Compare commits
9 Commits
master
...
blacklist_
| Author | SHA1 | Date | |
|---|---|---|---|
| cbb57b8493 | |||
| 42cd55258c | |||
| 4c433bfde8 | |||
| 59c2b26213 | |||
| 0b8994be5d | |||
| 9be3fb9f85 | |||
| e821c4d26a | |||
| 178fe9fcf4 | |||
| f258895234 |
48
roles/deploy-web/files/backup_canalblog.sh
Executable file
48
roles/deploy-web/files/backup_canalblog.sh
Executable file
@ -0,0 +1,48 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
TAR=/usr/bin/tar
|
||||||
|
PYTHON=/usr/bin/python3
|
||||||
|
GZIP=/usr/bin/gzip
|
||||||
|
SCRIPTDIR=/home/valentin/script
|
||||||
|
WEBSCRAP=${SCRIPTDIR}/web_scrap.py
|
||||||
|
URL=www.clarissariviere.com
|
||||||
|
DATE=$(date +%Y%m%d)
|
||||||
|
DIRECTORY=/home/valentin/backup
|
||||||
|
BACKUPDIR=/home/valentin/backup_clarissa
|
||||||
|
LIST=${BACKUPDIR}/backup.list
|
||||||
|
fileBackup="backup-clarissa-${DATE}"
|
||||||
|
LOGFILE=web_scrap.txt
|
||||||
|
SENDER="valczebackup@gmail.com"
|
||||||
|
if [ $(date +%u) -eq 1 ]; then
|
||||||
|
echo > ${LIST}
|
||||||
|
rm -rf "${BACKUPDIR}/*-incr.tar.gz"
|
||||||
|
fileBackup="${fileBackup}-full"
|
||||||
|
subject="Sauvegarde full"
|
||||||
|
else
|
||||||
|
fileBackup="${fileBackup}-incr"
|
||||||
|
subject="Sauvegarde incremental"
|
||||||
|
fi
|
||||||
|
subject="${subject} ${URL} ${DATE}"
|
||||||
|
echo > ${BACKUPDIR}/${LOGFILE}
|
||||||
|
${PYTHON} ${WEBSCRAP} --url ${URL} --dir ${DIRECTORY} --logfile ${BACKUPDIR}/${LOGFILE} --quiet
|
||||||
|
if [ ${?} -ne 0 ]; then
|
||||||
|
subject="FAIL : ${subject} : recuperation page"
|
||||||
|
echo ${subject} | mail -s "${subject}" -A ${BACKUPDIR}/${LOGFILE} ${SENDER}
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
${TAR} --create --file="${BACKUPDIR}/${fileBackup}.tar" --listed-incremental=${LIST} ${DIRECTORY}
|
||||||
|
if [ ${?} -ne 0 ]; then
|
||||||
|
subject="FAIL : ${subject} : archivage page "
|
||||||
|
echo ${subject} | mail -s "${subject}" -A ${BACKUPDIR}/${LOGFILE} ${SENDER}
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
${GZIP} -f -9 "${BACKUPDIR}/${fileBackup}.tar"
|
||||||
|
if [ ${?} -ne 0 ]; then
|
||||||
|
subject="FAIL : ${subject} : compression archive "
|
||||||
|
echo ${subject} | mail -s "${subject}" -A ${BACKUPDIR}/${LOGFILE} ${SENDER}
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
subject="OK : ${subject}"
|
||||||
|
echo ${subject}| mail -s "${subject}" -A ${BACKUPDIR}/${LOGFILE} ${SENDER}
|
||||||
|
find ${BACKUPDIR} -name "*.tar.gz" -type f -ctime +90 -exec rm {} \;
|
||||||
|
exit 0
|
||||||
@ -47,9 +47,14 @@ do
|
|||||||
echo ${j} >> ${BLACKLIST}
|
echo ${j} >> ${BLACKLIST}
|
||||||
/usr/sbin/iptables -A BLACKLIST -s ${j} -j DROP
|
/usr/sbin/iptables -A BLACKLIST -s ${j} -j DROP
|
||||||
done
|
done
|
||||||
for j in ${list_sender}
|
for j in ${list_sender[@]}
|
||||||
do
|
do
|
||||||
scp -i /home/valentin/.ssh-blacklist/id_rsa -P ${SSH} ${BLACKLIST} blacklist_user@${j}:/tmp/blacklist_${IP}
|
echo "Blacklist envoye a ${j}" >> ${MAIL}
|
||||||
|
echo "scp -i /home/valentin/.ssh-blacklist/id_rsa -P ${SSH} ${BLACKLIST} blacklist_user@${j}:/tmp/blacklist_${IP}" >> ${MAIL}
|
||||||
|
scp -i /home/valentin/.ssh-blacklist/id_rsa -P ${SSH} ${BLACKLIST} blacklist_user@${j}:/tmp/blacklist_${IP}i
|
||||||
|
if [ ${?} -ne 0 ]; then
|
||||||
|
echo "Error SCP for ${j}" >> ${MAIL}
|
||||||
|
fi
|
||||||
done
|
done
|
||||||
echo "IP dejà blacklisté : " >> ${MAIL}
|
echo "IP dejà blacklisté : " >> ${MAIL}
|
||||||
cat ${BLACKLIST} >> ${MAIL}
|
cat ${BLACKLIST} >> ${MAIL}
|
||||||
|
|||||||
@ -1,21 +1,30 @@
|
|||||||
server {
|
server {
|
||||||
if ($host = clarissariviere.fr) {
|
if ($host = clarissariviere.fr) {
|
||||||
return 301 https://"www.clarissariviere.fr"$request_uri;
