy.send.nrw`)
|
||||||
|
- traefik.http.services.flodpodmaster.loadbalancer.server.port=8080
|
||||||
|
- traefik.http.routers.flodpodmaster.entrypoints=websecure
|
||||||
|
- traefik.http.routers.flodpodmaster.tls=true
|
||||||
|
- traefik.http.routers.flodpodmaster.tls.certresolver=letsencrypt
|
||||||
|
- traefik.http.middlewares.flodpodmaster0-redirect.redirectscheme.scheme=https
|
||||||
|
- traefik.http.middlewares.flodpodmaster0-redirect.redirectscheme.permanent=true
|
||||||
|
- traefik.http.routers.flodpodmaster0.rule=Host(`flod-proxy.send.nrw`)
|
||||||
|
- traefik.http.routers.flodpodmaster0.entrypoints=web
|
||||||
|
- traefik.http.routers.flodpodmaster0.middlewares=flodpodmaster0-redirect
|
||||||
|
- traefik.protocol=http
|
||||||
depends_on:
|
depends_on:
|
||||||
- redis
|
- flodredis
|
||||||
networks:
|
networks:
|
||||||
- flod_nw
|
- traefik-net
|
||||||
environment:
|
environment:
|
||||||
# Beispiel – mehrere Listen in einer Kategorie „spam“
|
# Beispiel – mehrere Listen in einer Kategorie „spam“
|
||||||
BLOCKLIST_MODE: master
|
BLOCKLIST_MODE: master
|
||||||
REDIS_ADDR: redis:6379
|
REDIS_ADDR: flodredis:6379
|
||||||
HASH_NAME: bl:flodpod
|
HASH_NAME: bl:flodpod
|
||||||
MASTER_URL: https://flod-proxy.send.nrw
|
MASTER_URL: https://flod-proxy.send.nrw
|
||||||
#ports:
|
#ports:
|
||||||
#- "8080:8080" # <host>:<container>
|
#- "8080:8080" # <host>:<container>
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
api:
|
flodmaster:
|
||||||
image: git.send.nrw/sendnrw/flod:latest
|
image: git.send.nrw/sendnrw/flod:latest
|
||||||
container_name: ipblock-api
|
container_name: flodmaster
|
||||||
|
labels:
|
||||||
|
- traefik.enable=true
|
||||||
|
- traefik.http.routers.flodmaster.rule=Host(`flod.send.nrw`)
|
||||||
|
- traefik.http.services.flodmaster.loadbalancer.server.port=8080
|
||||||
|
- traefik.http.routers.flodmaster.entrypoints=websecure
|
||||||
|
- traefik.http.routers.flodmaster.tls=true
|
||||||
|
- traefik.http.routers.flodmaster.tls.certresolver=letsencrypt
|
||||||
|
- traefik.http.middlewares.flodmaster0-redirect.redirectscheme.scheme=https
|
||||||
|
- traefik.http.middlewares.flodmaster0-redirect.redirectscheme.permanent=true
|
||||||
|
- traefik.http.routers.flodmaster0.rule=Host(`flod.send.nrw`)
|
||||||
|
- traefik.http.routers.flodmaster0.entrypoints=web
|
||||||
|
- traefik.http.routers.flodmaster0.middlewares=flodmaster0-redirect
|
||||||
|
- traefik.protocol=http
|
||||||
networks:
|
networks:
|
||||||
- flod_nw
|
- traefik-net
|
||||||
depends_on:
|
depends_on:
|
||||||
- redis
|
- flodredis
|
||||||
- importer
|
- flodimporter
|
||||||
environment:
|
environment:
|
||||||
# Redis-Adresse schon per Docker-Netzwerk korrekt:
|
# Redis-Adresse schon per Docker-Netzwerk korrekt:
|
||||||
REDIS_ADDR: redis:6379
|
REDIS_ADDR: flodredis:6379
|
||||||
ROLE: worker
|
ROLE: worker
|
||||||
TTL_HOURS: "720"
|
TTL_HOURS: "720"
|
||||||
|
FLOD_IMPORT_URL: http://flodimporter:8080
|
||||||
#ports:
|
#ports:
|
||||||
#- "8080:8080" # <host>:<container>
|
#- "8080:8080" # <host>:<container>
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
flodimporter:
|
||||||
importer:
|
|
||||||
image: git.send.nrw/sendnrw/flod-ipv64-parser:latest
|
image: git.send.nrw/sendnrw/flod-ipv64-parser:latest
|
||||||
