Skip to content

Commit

Permalink
add stackpath cdn
Browse files Browse the repository at this point in the history
  • Loading branch information
noogen committed Sep 19, 2022
1 parent cbfd69b commit 1e7d119
Show file tree
Hide file tree
Showing 8 changed files with 243 additions and 12 deletions.
1 change: 1 addition & 0 deletions files/etc/nginx/cdn-ips.conf
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,5 @@ set_real_ip_from ::/0;
set_real_ip_from 127.0.0.1/32;
set_real_ip_from 172.16.0.0/12;

real_ip_header X-Real-IP;
real_ip_header X-Forwarded-For;
4 changes: 1 addition & 3 deletions files/etc/nginx/cdn/cdn-arvancloud.conf
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,4 @@ set_real_ip_from 2.144.3.128/28;
set_real_ip_from 89.45.48.64/28;
set_real_ip_from 37.32.16.0/27;
set_real_ip_from 37.32.17.0/27;
set_real_ip_from 37.32.18.0/27;

real_ip_header X-Real-IP;
set_real_ip_from 37.32.18.0/27;
3 changes: 0 additions & 3 deletions files/etc/nginx/cdn/cdn-arvancloud.py
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,5 @@
directive = f"set_real_ip_from {item};\n"
config += directive

bottom = "real_ip_header X-Real-IP;"
config += "\n" + bottom

with open("cdn-arvancloud.conf", "w")as f:
f.write(config)
4 changes: 1 addition & 3 deletions files/etc/nginx/cdn/cdn-bunny.conf
Original file line number Diff line number Diff line change
Expand Up @@ -434,6 +434,4 @@ set_real_ip_from 2a04:ff07:d9:1::1;
set_real_ip_from 2a04:ff07:d9:1b::1;
set_real_ip_from 2a01:4f8:c17:aec0::1;
set_real_ip_from 2a01:4f8:c17:fc7::1;
set_real_ip_from 2a01:4f8:c17:20b2::1;

real_ip_header X-Real-IP;
set_real_ip_from 2a01:4f8:c17:20b2::1;
3 changes: 0 additions & 3 deletions files/etc/nginx/cdn/cdn-bunny.py
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,5 @@
directive = f"set_real_ip_from {item};\n"
config += directive

bottom = "real_ip_header X-Real-IP;"
config += "\n" + bottom

with open("cdn-bunny.conf", "w")as f:
f.write(config)
1 change: 1 addition & 0 deletions files/etc/nginx/cdn/cdn-fastly.py
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@

config = "set_real_ip_from "
config += "\nset_real_ip_from ".join(json["addresses"])

