src/scripts/setldapallowlist.sh

#!/bin/bash

set -eu -o pipefail

if [[ ${EUID} -ne 0 ]]; then
    echo "This script should be run as root." > /dev/stderr
    exit 1
fi

if [[ $# == 1 && "$1" == "--check" ]]; then
    echo "OK"
    exit 0
fi

[[ "${BOX_ENV}" == "test" ]] && exit

ipset flush cloudron_ldap_allowlist

ldap_allowlist_json="/home/yellowtent/platformdata/firewall/ldap_allowlist.txt"

if [[ -f "${ldap_allowlist_json}" ]]; then
    # without the -n block, any last line without a new line won't be read it!
    while read -r line || [[ -n "$line" ]]; do
        [[ -z "${line}" ]] && continue # ignore empty lines
        [[ "$line" =~ ^#.*$ ]] && continue # ignore lines starting with #
        ipset add -! cloudron_ldap_allowlist "${line}" # the -! ignore duplicates
    done < "${ldap_allowlist_json}"
fi
Handle exposed ldap allowlist 2021-12-10 16:20:58 +01:00			`#!/bin/bash`

			`set -eu -o pipefail`

			`if [[ ${EUID} -ne 0 ]]; then`
			`echo "This script should be run as root." > /dev/stderr`
			`exit 1`
			`fi`

			`if [[ $# == 1 && "$1" == "--check" ]]; then`
			`echo "OK"`
			`exit 0`
			`fi`

			`[[ "${BOX_ENV}" == "test" ]] && exit`

			`ipset flush cloudron_ldap_allowlist`

			`ldap_allowlist_json="/home/yellowtent/platformdata/firewall/ldap_allowlist.txt"`

			`if [[ -f "${ldap_allowlist_json}" ]]; then`
			`# without the -n block, any last line without a new line won't be read it!`
			`while read -r line \|\| [[ -n "$line" ]]; do`
			`[[ -z "${line}" ]] && continue # ignore empty lines`
			`[[ "$line" =~ ^#.*$ ]] && continue # ignore lines starting with #`
			`ipset add -! cloudron_ldap_allowlist "${line}" # the -! ignore duplicates`
			`done < "${ldap_allowlist_json}"`
			`fi`