Support for dynamic ip ranges from urls

- Adds ipranges command to fetch ip ranges from Cloudfront and Cloudflare - Write the ipranges file on docker start - Support disabling ipv4 as well as ipv6 now - Prevent disabling both
2025-06-18 18:16:26 +00:00 · 2023-05-12 09:40:45 +10:00
parent f43e41d7d0
commit ab772d645b
18 changed files with 265 additions and 60 deletions
--- a/backend/internal/config/config.go
+++ b/backend/internal/config/config.go
@ -29,6 +29,16 @@ func Init(version, commit, sentryDSN *string) {
 	loadKeys()
 }

+// InitIPRanges will initialise the config for the ipranges command
+func InitIPRanges(version, commit, sentryDSN *string) error {
+	ErrorReporting = true
+	Version = *version
+	Commit = *commit
+	err := envconfig.InitWithPrefix(&Configuration, "NPM")
+	initLogger(*sentryDSN)
+	return err
+}
+
 // Init initialises the Log object and return it
 func initLogger(sentryDSN string) {
 	// this removes timestamp prefixes from logs
--- a/backend/internal/config/vars.go
+++ b/backend/internal/config/vars.go
@ -38,9 +38,11 @@ type acmesh struct {

 // Configuration is the main configuration object
 var Configuration struct {
-	DataFolder string `json:"data_folder" envconfig:"optional,default=/data"`
-	Acmesh     acmesh `json:"acmesh"`
-	Log        log    `json:"log"`
+	DataFolder  string `json:"data_folder" envconfig:"optional,default=/data"`
+	DisableIPV4 bool   `json:"disable_ipv4" envconfig:"optional"`
+	DisableIPV6 bool   `json:"disable_ipv6" envconfig:"optional"`
+	Acmesh      acmesh `json:"acmesh"`
+	Log         log    `json:"log"`
 }

 // GetWellknown returns the well known path
--- a/backend/internal/model/cloudfrontranges.go
+++ b/backend/internal/model/cloudfrontranges.go
@ -0,0 +1,17 @@
+package model
+
+// CloudfrontIPRangePrefix is used within config for cloudfront
+type CloudfrontIPRangeV4Prefix struct {
+	Value string `json:"ip_prefix"`
+}
+
+// CloudfrontIPRangeV6Prefix is used within config for cloudfront
+type CloudfrontIPRangeV6Prefix struct {
+	Value string `json:"ipv6_prefix"`
+}
+
+// CloudfrontIPRanges is the main config for cloudfront
+type CloudfrontIPRanges struct {
+	IPV4Prefixes []CloudfrontIPRangeV4Prefix `json:"prefixes"`
+	IPV6Prefixes []CloudfrontIPRangeV6Prefix `json:"ipv6_prefixes"`
+}
--- a/backend/internal/nginx/control.go
+++ b/backend/internal/nginx/control.go
@ -39,8 +39,8 @@ func ConfigureHost(h host.Model) error {
 		Certificate: certificateTemplate,
 		ConfDir:     fmt.Sprintf("%s/nginx/hosts", config.Configuration.DataFolder),
 		Config: Config{ // todo
-			Ipv4: true,
-			Ipv6: false,
+			Ipv4: !config.Configuration.DisableIPV4,
+			Ipv6: !config.Configuration.DisableIPV6,
 		},
 		DataDir:  config.Configuration.DataFolder,
 		Host:     h.GetTemplate(),