bottom = "real_ip_header Fastly-Client-IP;"
config += "\n\n" + bottom

Expand Down
221 changes: 221 additions & 0 deletions files/etc/nginx/cdn/cdn-stackpath.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,221 @@
set_real_ip_from 2a0a:e200:1a00:1100::/56;
set_real_ip_from 2a0a:e200:1a00::/40;
set_real_ip_from 2a0a:e200:1b00:1100::/56;
set_real_ip_from 2a0a:e200:1c00::/40;
set_real_ip_from 2a0a:e200:1100:1100::/64;
set_real_ip_from 2a0a:e200:1100:1600::/56;
set_real_ip_from 2a0a:e200:1100::/40;
set_real_ip_from 2a0a:e200:1200:1100::/64;
set_real_ip_from 2a0a:e200:1200::/40;
set_real_ip_from 2a0a:e200:1300::/40;
set_real_ip_from 2a0a:e200:1400::/40;
set_real_ip_from 2a0a:e200:1500::/40;
set_real_ip_from 2a0a:e200:1600::/40;
set_real_ip_from 2a0a:e200:1700::/40;
set_real_ip_from 2a0a:e200:1900:1100::/40;
set_real_ip_from 2a0a:e200:1900:1100::/64;
set_real_ip_from 69.16.133.0/24;
set_real_ip_from 69.16.176.0/20;
set_real_ip_from 69.16.182.0/24;
set_real_ip_from 69.16.184.0/24;
set_real_ip_from 69.16.188.0/24;
set_real_ip_from 69.197.8.0/24;
set_real_ip_from 69.197.9.0/24;
set_real_ip_from 69.197.10.0/24;
set_real_ip_from 69.197.11.0/24;
set_real_ip_from 69.197.12.0/24;
set_real_ip_from 69.197.33.0/24;
set_real_ip_from 69.197.37.0/24;
set_real_ip_from 69.197.39.0/24;
set_real_ip_from 69.197.41.0/24;
set_real_ip_from 74.209.134.0/24;
set_real_ip_from 74.209.134.128/25;
set_real_ip_from 81.171.60.0/24;
set_real_ip_from 81.171.61.0/24;
set_real_ip_from 81.171.68.64/26;
set_real_ip_from 81.171.105.0/24;
set_real_ip_from 81.171.106.64/26;
set_real_ip_from 81.171.112.0/24;
set_real_ip_from 94.46.144.0/20;
set_real_ip_from 94.46.153.128/25;
set_real_ip_from 94.46.154.128/25;
set_real_ip_from 94.46.155.128/25;
set_real_ip_from 98.190.64.128/25;
set_real_ip_from 98.190.66.128/25;
set_real_ip_from 98.190.68.128/25;
set_real_ip_from 98.190.70.128/25;
set_real_ip_from 98.190.72.128/25;
set_real_ip_from 98.190.74.128/25;
set_real_ip_from 98.190.76.128/25;
set_real_ip_from 98.190.78.128/25;
set_real_ip_from 98.190.80.128/25;
set_real_ip_from 98.190.94.128/25;
set_real_ip_from 103.66.28.0/22;
set_real_ip_from 103.228.104.0/24;
set_real_ip_from 146.88.130.128/25;
set_real_ip_from 151.139.0.0/17;
set_real_ip_from 151.139.0.0/19;
set_real_ip_from 151.139.11.128/25;
set_real_ip_from 151.139.13.0/24;
set_real_ip_from 151.139.14.128/25;
set_real_ip_from 151.139.15.128/25;
set_real_ip_from 151.139.16.128/25;
set_real_ip_from 151.139.18.64/26;
set_real_ip_from 151.139.18.128/25;
set_real_ip_from 151.139.19.128/25;
set_real_ip_from 151.139.21.0/24;
set_real_ip_from 151.139.23.0/24;
set_real_ip_from 151.139.24.0/25;
set_real_ip_from 151.139.25.0/24;
set_real_ip_from 151.139.29.0/24;
set_real_ip_from 151.139.32.0/24;
set_real_ip_from 151.139.33.128/25;
set_real_ip_from 151.139.34.128/25;
set_real_ip_from 151.139.35.128/25;
set_real_ip_from 151.139.36.128/25;
set_real_ip_from 151.139.37.128/25;
set_real_ip_from 151.139.38.128/25;
