82 lines
2.1 KiB
YAML
82 lines
2.1 KiB
YAML
name: update geoip-db
|
|
|
|
on:
|
|
schedule:
|
|
- cron: '0 0 * * *'
|
|
workflow_dispatch:
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
concurrency:
|
|
group: update-geoip-db
|
|
cancel-in-progress: false
|
|
|
|
jobs:
|
|
refresh-db:
|
|
runs-on: blacksmith-2vcpu-ubuntu-2404
|
|
timeout-minutes: 10
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v6
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Set up SSH agent
|
|
uses: webfactory/ssh-agent@v0.9.1
|
|
with:
|
|
ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY_SERVER }}
|
|
|
|
- name: Add server to known hosts
|
|
run: |
|
|
set -euo pipefail
|
|
mkdir -p ~/.ssh
|
|
ssh-keyscan -H ${{ secrets.SERVER_IP }} >> ~/.ssh/known_hosts
|
|
|
|
- name: Refresh MMDB on server & roll restart
|
|
env:
|
|
SERVER: ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_IP }}
|
|
IPINFO_TOKEN: ${{ secrets.IPINFO_TOKEN }}
|
|
run: |
|
|
set -euo pipefail
|
|
|
|
ssh "${SERVER}" bash << EOSSH
|
|
set -euo pipefail
|
|
|
|
if ! command -v curl >/dev/null 2>&1; then
|
|
sudo apt-get update -y
|
|
sudo apt-get install -y curl
|
|
fi
|
|
|
|
if ! command -v go >/dev/null 2>&1; then
|
|
sudo apt-get update -y
|
|
sudo apt-get install -y golang-go
|
|
fi
|
|
|
|
export PATH="\$PATH:\$(go env GOPATH)/bin"
|
|
if ! command -v mmdbverify >/dev/null 2>&1; then
|
|
GOBIN="\$(go env GOPATH)/bin" go install github.com/maxmind/mmdbverify@latest
|
|
fi
|
|
|
|
TMPDIR="\$(mktemp -d)"
|
|
trap 'rm -rf "\$TMPDIR"' EXIT
|
|
|
|
DEST_DIR="/etc/fluxer"
|
|
DEST_DB="\${DEST_DIR}/ipinfo_lite.mmdb"
|
|
|
|
mkdir -p "\$DEST_DIR"
|
|
|
|
curl -fsSL -o "\$TMPDIR/ipinfo_lite.mmdb" \
|
|
"https://ipinfo.io/data/ipinfo_lite.mmdb?token=${IPINFO_TOKEN}"
|
|
|
|
[ -s "\$TMPDIR/ipinfo_lite.mmdb" ]
|
|
|
|
mmdbverify -file "\$TMPDIR/ipinfo_lite.mmdb"
|
|
|
|
install -m 0644 "\$TMPDIR/ipinfo_lite.mmdb" "\$DEST_DB.tmp"
|
|
mv -f "\$DEST_DB.tmp" "\$DEST_DB"
|
|
|
|
docker service update --force fluxer-geoip_app
|
|
EOSSH
|