53 lines
1.2 KiB
Bash
53 lines
1.2 KiB
Bash
#!/bin/bash
|
|
|
|
# config
|
|
hostname=$(hostname)
|
|
mail_from="alias@domain.tld";
|
|
mail_to="alias@domain.tld";
|
|
mail_enabled="true"
|
|
|
|
# helper
|
|
send_error() {
|
|
local CONTENTS=$1;
|
|
# if enabled, send mail on error
|
|
if [ $mail_enabled == 'true' ]; then
|
|
SUBJECT="[$hostname] Failed to update unbound adservers";
|
|
echo "${CONTENTS}" | mailx -Ssendwait -s "${SUBJECT}" $mail_to;
|
|
fi
|
|
echo "${CONTENTS}";
|
|
}
|
|
|
|
# main
|
|
bURL="https://raw.githubusercontent.com/oznu/dns-zone-blacklist/master/unbound/unbound-nxdomain.blacklist"
|
|
blacklist="$(curl -s -L --fail "$bURL")"
|
|
sha256="$(curl -s -L --fail "${bURL}.checksum")"
|
|
|
|
test -n "$blacklist"
|
|
res=$?;
|
|
if [ $res != 0 ]; then
|
|
send_error "Cannot download blacklist.";
|
|
exit 1;
|
|
fi
|
|
|
|
|
|
test -n "$sha256"
|
|
res=$?;
|
|
if [ $res != 0 ]; then
|
|
send_error "Cannot download checksum.";
|
|
exit 1;
|
|
fi
|
|
|
|
d_sha256="$(echo -n "$blacklist" | sha256sum)"
|
|
test "${d_sha256#$sha256}" != "$d_sha256"
|
|
res=$?;
|
|
if [ $res != 0 ]; then
|
|
send_error "Checksum doesn't match the downloaded file";
|
|
exit 1;
|
|
fi
|
|
|
|
echo "$blacklist" > /etc/unbound/adservers
|
|
res=$?;
|
|
if [ $res != 0 ]; then
|
|
send_error "Cannot apply file";
|
|
exit 1;
|
|
fi
|