|
return 301 "https://www.clarissariviere.com$request_uri";
|
||||||
|
} # managed by Certbot
|
||||||
|
if ($host = www.clarissariviere.fr) {
|
||||||
|
return 301 "https://www.clarissariviere.com$request_uri";
|
||||||
} # managed by Certbot
|
} # managed by Certbot
|
||||||
|
|
||||||
|
|
||||||
if ($host = clarissariviere.com) {
|
if ($host = clarissariviere.com) {
|
||||||
return 301 https://"www.clarissariviere.com"$request_uri;
|
return 301 "https://www.clarissariviere.com$request_uri";
|
||||||
} # managed by Certbot
|
} # managed by Certbot
|
||||||
|
|
||||||
|
|
||||||
access_log /var/log/nginx/clarissa_access.log main;
|
access_log /var/log/nginx/clarissa_access.log main;
|
||||||
error_log /var/log/nginx/clarissa_error.log;
|
error_log /var/log/nginx/clarissa_error.log;
|
||||||
#gzip_static off;
|
#gzip_static off;
|
||||||
server_name clarissariviere.com clarissariviere.fr www.clarissariviere.fr www.clarissariviere.com;
|
server_name clarissariviere.com clarissariviere.fr www.clarissariviere.fr www.clarissariviere.com;
|
||||||
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
|
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
|
||||||
add_header Link "<https://www.clarissariviere.com;> rel=\"canonical\", <https://www.clarissariviere.fr;> rel=\"alternate\" hreflang=\"fr\"";
|
#add_header Link "<https://www.clarissariviere.com$request_uri;> rel=\"canonical\", <https://www.clarissariviere.fr$request_uri;> rel=\"alternate\" hreflang=\"fr\"";
|
||||||
proxy_cache STATIC;
|
proxy_cache STATIC;
|
||||||
|
set $header "<https://$host$request_uri;> rel=\"canonical\"";
|
||||||
|
if ($request_uri ~ "/tag/") {
|
||||||
|
set $header "<https://$host;> rel=\"canonical\"";
|
||||||
|
set $link "";
|
||||||
|
|
||||||
|
}
|
||||||
|
add_header Link $header;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
# First attempt to serve request as file, then
|
# First attempt to serve request as file, then
|
||||||
# as directory, then fall back to displaying a 404.
|
# as directory, then fall back to displaying a 404.
|
||||||
@ -36,9 +45,9 @@ server {
|
|||||||
#proxy_set_header X-Real-IP $remote_addr;
|
#proxy_set_header X-Real-IP $remote_addr;
|
||||||
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
#proxy_set_header X-Forwarded-Proto $scheme;
|
#proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
sub_filter 'gouters.canalblog.com' "$host";
|
sub_filter 'http://gouters.canalblog.com' "https://$host";
|
||||||
sub_filter '<meta name="generator" content="CanalBlog - https://www.canalblog.com" />' '';
|
sub_filter '<meta name="generator" content="CanalBlog - https://www.canalblog.com" />' '';
|
||||||
#sub_filter '</head>' '<script async src="https://www.googletagmanager.com/gtag/js?id=G-MV336S1G9W"></script><script>window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} gtag("js", new Date()); gtag("config", "G-MV336S1G9W");</script></head>';
|
sub_filter '<meta name="Keywords" content="' '<meta name="Keywords" content="clarissa, riviere, ';
|
||||||
sub_filter_types text/html text/xml text/plain text/css;
|
sub_filter_types text/html text/xml text/plain text/css;
|
||||||
sub_filter_once off;
|
sub_filter_once off;
|
||||||
|
|
||||||
|
|||||||
@ -15,6 +15,11 @@
|
|||||||
src: virtualhost.j2
|
src: virtualhost.j2
|
||||||
dest: /etc/sentinel/virtualhost
|
dest: /etc/sentinel/virtualhost
|
||||||
mode: "0444"
|
mode: "0444"
|
||||||
|
with_items:
|
||||||
|
- virtualhost
|
||||||
|
- ip
|
||||||
|
- ssh_port
|
||||||
|
- exclude
|
||||||
vars:
|
vars:
|
||||||
ansible_become: yes
|
ansible_become: yes
|
||||||
ansible_become_method: sudo
|
ansible_become_method: sudo
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user