From 52bd85f4bc6ecbf385190f9ca08a89f64f896614 Mon Sep 17 00:00:00 2001 From: Djeex Date: Sat, 31 May 2025 15:53:05 +0000 Subject: [PATCH 1/9] fixed readme --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index bccdba2..3bb0f92 100644 --- a/README.md +++ b/README.md @@ -2,6 +2,7 @@
JV Hardware +
🤖 **Adguard CIDRE Sync** - A bot to synchronize adguard clients disallow list with countries CIDR list of your choices. -- 2.47.2 From cb93a39cc61838923640294f09fc9a7da1a308d3 Mon Sep 17 00:00:00 2001 From: Djeex Date: Sat, 31 May 2025 15:57:06 +0000 Subject: [PATCH 2/9] fixed readme --- README.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 3bb0f92..412663f 100644 --- a/README.md +++ b/README.md @@ -5,17 +5,18 @@ -🤖 **Adguard CIDRE Sync** - A bot to synchronize adguard clients disallow list with countries CIDR list of your choices. +**Adguard CIDRE Sync** - A bot to synchronize adguard clients disallow list with countries CIDR list of your choices. *The code is partially generated by AI* -## 📌 Sommaire +## Sommaire - [Features](#features) -- [Install with Docker and our image](#install-with-docker) -- [Install with git and build (développeur)](#install-with-git-and-build) +- [Environment Variables](#environment-variables) +- [File Structure](#file-structure) +- [Installation and Usage](#nstallation-and-usage) -## ✨ Features +## Features - Automatically downloads IP CIDR blocks for specified countries to block. - Supports additional manually blocked IPs from a configurable file. @@ -44,8 +45,8 @@ 1. **Clone the repository:** ```bash - git clone https://github.com/your-username/adguard-blocklist-updater.git - cd adguard-blocklist-updater + git clone https://git.djeex.fr/Djeex/adguard-cidre + cd adguard-cidre ``` 2. **Modify docker-compose.yml** -- 2.47.2 From f81b07f528f34de0525ea718781714bda42a16e2 Mon Sep 17 00:00:00 2001 From: Djeex Date: Sat, 31 May 2025 16:12:44 +0000 Subject: [PATCH 3/9] added timezone and fixed default tcp proxy --- Dockerfile | 2 +- README.md | 3 ++- docker-compose.yml | 3 ++- entrypoint.sh | 5 +++++ update-blocklist.sh | 2 +- 5 files changed, 11 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index d84bb26..0e687fa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ FROM alpine:latest -RUN apk add --no-cache curl bash busybox-cron +RUN apk add --no-cache curl bash busybox-cron tzdata COPY update-blocklist.sh /usr/local/bin/update-blocklist.sh COPY entrypoint.sh /entrypoint.sh diff --git a/README.md b/README.md index 412663f..198e3c7 100644 --- a/README.md +++ b/README.md @@ -28,9 +28,10 @@ | Variable | Description | Default | | ------------------- | ---------------------------------------------------------- | --------------------------------- | +| `TZ` | Your Time Zone | (required) | | `BLOCK_COUNTRIES` | Comma-separated country codes to block (e.g., `CN,RU,IR`) | (required) | | `BLOCKLIST_CRON` | Cron expression for update frequency (e.g., `0 6 * * *`) | `0 6 * * *` (at 6:00 everydays) | -| `DOCKER_API_URL` | URL of Docker socket proxy to restart AdGuard container | `http://docker-socket-proxy:2375` | +| `DOCKER_API_URL` | URL of Docker socket proxy to restart AdGuard container | `tcp://socket-proxy-adguard:2375` | ## File Structure diff --git a/docker-compose.yml b/docker-compose.yml index 9eeab34..dde3cd0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,9 +3,10 @@ services: adguard-cidre: