#!/bin/bash ######################################################################## # Author: Fred (support@qo-op.com) # Version: 2020.03.24 # License: AGPL-3.0 (https://choosealicense.com/licenses/agpl-3.0/) ######################################################################## MY_PATH="`dirname \"$0\"`" # relative MY_PATH="`( cd \"$MY_PATH\" && pwd )`" # absolutized and normalized ME="${0##*/}" ######################################################################## # \\/// # qo-op ############# '$MY_PATH/$ME' ######################################################################## # ex: ./'$ME' ######################################################################## # This script is controling IPFS swarm # Sync friends peers ~/.zen/ipfs/ into ~/.zen/ipfs_swarm/.IPFSNODEID's/ directories # add not friend_of_mine IPs to fail2ban ######################################################################## # TODO remove because now it is in~/.bashrc export YOU=$(ps auxf --sort=+utime | grep -w ipfs | grep -v -E 'color=auto|grep' | tail -n 1 | cut -d " " -f 1) export IPFSNODEID=$(ipfs id -f='\n') ######################################################################## mkdir -p ~/.zen/ipfs_swarm echo ' ___ _ _ __ __ _ _ _ _ _ _ __ | |_)|_(_ (_\ //\ |_)|\/| |_)|_|_|_)|_(_ |_| _|_| | __) __)\/\//--\| \| | | \|_| | \|___)| | ' echo "I am $IPFSNODEID" echo "REFRESHING /home/$YOU/.zen/ipfs_swarm/ from my SWARM peers" rm -Rf /home/$YOU/.zen/ipfs_swarm/.12D3KooW* rm -Rf /home/$YOU/.zen/ipfs_swarm/.Qm* rm -Rf /home/$YOU/.zen/ipfs_swarm/* count=1 for peer in $(ipfs swarm peers); do ipfsnodeid=$(echo "$peer" | awk -F '/' '{print $7}') ip=$(echo "$peer" | awk -F '/' '{print $3}') nowdate=$(date) timestamp=$(date -u +%s%N | cut -b1-13) echo "$nowdate - $id - $ip" foundIp=$(cat ~/.zen/A_allow_ip.txt | grep "$ip") foundIpfs=$(cat ~/.zen/A_allow_ipfsid.txt | grep "$ipfsnodeid") isLAN=$(echo $ip | cut -f3 -d '/' | grep -E "(^127\.)|(^192\.168\.)|(^fd42\:)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^::1$)|(^[fF][cCdD])/") if [[ ! $foundIpfs && ! $isLAN ]] ; then echo "${ip} of peer ${id} is not in the authorized ip list." echo "${peer} will be removed from the swarm" ipfs swarm disconnect $peer ipfs bootstrap rm $peer echo "# FAIL2BAN # $USER must activate no password sudo (Rpi & Xbian OK)" if [[ $USER == "pi" || $USER == "xbian" ]]; then echo "BAN $ip ($ipfsnodeid)" sudo fail2ban-client add recidive sudo fail2ban-client start recidive sudo fail2ban-client set recidive banip $ip fi else echo "${peer}" echo "REFRESH /ipns/$ipfsnodeid INTO ~/.zen/ipfs_swarm/" $MY_PATH/tools/timeout.sh -t 30 ipfs get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$ipfsnodeid fi done echo "$IPFSNODEID PUBLISHING /home/$YOU/.zen/ipfs/ to SWARM" [[ ! -d /home/$YOU/.zen/ipfs ]] && echo "ERROR : /home/$YOU/.zen/ipfs/ NOT FOUND" && exit 1 IWALLETS=$(ipfs add -rHq /home/$YOU/.zen/ipfs | tail -n 1) NODEIPNS=$(ipfs name publish --quieter /ipfs/$IWALLETS) # Retrieve my own data in /home/$YOU/.zen/ipfs_swarm/ ipfs get --output=/home/$YOU/.zen/ipfs_swarm/ /ipns/$IPFSNODEID exit 0