container_name: ipblock-importer
|
container_name: flodimporter
|
||||||
|
depends_on:
|
||||||
|
- flodredis
|
||||||
|
labels:
|
||||||
|
- traefik.enable=true
|
||||||
|
- traefik.http.routers.flodimporter.rule=Host(`flod-import.send.nrw`)
|
||||||
|
- traefik.http.services.flodimporter.loadbalancer.server.port=8080
|
||||||
|
- traefik.http.routers.flodimporter.entrypoints=websecure
|
||||||
|
- traefik.http.routers.flodimporter.tls=true
|
||||||
|
- traefik.http.routers.flodimporter.tls.certresolver=letsencrypt
|
||||||
|
- traefik.http.middlewares.flodimporter0-redirect.redirectscheme.scheme=https
|
||||||
|
- traefik.http.middlewares.flodimporter0-redirect.redirectscheme.permanent=true
|
||||||
|
- traefik.http.routers.flodimporter0.rule=Host(`flod-import.send.nrw`)
|
||||||
|
- traefik.http.routers.flodimporter0.entrypoints=web
|
||||||
|
- traefik.http.routers.flodimporter0.middlewares=flodimporter0-redirect
|
||||||
|
- traefik.protocol=http
|
||||||
|
environment:
|
||||||
|
SERVEONLY: "1"
|
||||||
|
DELAY: ""
|
||||||
|
OUTDIR: ""
|
||||||
|
LIST: ""
|
||||||
|
LISTEN: :8080
|
||||||
|
PREFIX: http://flodimporter:8080
|
||||||
networks:
|
networks:
|
||||||
- flod_nw
|
- traefik-net
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
volumes:
|
volumes:
|
||||||
- importer-lists:/lists
|
- importer-lists:/lists
|
||||||
|
flodredis:
|
||||||
redis:
|
|
||||||
image: redis:7-alpine
|
image: redis:7-alpine
|
||||||
container_name: ipblock-redis
|
container_name: flodredis
|
||||||
ports:
|
ports:
|
||||||
- "6379:6379"
|
- 6379:6379
|
||||||
networks:
|
networks:
|
||||||
- flod_nw
|
- traefik-net
|
||||||
command: ["redis-server", "/usr/local/etc/redis/redis.conf"]
|
command:
|
||||||
|
- redis-server
|
||||||
|
- /usr/local/etc/redis/redis.conf
|
||||||
volumes:
|
volumes:
|
||||||
- redis-data:/data # falls du doch Persistence willst
|
- redis-data:/data # falls du doch Persistence willst
|
||||||
- /home/groot/flod/redis.conf:/usr/local/etc/redis/redis.conf:ro
|
- /docker/flod_redis/redis.conf:/usr/local/etc/redis/redis.conf:ro
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
|
||||||
newt:
|
|
||||||
image: fosrl/newt
|
|
||||||
container_name: newt
|
|
||||||
networks:
|
|
||||||
- flod_nw
|
|
||||||
restart: unless-stopped
|
|
||||||
environment:
|
|
||||||
- PANGOLIN_ENDPOINT=
|
|
||||||
- NEWT_ID=
|
|
||||||
- NEWT_SECRET=
|
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
flod_nw:
|
traefik-net:
|
||||||
|
external: true
|
||||||
volumes:
|
volumes:
|
||||||
redis-data:
|
redis-data: null
|
||||||
importer-lists:
|
importer-lists: null
|
||||||
6
go.mod
6
go.mod
@@ -1,10 +1,10 @@
|
|||||||
module git.send.nrw/sendnrw/flod
|
module git.send.nrw/sendnrw/flod
|
||||||
|
|
||||||
go 1.24.3
|
go 1.24.4
|
||||||
|
|
||||||
require (
|
require (
|
||||||
github.com/hashicorp/golang-lru/v2 v2.0.7
|
|
||||||
github.com/prometheus/client_golang v1.22.0
|
github.com/prometheus/client_golang v1.22.0
|
||||||
|
github.com/redis/go-redis/v9 v9.10.0
|
||||||
)
|
)
|
||||||
|
|
||||||
require (
|
require (
|
||||||
@@ -15,7 +15,7 @@ require (
|
|||||||
github.com/prometheus/client_model v0.6.1 // indirect
|
github.com/prometheus/client_model v0.6.1 // indirect
|
||||||
github.com/prometheus/common v0.62.0 // indirect
|