build: . environment: + - TZ=Europe/Paris # change to your timezone - BLOCK_COUNTRIES=CN,RU,IR # choose countries listed IP to block. Full lists here https://github.com/vulnebify/cidre/tree/main/output/cidr/ipv4 - BLOCKLIST_CRON=0 6 * * * # at 6:00 every days - - DOCKER_API_URL=http://socket-proxy-adguard:2375 + - DOCKER_API_URL=tcp://socket-proxy-adguard:2375 volumes: - /path/to/adguard/confdir:/adguard diff --git a/entrypoint.sh b/entrypoint.sh index 249a0ce..a9bdaf0 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -2,6 +2,11 @@ set -e +if [ -n "$TZ" ]; then + cp /usr/share/zoneinfo/$TZ /etc/localtime + echo "$TZ" > /etc/timezone +fi + CRON_EXPR="${BLOCKLIST_CRON:-"0 6 * * *"}" # default: every hour SCRIPT_PATH="/usr/local/bin/update-blocklist.sh" diff --git a/update-blocklist.sh b/update-blocklist.sh index 33a4ff8..0dc4c4b 100644 --- a/update-blocklist.sh +++ b/update-blocklist.sh @@ -7,7 +7,7 @@ TMP_YAML="/tmp/AdGuardHome.yaml" MANUAL_IPS_FILE="/adguard/manually_blocked_ips.conf" CIDR_BASE_URL="https://raw.githubusercontent.com/vulnebify/cidre/main/output/cidr/ipv4" COUNTRIES=${BLOCK_COUNTRIES:-""} -DOCKER_API_URL=${DOCKER_API_URL:-"http://docker-socket-proxy:2375"} +DOCKER_API_URL=${DOCKER_API_URL:-"tcp://socket-proxy-adguard:2375"} if [ -z "$COUNTRIES" ]; then echo "No countries specified in BLOCK_COUNTRIES." -- 2.47.2 From d01fbeb68a157d6338b2fa71d00d82a0cd380184 Mon Sep 17 00:00:00 2001 From: Djeex Date: Sat, 31 May 2025 16:20:51 +0000 Subject: [PATCH 4/9] Replaced busybox cron with dcron (alpine) --- Dockerfile | 2 +- entrypoint.sh | 12 ++++++++---- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0e687fa..912fa7b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ FROM alpine:latest -RUN apk add --no-cache curl bash busybox-cron tzdata +RUN apk add --no-cache curl bash dcron tzdata COPY update-blocklist.sh /usr/local/bin/update-blocklist.sh COPY entrypoint.sh /entrypoint.sh diff --git a/entrypoint.sh b/entrypoint.sh index a9bdaf0..1918d3a 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -3,11 +3,15 @@ set -e if [ -n "$TZ" ]; then - cp /usr/share/zoneinfo/$TZ /etc/localtime - echo "$TZ" > /etc/timezone + if [ -f "/usr/share/zoneinfo/$TZ" ]; then + cp "/usr/share/zoneinfo/$TZ" /etc/localtime + echo "$TZ" > /etc/timezone + else + echo "Warning: Timezone file /usr/share/zoneinfo/$TZ not found, skipping timezone setup." + fi fi -CRON_EXPR="${BLOCKLIST_CRON:-"0 6 * * *"}" # default: every hour +CRON_EXPR="${BLOCKLIST_CRON:-"0 6 * * *"}" # default: every day at 6:00 am SCRIPT_PATH="/usr/local/bin/update-blocklist.sh" echo "Installing cron job with expression: $CRON_EXPR" @@ -15,4 +19,4 @@ echo "Installing cron job with expression: $CRON_EXPR" echo "$CRON_EXPR root $SCRIPT_PATH" > /etc/crontabs/root echo "Starting cron..." -crond -f -L /dev/stdout +exec crond -f -L /dev/stdout -- 2.47.2 From 3d465082a56282d471f5e2f3fe19782f730705a9 Mon Sep 17 00:00:00 2001 From: Djeex Date: Sat, 31 May 2025 17:02:27 +0000 Subject: [PATCH 5/9] Fixed cron issues with cronie --- Dockerfile | 4 ++-- README.md | 2 +- docker-compose.yml | 2 +- entrypoint.sh | 14 +++----------- update-blocklist.sh | 2 +- 5 files changed, 8 insertions(+), 16 deletions(-) diff --git a/Dockerfile b/Dockerfile index 912fa7b..05db38b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,10 +1,10 @@ FROM alpine:latest -RUN apk add --no-cache curl bash