SPDT
/
sapl
mirror of https://github.com/interlegis/sapl.git
5
0
Fork 0
Code Issues Releases Wiki Activity
Sistema de Apoio ao Processo Legislativo
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5888 Commits
61 Branches
269 Tags
217 MiB
 
 
 
 
 
Branch: rate-limiter-2026
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'rate-limiter-2026'
${ noResults }
sapl/docker/geoip/update_geoip.sh

73 lines
2.9 KiB
Raw Permalink Blame History

#!/usr/bin/env bash
# update_geoip.sh — download / refresh GeoLite2-ASN.mmdb
#
# Run this script before building a new Docker image so the image bundles
# an up-to-date MaxMind ASN database. The .mmdb binary is git-ignored;
# only this script is tracked.
#
# Usage:
# # Option 1 — key in environment
# MAXMIND_LICENSE_KEY=your_key bash docker/geoip/update_geoip.sh
#
# # Option 2 — key in project .env file
# bash docker/geoip/update_geoip.sh
#
# The script writes GeoLite2-ASN.mmdb to the same directory as itself so
# the Dockerfile COPY step can find it at docker/geoip/GeoLite2-ASN.mmdb.
#
# Suggested automation: run via a host cron job or CI pipeline step
# before triggering a docker build, e.g.:
#
# # /etc/cron.weekly/update-sapl-geoip
# #!/bin/bash
# cd /path/to/sapl && bash docker/geoip/update_geoip.sh
set -Eeuo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
OUT_FILE="$SCRIPT_DIR/GeoLite2-ASN.mmdb"
# ── Resolve the license key ────────────────────────────────────────────────
if [[ -z "${MAXMIND_LICENSE_KEY:-}" ]]; then
# Try the project .env (two directories up from docker/geoip/)
ENV_FILE="$(dirname "$(dirname "$SCRIPT_DIR")")/.env"
if [[ -f "$ENV_FILE" ]]; then
MAXMIND_LICENSE_KEY="$(grep -E '^MAXMIND_LICENSE_KEY=' "$ENV_FILE" 2>/dev/null \
| cut -d= -f2- | tr -d '[:space:]' || true)"
fi
fi
if [[ -z "${MAXMIND_LICENSE_KEY:-}" ]]; then
echo "ERROR: MAXMIND_LICENSE_KEY is not set." >&2
echo " Set it in the environment or add MAXMIND_LICENSE_KEY=<key> to .env" >&2
exit 1
fi
# ── Download ───────────────────────────────────────────────────────────────
URL="https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-ASN&license_key=${MAXMIND_LICENSE_KEY}&suffix=tar.gz"
echo "[geoip] Downloading GeoLite2-ASN from MaxMind..."
tmpdir="$(mktemp -d)"
trap 'rm -rf "$tmpdir"' EXIT
curl -fsSL --max-time 60 "$URL" | tar -xz --strip-components=1 -C "$tmpdir"
mv "$tmpdir"/GeoLite2-ASN.mmdb "$OUT_FILE"
echo "[geoip] Saved: $OUT_FILE"
echo "[geoip] Build date: $(python3 -c "
import struct, datetime, pathlib
data = pathlib.Path('$OUT_FILE').read_bytes()
# MaxMind DB build epoch is in the last 16 bytes of the metadata section
marker = b'\xab\xcd\xefMaxMind.com'
idx = data.rfind(marker)
if idx >= 0:
# search for 'build_epoch' key nearby
chunk = data[idx:idx+512]
pos = chunk.find(b'build_epoch')
if pos >= 0:
val_start = pos + len(b'build_epoch') + 1
epoch = struct.unpack('>Q', chunk[val_start+1:val_start+9])[0]
print(datetime.datetime.utcfromtimestamp(epoch).strftime('%Y-%m-%d'))
exit()
print('unknown')
" 2>/dev/null || echo "unknown")"