github.com/prometheus/common v0.62.0 // indirect
|
||||||
github.com/prometheus/procfs v0.15.1 // indirect
|
github.com/prometheus/procfs v0.15.1 // indirect
|
||||||
github.com/redis/go-redis/v9 v9.10.0 // indirect
|
github.com/yl2chen/cidranger v1.0.2 // indirect
|
||||||
golang.org/x/sys v0.30.0 // indirect
|
golang.org/x/sys v0.30.0 // indirect
|
||||||
google.golang.org/protobuf v1.36.5 // indirect
|
google.golang.org/protobuf v1.36.5 // indirect
|
||||||
)
|
)
|
||||||
|
|||||||
27
go.sum
27
go.sum
@@ -1,13 +1,26 @@
|
|||||||
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
|
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
|
||||||
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
|
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
|
||||||
|
github.com/bsm/ginkgo/v2 v2.12.0 h1:Ny8MWAHyOepLGlLKYmXG4IEkioBysk6GpaRTLC8zwWs=
|
||||||
|
github.com/bsm/ginkgo/v2 v2.12.0/go.mod h1:SwYbGRRDovPVboqFv0tPTcG1sN61LM1Z4ARdbAV9g4c=
|
||||||
|
github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA=
|
||||||
|
github.com/bsm/gomega v1.27.10/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0=
|
||||||
github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
|
github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
|
||||||
github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
|
github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
|
||||||
|
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
|
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||||
|
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||||
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
|
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
|
||||||
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
|
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
|
||||||
github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k=
|
github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
|
||||||
github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
|
github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
|
||||||
|
github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo=
|
||||||
|
github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ=
|
||||||
|
github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
|
||||||
|
github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
|
||||||
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
|
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
|
||||||
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
|
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
|
||||||
|
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||||
|
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||||
github.com/prometheus/client_golang v1.22.0 h1:rb93p9lokFEsctTys46VnV1kLCDpVZ0a/Y92Vm0Zc6Q=
|
github.com/prometheus/client_golang v1.22.0 h1:rb93p9lokFEsctTys46VnV1kLCDpVZ0a/Y92Vm0Zc6Q=
|
||||||
github.com/prometheus/client_golang v1.22.0/go.mod h1:R7ljNsLXhuQXYZYtw6GAE9AZg8Y7vEW5scdCXrWRXC0=
|
github.com/prometheus/client_golang v1.22.0/go.mod h1:R7ljNsLXhuQXYZYtw6GAE9AZg8Y7vEW5scdCXrWRXC0=
|
||||||
github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E=
|
github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E=
|
||||||
@@ -18,7 +31,17 @@ github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0leargg