dcron tzdata +RUN apk add --no-cache curl bash busybox tzdata COPY update-blocklist.sh /usr/local/bin/update-blocklist.sh COPY entrypoint.sh /entrypoint.sh RUN chmod +x /usr/local/bin/update-blocklist.sh /entrypoint.sh -ENTRYPOINT ["/entrypoint.sh"] +ENTRYPOINT ["/entrypoint.sh"] \ No newline at end of file diff --git a/README.md b/README.md index 198e3c7..6d2e943 100644 --- a/README.md +++ b/README.md @@ -31,7 +31,7 @@ | `TZ` | Your Time Zone | (required) | | `BLOCK_COUNTRIES` | Comma-separated country codes to block (e.g., `CN,RU,IR`) | (required) | | `BLOCKLIST_CRON` | Cron expression for update frequency (e.g., `0 6 * * *`) | `0 6 * * *` (at 6:00 everydays) | -| `DOCKER_API_URL` | URL of Docker socket proxy to restart AdGuard container | `tcp://socket-proxy-adguard:2375` | +| `DOCKER_API_URL` | URL of Docker socket proxy to restart AdGuard container | `http://socket-proxy-adguard:2375` | ## File Structure diff --git a/docker-compose.yml b/docker-compose.yml index dde3cd0..67643ac 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,7 +6,7 @@ services: - TZ=Europe/Paris # change to your timezone - BLOCK_COUNTRIES=CN,RU,IR # choose countries listed IP to block. Full lists here https://github.com/vulnebify/cidre/tree/main/output/cidr/ipv4 - BLOCKLIST_CRON=0 6 * * * # at 6:00 every days - - DOCKER_API_URL=tcp://socket-proxy-adguard:2375 + - DOCKER_API_URL=http://socket-proxy-adguard:2375 volumes: - /path/to/adguard/confdir:/adguard diff --git a/entrypoint.sh b/entrypoint.sh index 1918d3a..a4a93fa 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,22 +1,14 @@ #!/bin/sh - set -e if [ -n "$TZ" ]; then if [ -f "/usr/share/zoneinfo/$TZ" ]; then cp "/usr/share/zoneinfo/$TZ" /etc/localtime echo "$TZ" > /etc/timezone - else - echo "Warning: Timezone file /usr/share/zoneinfo/$TZ not found, skipping timezone setup." fi fi -CRON_EXPR="${BLOCKLIST_CRON:-"0 6 * * *"}" # default: every day at 6:00 am -SCRIPT_PATH="/usr/local/bin/update-blocklist.sh" +CRON_EXPR="${BLOCKLIST_CRON:-"0 6 * * *"}" +echo "$CRON_EXPR /usr/local/bin/update-blocklist.sh" > /etc/crontabs/root -echo "Installing cron job with expression: $CRON_EXPR" - -echo "$CRON_EXPR root $SCRIPT_PATH" > /etc/crontabs/root - -echo "Starting cron..." -exec crond -f -L /dev/stdout +exec crond -f -c /etc/crontabs \ No newline at end of file diff --git a/update-blocklist.sh b/update-blocklist.sh index 0dc4c4b..7c06ad5 100644 --- a/update-blocklist.sh +++ b/update-blocklist.sh @@ -7,7 +7,7 @@ TMP_YAML="/tmp/AdGuardHome.yaml" MANUAL_IPS_FILE="/adguard/manually_blocked_ips.conf" CIDR_BASE_URL="https://raw.githubusercontent.com/vulnebify/cidre/main/output/cidr/ipv4" COUNTRIES=${BLOCK_COUNTRIES:-""} -DOCKER_API_URL=${DOCKER_API_URL:-"tcp://socket-proxy-adguard:2375"} +DOCKER_API_URL=${DOCKER_API_URL:-"http://socket-proxy-adguard:2375"} if [ -z "$COUNTRIES" ]; then echo "No countries specified in BLOCK_COUNTRIES." -- 2.47.2 From 820020f23eaf76524f5529f1fd66c5450d109f7b Mon Sep 17 00:00:00 2001 From: Djeex Date: Sat, 31 May 2025 17:10:33 +0000 Subject: [PATCH 6/9] Added adguard container name cariable and fixed docker socket proxy permissions to restart container --- docker-compose.yml | 4 +++- update-blocklist.sh | 3 ++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 67643ac..3c7d043 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,7 +6,8 @@ services: - TZ=Europe/Paris # change