set_real_ip_from 151.139.40.0/22;
set_real_ip_from 151.139.41.0/24;
set_real_ip_from 151.139.42.0/24;
set_real_ip_from 151.139.44.0/22;
set_real_ip_from 151.139.45.0/24;
set_real_ip_from 151.139.48.0/22;
set_real_ip_from 151.139.49.0/24;
set_real_ip_from 151.139.52.0/22;
set_real_ip_from 151.139.56.128/25;
set_real_ip_from 151.139.57.0/24;
set_real_ip_from 151.139.58.0/23;
set_real_ip_from 151.139.59.0/24;
set_real_ip_from 151.139.60.0/22;
set_real_ip_from 151.139.64.0/23;
set_real_ip_from 151.139.66.0/23;
set_real_ip_from 151.139.67.0/24;
set_real_ip_from 151.139.68.0/22;
set_real_ip_from 151.139.72.0/22;
set_real_ip_from 151.139.76.0/23;
set_real_ip_from 151.139.77.0/24;
set_real_ip_from 151.139.78.0/23;
set_real_ip_from 151.139.80.0/22;
set_real_ip_from 151.139.81.0/24;
set_real_ip_from 151.139.84.0/22;
set_real_ip_from 151.139.88.0/23;
set_real_ip_from 151.139.90.0/23;
set_real_ip_from 151.139.92.0/23;
set_real_ip_from 151.139.93.0/24;
set_real_ip_from 151.139.94.0/23;
set_real_ip_from 151.139.96.0/23;
set_real_ip_from 151.139.97.0/24;
set_real_ip_from 151.139.98.0/23;
set_real_ip_from 151.139.114.0/23;
set_real_ip_from 151.139.116.0/23;
set_real_ip_from 151.139.118.0/23;
set_real_ip_from 151.139.119.0/24;
set_real_ip_from 151.139.120.0/22;
set_real_ip_from 173.245.194.0/24;
set_real_ip_from 173.245.208.64/26;
set_real_ip_from 173.245.210.64/26;
set_real_ip_from 173.245.216.64/26;
set_real_ip_from 173.245.218.64/26;
set_real_ip_from 184.176.184.128/26;
set_real_ip_from 184.179.88.128/25;
set_real_ip_from 184.179.90.128/25;
set_real_ip_from 185.69.89.0/24;
set_real_ip_from 185.69.91.0/24;
set_real_ip_from 205.185.216.0/22;
set_real_ip_from 205.185.217.0/24;
set_real_ip_from 205.185.219.0/25;
set_real_ip_from 209.197.7.0/24;
set_real_ip_from 209.197.8.0/21;
set_real_ip_from 209.197.9.0/24;
set_real_ip_from 209.197.10.0/24;
set_real_ip_from 209.197.11.0/24;
set_real_ip_from 209.197.13.224/27;
set_real_ip_from 209.197.21.0/24;
set_real_ip_from 209.197.24.0/21;
set_real_ip_from 209.197.27.128/25;
set_real_ip_from 209.197.31.0/25;
set_real_ip_from 209.234.242.0/25;
set_real_ip_from 2001:4de0:0110::/64;
set_real_ip_from 2001:4de0:0210::/64;
set_real_ip_from 2001:4de0:0410::/64;
set_real_ip_from 2001:4de0:0510::/64;
set_real_ip_from 2001:4de0:0610::/64;
set_real_ip_from 2001:4de0:2010::/64;
set_real_ip_from 2001:4de0:2110::/64;
set_real_ip_from 2001:4de0:2210:1::/64;
set_real_ip_from 2001:4de0:2210::/64;
set_real_ip_from 2001:4de0:2310::/64;
set_real_ip_from 2001:4de0:3010::/64;
set_real_ip_from 2001:4de0:3110::/64;
set_real_ip_from 2001:4de0:4010::/64;
set_real_ip_from 2001:4de0:4110::/64;
set_real_ip_from 2001:4de0:4310::/64;
set_real_ip_from 2001:4de0:5010::/64;
set_real_ip_from 2001:4de0:7001:1::/64;
set_real_ip_from 2001:4de0:7002:1::/64;
set_real_ip_from 2001:4de0:7003:1::/64;
set_real_ip_from 2001:57a:50f:1100::/64;
set_real_ip_from 2001:57a:200:1100::/64;
set_real_ip_from 2001:57a:300:1100::/64;
set_real_ip_from 2001:57a:400:1100::/64;