|
|||||||
github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
|
github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
|
||||||
github.com/redis/go-redis/v9 v9.10.0 h1:FxwK3eV8p/CQa0Ch276C7u2d0eNC9kCmAYQ7mCXCzVs=
|
github.com/redis/go-redis/v9 v9.10.0 h1:FxwK3eV8p/CQa0Ch276C7u2d0eNC9kCmAYQ7mCXCzVs=
|
||||||
github.com/redis/go-redis/v9 v9.10.0/go.mod h1:huWgSWd8mW6+m0VPhJjSSQ+d6Nh1VICQ6Q5lHuCH/Iw=
|
github.com/redis/go-redis/v9 v9.10.0/go.mod h1:huWgSWd8mW6+m0VPhJjSSQ+d6Nh1VICQ6Q5lHuCH/Iw=
|
||||||
|
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||||
|
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
|
||||||
|
github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
|
||||||
|
github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
|
||||||
|
github.com/yl2chen/cidranger v1.0.2 h1:lbOWZVCG1tCRX4u24kuM1Tb4nHqWkDxwLdoS+SevawU=
|
||||||
|
github.com/yl2chen/cidranger v1.0.2/go.mod h1:9U1yz7WPYDwf0vpNWFaeRh0bjwz5RVgRy/9UEQfHl0g=
|
||||||
golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
|
golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
|
||||||
golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
|
||||||
google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM=
|
google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM=
|
||||||
google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
|
google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
|
||||||
|
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||||
|
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
|
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||||
|
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||||
|
|||||||
62
main.go
62
main.go
@@ -23,9 +23,6 @@ import (
|
|||||||
|
|
||||||
// Redis + Context
|
// Redis + Context
|
||||||
var ctx = context.Background()
|
var ctx = context.Background()
|
||||||
var rdb = redis.NewClient(&redis.Options{
|
|
||||||
Addr: "redis:6379",
|
|
||||||
})
|
|
||||||
|
|
||||||
// ──────────────────────────────────────────────────────────────────────────────
|
// ──────────────────────────────────────────────────────────────────────────────
|
||||||
// Helpers
|
// Helpers
|
||||||
@@ -69,7 +66,7 @@ type prefixCacheEntry struct {
|
|||||||
|
|
||||||
var (
|
var (
|
||||||
prefixCache = map[string]prefixCacheEntry{}
|
prefixCache = map[string]prefixCacheEntry{}
|
||||||
prefixCacheMu sync.Mutex
|
prefixCacheMu sync.RWMutex
|
||||||
)
|
)
|
||||||
|
|
||||||
// Prometheus Metriken
|
// Prometheus Metriken
|
||||||
@@ -129,6 +126,12 @@ func main() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func updateBlocklistMetrics() {
|
func updateBlocklistMetrics() {
|
||||||
|
var rdb = redis.NewClient(&redis.Options{
|
||||||
|
Addr: os.Getenv("REDIS_ADDR"),
|
||||||
|
DB: 0,
|
||||||
|
Username: os.Getenv("REDIS_USER"),
|
||||||
|
Password: os.Getenv("REDIS_PASS"),
|
||||||
|
})
|
||||||
for cat := range blocklistURLs {
|
for cat := range blocklistURLs {
|
||||||
key := "bl:" + cat
|
key := "bl:" + cat
|
||||||
count, err := rdb.HLen(ctx, key).Result()
|
count, err := rdb.HLen(ctx, key).Result()
|
||||||
@@ -179,7 +182,7 @@ func fetchAndSave(client *http.Client, t target, outDir string) error {
|
|||||||
// Import-Logik
|
// Import-Logik