to your timezone - BLOCK_COUNTRIES=CN,RU,IR # choose countries listed IP to block. Full lists here https://github.com/vulnebify/cidre/tree/main/output/cidr/ipv4 - BLOCKLIST_CRON=0 6 * * * # at 6:00 every days - - DOCKER_API_URL=http://socket-proxy-adguard:2375 + - DOCKER_API_URL=http://socket-proxy-adguard:2375 # docker socket proxy + - ADGUARD_CONTAINER_NAME=adguardhome # adguard container name volumes: - /path/to/adguard/confdir:/adguard @@ -17,6 +18,7 @@ services: - no-new-privileges:true environment: - CONTAINERS=1 + - ALLOW_RESTARTS=1 volumes: - /var/run/docker.sock:/var/run/docker.sock:ro restart: unless-stopped diff --git a/update-blocklist.sh b/update-blocklist.sh index 7c06ad5..1ee035f 100644 --- a/update-blocklist.sh +++ b/update-blocklist.sh @@ -8,6 +8,7 @@ MANUAL_IPS_FILE="/adguard/manually_blocked_ips.conf" CIDR_BASE_URL="https://raw.githubusercontent.com/vulnebify/cidre/main/output/cidr/ipv4" COUNTRIES=${BLOCK_COUNTRIES:-""} DOCKER_API_URL=${DOCKER_API_URL:-"http://socket-proxy-adguard:2375"} +ADGUARD_CONTAINER_NAME=${ADGUARD_CONTAINER_NAME:-"adguardhome"} if [ -z "$COUNTRIES" ]; then echo "No countries specified in BLOCK_COUNTRIES." @@ -42,6 +43,6 @@ END { if (inside==1) print ips } mv "$TMP_YAML" "$ADGUARD_YAML" echo "Restarting adguard-home container..." -curl -s -X POST "$DOCKER_API_URL/containers/adguard-home/restart" -o /dev/null +curl -s -X POST "$DOCKER_API_URL/containers/$ADGUARD_CONTAINER_NAME/restart" -o /dev/null echo "Done." -- 2.47.2 From 93d38900c8096e099d79ffdd6ac1c2e5b401a1a2 Mon Sep 17 00:00:00 2001 From: Djeex Date: Sat, 31 May 2025 17:12:11 +0000 Subject: [PATCH 7/9] Updated readme and container name --- README.md | 2 ++ docker-compose.yml | 1 + 2 files changed, 3 insertions(+) diff --git a/README.md b/README.md index 6d2e943..a8278a4 100644 --- a/README.md +++ b/README.md @@ -32,6 +32,8 @@ | `BLOCK_COUNTRIES` | Comma-separated country codes to block (e.g., `CN,RU,IR`) | (required) | | `BLOCKLIST_CRON` | Cron expression for update frequency (e.g., `0 6 * * *`) | `0 6 * * *` (at 6:00 everydays) | | `DOCKER_API_URL` | URL of Docker socket proxy to restart AdGuard container | `http://socket-proxy-adguard:2375` | +| `ADGUARD_CONTAINER_NAME` | Name of your adguard container | `adguardhome` | + ## File Structure diff --git a/docker-compose.yml b/docker-compose.yml index 3c7d043..176381f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,6 +2,7 @@ services: adguard-cidre: build: . + container_name: adguard-cidre environment: - TZ=Europe/Paris # change to your timezone - BLOCK_COUNTRIES=CN,RU,IR # choose countries listed IP to block. Full lists here https://github.com/vulnebify/cidre/tree/main/output/cidr/ipv4 -- 2.47.2 From 02d891b6db8f9e5704b73801ca56a66195a29a2d Mon Sep 17 00:00:00 2001 From: Djeex Date: Sat, 31 May 2025 17:30:37 +0000 Subject: [PATCH 8/9] fixed cidr list url --- docker-compose.yml | 2 +- update-blocklist.sh | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 176381f..f56559c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -5,7 +5,7 @@ services: container_name: adguard-cidre environment: - TZ=Europe/Paris # change to your timezone - - BLOCK_COUNTRIES=CN,RU,IR # choose countries listed IP to block. Full lists here https://github.com/vulnebify/cidre/tree/main/output/cidr/ipv4 + - BLOCK_COUNTRIES=cn,ru,ir # choose countries listed IP to block. Full lists here