forked from xenfovn/fivem-ddos-protector
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathupdate-nginx-conf.js
executable file
·65 lines (57 loc) · 2.84 KB
/
update-nginx-conf.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
#!/usr/bin/env node
// sudo certbot --agree-tos --nginx -n -m [email protected] --domains s1.fivemshield.xyz
let config = require("./config")
let fs = require("fs")
let path = require("path");
let Handlebars = require("handlebars");
const exec = require('sync-exec');
(async () => {
updateNginx();
updateIptables();
console.log("Reloading Nginx")
exec(`service nginx reload`);
})()
function updateIptables() {
console.log("Reseting Iptables Rules.")
// exec("sudo iptables -F");
// exec("sudo iptables -X");
for (let server of config.servers) {
// for (let i = 0; i <= 5; i++) {
// exec(`sudo iptables -D INPUT -p tcp --dport ${server.fivemPort} -m connlimit --connlimit-above 5 -j REJECT`);
// exec(`sudo iptables -D INPUT -p tcp --dport ${server.fivemPort} -m connlimit --connlimit-above 5 -j REJECT`);
// }
// exec(`sudo iptables -A INPUT -p tcp --dport ${server.fivemPort} -m connlimit --connlimit-above 5 -j REJECT`);
// exec(`sudo iptables -A INPUT -p tcp --dport ${server.fivemPort} -m connlimit --connlimit-above 5 -j REJECT`);
console.log("Writing Iptables Rules for " + server.domain)
for (let i = 0; i <= 5; i++) {
exec(`iptables -D INPUT -p tcp --dport ${server.fivemPort} -j DROP`);
exec(`iptables -D INPUT -p udp --dport ${server.fivemPort} -j DROP`);
for (let ip of config.defaultWhitelistIps) {
exec(`iptables -D INPUT -p tcp --dport ${server.fivemPort} -s ${ip} -j ACCEPT`);
exec(`iptables -D INPUT -p udp --dport ${server.fivemPort} -s ${ip} -j ACCEPT`);
}
}
for (let ip of config.defaultWhitelistIps) {
exec(`iptables -A INPUT -p tcp --dport ${server.fivemPort} -s ${ip} -j ACCEPT`);
exec(`iptables -A INPUT -p udp --dport ${server.fivemPort} -s ${ip} -j ACCEPT`);
}
exec(`iptables -A INPUT -p tcp --dport ${server.fivemPort} -j DROP`);
exec(`iptables -A INPUT -p udp --dport ${server.fivemPort} -j DROP`);
}
}
function updateNginx() {
console.log("Removing Old NGINX Rules")
exec("rm -rf /etc/nginx/sites-enabled/*")
exec("rm -rf /etc/nginx/streams-enabled/*")
let stream = fs.readFileSync("./nginx-templates/stream.hbs");
let streamCompile = Handlebars.compile(stream.toString());
let domain = fs.readFileSync("./nginx-templates/domain.hbs");
let domainCompile = Handlebars.compile(domain.toString());
for (let server of config.servers) {
// let compiled = Handlebars.precompile(template);
// console.log(compiled);
console.log("Writing Nginx Conf for " + server.domain)
fs.writeFileSync(`/etc/nginx/streams-enabled/${server.id}.conf`, streamCompile(server))
fs.writeFileSync(`/etc/nginx/sites-enabled/${server.id}.conf`, domainCompile(server))
}
}