|
||||||
func importBlocklists() error {
|
func importBlocklists() error {
|
||||||
client := &http.Client{Timeout: 60 * time.Second}
|
client := &http.Client{Timeout: 60 * time.Second}
|
||||||
t := target{Name: "Catalog", URL: "http://importer:8080/lists.json"}
|
t := target{Name: "Catalog", URL: os.Getenv("FLOD_IMPORT_URL") + "/lists.json"}
|
||||||
if err := os.MkdirAll("./lists/", 0o755); err != nil {
|
if err := os.MkdirAll("./lists/", 0o755); err != nil {
|
||||||
fmt.Println("creating output dir", err)
|
fmt.Println("creating output dir", err)
|
||||||
}
|
}
|
||||||
@@ -218,6 +221,12 @@ func importBlocklists() error {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func importCategory(cat, url string) error {
|
func importCategory(cat, url string) error {
|
||||||
|
var rdb = redis.NewClient(&redis.Options{
|
||||||
|
Addr: os.Getenv("REDIS_ADDR"),
|
||||||
|
DB: 0,
|
||||||
|
Username: os.Getenv("REDIS_USER"),
|
||||||
|
Password: os.Getenv("REDIS_PASS"),
|
||||||
|
})
|
||||||
fmt.Printf("⬇️ Lade %s (%s)\n", cat, url)
|
fmt.Printf("⬇️ Lade %s (%s)\n", cat, url)
|
||||||
resp, err := http.Get(url)
|
resp, err := http.Get(url)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
@@ -287,6 +296,12 @@ func normalizePrefix(s string) (string, bool) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func handleWhitelist(w http.ResponseWriter, r *http.Request) {
|
func handleWhitelist(w http.ResponseWriter, r *http.Request) {
|
||||||
|
var rdb = redis.NewClient(&redis.Options{
|
||||||
|
Addr: os.Getenv("REDIS_ADDR"),
|
||||||
|
DB: 0,
|
||||||
|
Username: os.Getenv("REDIS_USER"),
|
||||||
|
Password: os.Getenv("REDIS_PASS"),
|
||||||
|
})
|
||||||
if r.Method != http.MethodPost {
|
if r.Method != http.MethodPost {
|
||||||
http.Error(w, "method not allowed", http.StatusMethodNotAllowed)
|
http.Error(w, "method not allowed", http.StatusMethodNotAllowed)
|
||||||
return
|
return
|
||||||
@@ -325,6 +340,12 @@ func handleWhitelist(w http.ResponseWriter, r *http.Request) {
|
|||||||
|
|
||||||
// Check-Handler
|
// Check-Handler
|
||||||
func handleCheck(w http.ResponseWriter, r *http.Request) {
|
func handleCheck(w http.ResponseWriter, r *http.Request) {
|
||||||
|
var rdb = redis.NewClient(&redis.Options{
|
||||||
|
Addr: os.Getenv("REDIS_ADDR"),
|
||||||
|
DB: 0,
|
||||||
|
Username: os.Getenv("REDIS_USER"),
|
||||||
|
Password: os.Getenv("REDIS_PASS"),
|
||||||
|
})
|
||||||
checkRequests.Inc()
|
checkRequests.Inc()
|
||||||
ipStr := strings.TrimPrefix(r.URL.Path, "/check/")
|
ipStr := strings.TrimPrefix(r.URL.Path, "/check/")
|
||||||
ip, err := netip.ParseAddr(ipStr)
|
ip, err := netip.ParseAddr(ipStr)
|
||||||
@@ -334,7 +355,7 @@ func handleCheck(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
var cats []string
|
var cats []string
|
||||||
for a, _ := range blocklistURLs {
|
for a := range blocklistURLs {
|
||||||
cats = append(cats, a)
|
cats = append(cats, a)
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -361,6 +382,12 @@ func handleCheck(w http.ResponseWriter, r *http.Request) {
|
|||||||
|
|
||||||
// Check-Handler
|
// Check-Handler
|
||||||
func handleTraefik(w http.ResponseWriter, r *http.Request) {
|
func handleTraefik(w http.ResponseWriter, r *http.Request) {
|
||||||
|
var rdb = redis.NewClient(&redis.Options{