https://github.com/vulnebify/cidre/tree/main/output/cidr/ipv4 - BLOCKLIST_CRON=0 6 * * * # at 6:00 every days - DOCKER_API_URL=http://socket-proxy-adguard:2375 # docker socket proxy - ADGUARD_CONTAINER_NAME=adguardhome # adguard container name diff --git a/update-blocklist.sh b/update-blocklist.sh index 1ee035f..2c4b965 100644 --- a/update-blocklist.sh +++ b/update-blocklist.sh @@ -21,8 +21,8 @@ mkdir -p /tmp/cidr IFS=',' read -ra CODES <<< "$COUNTRIES" for CODE in "${CODES[@]}"; do echo "Downloading CIDR list for $CODE..." - curl -sf "$CIDR_BASE_URL/${CODE^^}.txt" -o "/tmp/cidr/${CODE}.txt" || continue - cat "/tmp/cidr/${CODE}.txt" >> /tmp/cidr/all.txt + curl -sf "$CIDR_BASE_URL/${CODE,,}.cidr" -o "/tmp/cidr/${CODE}.cidr" || continue + cat "/tmp/cidr/${CODE}.cidr" >> /tmp/cidr/all.txt done if [ -f "$MANUAL_IPS_FILE" ]; then @@ -42,7 +42,7 @@ END { if (inside==1) print ips } mv "$TMP_YAML" "$ADGUARD_YAML" -echo "Restarting adguard-home container..." +echo "Restarting adguard..." curl -s -X POST "$DOCKER_API_URL/containers/$ADGUARD_CONTAINER_NAME/restart" -o /dev/null echo "Done." -- 2.47.2 From 0da63e9cc082795d2488884f22c5c66fa3bd29c7 Mon Sep 17 00:00:00 2001 From: Djeex Date: Sat, 31 May 2025 17:42:35 +0000 Subject: [PATCH 9/9] fixed list issues with awk (too many arguments -> temp file) --- update-blocklist.sh | 47 +++++++++++++++++++++++++++++++++++---------- 1 file changed, 37 insertions(+), 10 deletions(-) diff --git a/update-blocklist.sh b/update-blocklist.sh index 2c4b965..cdddeb1 100644 --- a/update-blocklist.sh +++ b/update-blocklist.sh @@ -8,7 +8,7 @@ MANUAL_IPS_FILE="/adguard/manually_blocked_ips.conf" CIDR_BASE_URL="https://raw.githubusercontent.com/vulnebify/cidre/main/output/cidr/ipv4" COUNTRIES=${BLOCK_COUNTRIES:-""} DOCKER_API_URL=${DOCKER_API_URL:-"http://socket-proxy-adguard:2375"} -ADGUARD_CONTAINER_NAME=${ADGUARD_CONTAINER_NAME:-"adguardhome"} +CONTAINER_NAME=${ADGUARD_CONTAINER_NAME:-"adguard-home"} if [ -z "$COUNTRIES" ]; then echo "No countries specified in BLOCK_COUNTRIES." @@ -30,19 +30,46 @@ if [ -f "$MANUAL_IPS_FILE" ]; then grep -E '^([0-9]{1,3}\.){3}[0-9]{1,3}(/[0-9]{1,2})?$' "$MANUAL_IPS_FILE" >> /tmp/cidr/all.txt fi -IPS_FORMATTED=$(sed 's/^/ - /' /tmp/cidr/all.txt) +# Format IPs as YAML list items +sed 's/^/ - /' /tmp/cidr/all.txt > /tmp/cidr/ips_formatted.txt -awk -v ips="$IPS_FORMATTED" ' -BEGIN { inside=0 } -/^ disallowed_clients:/ { print; inside=1; next } -/^ [^ ]/ && inside==1 { print ips; inside=0 } -{ if (!inside) print } -END { if (inside==1) print ips } +awk ' +BEGIN { + # Read formatted IPs into array + while ((getline line < "/tmp/cidr/ips_formatted.txt") > 0) { + ips[++count] = line + } + close("/tmp/cidr/ips_formatted.txt") + inside=0 +} + +/^ disallowed_clients:/ { + print + inside=1 + next +} + +/^ [^ ]/ && inside==1 { + # Insert all IPs here + for (i=1; i<=count; i++) print ips[i] + inside=0 +} + +{ + if (!inside) print +} + +END { + # If file ended while still inside disallowed_clients section + if (inside==1) { + for (i=1; i<=count; i++) print ips[i] + } +} ' "$ADGUARD_YAML" > "$TMP_YAML" mv "$TMP_YAML" "$ADGUARD_YAML" -echo "Restarting adguard..." -curl -s -X POST "$DOCKER_API_URL/containers/$ADGUARD_CONTAINER_NAME/restart" -o /dev/null +echo "Restarting $CONTAINER_NAME container..." +curl -s -X POST "$DOCKER_API_URL/containers/$CONTAINER_NAME/restart" -o /dev/null echo "Done." -- 2.47.2