set_real_ip_from 2001:57a:500:1100::/64;
set_real_ip_from 2001:57a:501:1100::/64;
set_real_ip_from 2001:57a:502:1100::/64;
set_real_ip_from 2001:57a:503:1100::/64;
set_real_ip_from 2001:57a:504:1100::/64;
set_real_ip_from 2001:57a:505:1100::/64;
set_real_ip_from 2001:57a:506:1100::/64;
set_real_ip_from 2001:57a:507:1100::/64;
set_real_ip_from 2001:57a:508:1100::/64;
set_real_ip_from 2001:1938:7001:1::/64;
set_real_ip_from 2001:1938:7002:1::/64;
set_real_ip_from 2001:1938:7003:1::/64;
set_real_ip_from 2001:1938:7004:1::/64;
set_real_ip_from 2001:1938:7005:1::/64;
set_real_ip_from 2001:1938:7006:1::/64;
set_real_ip_from 2001:1938:7007:1::/64;
set_real_ip_from 2001:1938:7008:1::/64;
set_real_ip_from 2407:1580:1100::/40;
set_real_ip_from 2407:1580:1200:1100::/64;
set_real_ip_from 2407:1580:1200::/40;
set_real_ip_from 2407:1580:1300::/40;
set_real_ip_from 2407:1580:1400:1100::/64;
set_real_ip_from 2407:1580:1400::/40;
set_real_ip_from 2407:1580:1500::/40;
set_real_ip_from 2407:1580:1600::/40;
set_real_ip_from 2407:1580:1700:1100::/64;
set_real_ip_from 2407:1580:1700::/40;
set_real_ip_from 2604:6840:1c00:1100::/64;
set_real_ip_from 2604:6840:1e00::/40;
set_real_ip_from 2604:6840:1100::/40;
set_real_ip_from 2604:6840:1200::/40;
set_real_ip_from 2604:6840:1300:1100::/64;
set_real_ip_from 2604:6840:1300::/40;
set_real_ip_from 2604:6840:1400:1100::/64;
set_real_ip_from 2604:6840:1400::/40;
set_real_ip_from 2604:6840:1500:1100::/64;
set_real_ip_from 2604:6840:1500::/40;
set_real_ip_from 2604:6840:1600::/40;
set_real_ip_from 2604:6840:1700::/40;
set_real_ip_from 2604:6840:1800:1100::/64;
set_real_ip_from 2604:6840:1800::/40;
set_real_ip_from 2604:6840:1900::/40;
set_real_ip_from 2604:6840:2000:1100::/64;
set_real_ip_from 2604:6840:2100:1100::/64;
set_real_ip_from 2604:6840:2200:1100::/64;
set_real_ip_from 2604:6840:2300:1100::/56;
set_real_ip_from 2604:6840:2300:1100::/64;
set_real_ip_from 2604:6840:f800::/40;
set_real_ip_from 2604:6840:f900::/40;
set_real_ip_from 2604:6840:fa00::/40;
set_real_ip_from 2604:6840:fb00::/40;
set_real_ip_from 2604:6840:fc00::/40;
set_real_ip_from 2606:ce80:6100:1::/64;
set_real_ip_from 2606:ce80:6200:1::/64;
set_real_ip_from 2606:ce80:6300:1::/64;
set_real_ip_from 2606:ce80:6400:1::/64;
set_real_ip_from 2606:ce80:6500:1::/64;
set_real_ip_from 2606:ce80:6600:1::/64;
set_real_ip_from 2606:ce80:6700:2::/64;
set_real_ip_from 2606:ce80:6900:1::/64;
18 changes: 18 additions & 0 deletions files/etc/nginx/cdn/cdn-stackpath.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
#!/usr/local/bin/python3
"""
Util to grab StackPath Inbound addresses
"""
#!/usr/local/bin/python3
# coding: utf-8

import requests

ips = requests.get("https://k3t9x2h3.map2.ssl.hwcdn.net/ipblocks.txt").text
config = ""

for item in ips.split():
directive = f"set_real_ip_from {item};\n"
config += directive

with open("cdn-stackpath.conf", "w")as f:
f.write(config)

0 comments on commit 1e7d119

Please sign in to comment.