|
||||||
|
Addr: os.Getenv("REDIS_ADDR"),
|
||||||
|
DB: 0,
|
||||||
|
Username: os.Getenv("REDIS_USER"),
|
||||||
|
Password: os.Getenv("REDIS_PASS"),
|
||||||
|
})
|
||||||
checkRequests.Inc()
|
checkRequests.Inc()
|
||||||
ipStr := r.Header.Get("X-Forwarded-For")
|
ipStr := r.Header.Get("X-Forwarded-For")
|
||||||
if ipStr == "" {
|
if ipStr == "" {
|
||||||
@@ -373,7 +400,7 @@ func handleTraefik(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
var cats []string
|
var cats []string
|
||||||
for a, _ := range blocklistURLs {
|
for a := range blocklistURLs {
|
||||||
cats = append(cats, a)
|
cats = append(cats, a)
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -400,6 +427,12 @@ func handleTraefik(w http.ResponseWriter, r *http.Request) {
|
|||||||
|
|
||||||
// Check-Logik
|
// Check-Logik
|
||||||
func checkIP(ip netip.Addr, cats []string) ([]string, error) {
|
func checkIP(ip netip.Addr, cats []string) ([]string, error) {
|
||||||
|
var rdb = redis.NewClient(&redis.Options{
|
||||||
|
Addr: os.Getenv("REDIS_ADDR"),
|
||||||
|
DB: 0,
|
||||||
|
Username: os.Getenv("REDIS_USER"),
|
||||||
|
Password: os.Getenv("REDIS_PASS"),
|
||||||
|
})
|
||||||
wl, err := rdb.Exists(ctx, "wl:"+ip.String()).Result()
|
wl, err := rdb.Exists(ctx, "wl:"+ip.String()).Result()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
@@ -425,6 +458,12 @@ func checkIP(ip netip.Addr, cats []string) ([]string, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func loadCategoryPrefixes(cat string) ([]netip.Prefix, error) {
|
func loadCategoryPrefixes(cat string) ([]netip.Prefix, error) {
|
||||||
|
var rdb = redis.NewClient(&redis.Options{
|
||||||
|
Addr: os.Getenv("REDIS_ADDR"),
|
||||||
|
DB: 0,
|
||||||
|
Username: os.Getenv("REDIS_USER"),
|
||||||
|
Password: os.Getenv("REDIS_PASS"),
|
||||||
|
})
|
||||||
prefixCacheMu.Lock()
|
prefixCacheMu.Lock()
|
||||||
defer prefixCacheMu.Unlock()
|
defer prefixCacheMu.Unlock()
|
||||||
entry, ok := prefixCache[cat]
|
entry, ok := prefixCache[cat]
|
||||||
@@ -447,7 +486,8 @@ func loadCategoryPrefixes(cat string) ([]netip.Prefix, error) {
|
|||||||
}
|
}
|
||||||
prefixCache[cat] = prefixCacheEntry{
|
prefixCache[cat] = prefixCacheEntry{
|
||||||
prefixes: prefixes,
|
prefixes: prefixes,
|
||||||
expireAt: time.Now().Add(1 * time.Second),
|
expireAt: time.Now().Add(10 * time.Minute),
|
||||||
|
//Hier geändert von 1 * time.Second
|
||||||
}
|
}
|
||||||
return prefixes, nil
|
return prefixes, nil
|
||||||
}
|
}
|
||||||
@@ -459,6 +499,12 @@ func writeJSON(w http.ResponseWriter, v any) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func handleDownload(w http.ResponseWriter, r *http.Request) {
|
func handleDownload(w http.ResponseWriter, r *http.Request) {
|
||||||
|
var rdb = redis.NewClient(&redis.Options{
|
||||||
|
Addr: os.Getenv("REDIS_ADDR"),
|
||||||
|
DB: 0,
|
||||||
|
Username: os.Getenv("REDIS_USER"),
|
||||||
|
Password: os.Getenv("REDIS_PASS"),
|
||||||
|
})
|
||||||
cat := strings.TrimPrefix(r.URL.Path, "/download/")
|
cat := strings.TrimPrefix(r.URL.Path, "/download/")
|
||||||
if cat == "" {
|
if cat == "" {
|
||||||
http.Error(w, "category missing", http.StatusBadRequest)
|
http.Error(w, "category missing", http.StatusBadRequest)
|
||||||
|
|||||||
Reference in New Issue
Block a user