-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathMakefile
59 lines (50 loc) · 2.15 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
.PHONY : \
run-cloudflare-top \
build-unbound \
run-unbound \
all
all : cloudflare
# https://www.cloudflare.com/ips/
cf-ips-v4 :
wget -O $@ https://www.cloudflare.com/ips-v4
cf-ips-v6 :
wget -O $@ https://www.cloudflare.com/ips-v6
cloudflare : cf-ips-v4 cf-ips-v6
cat $^ | sort >$@
# https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/LocationsOfEdgeServers.html
amazon.json :
wget -O $@ https://ip-ranges.amazonaws.com/ip-ranges.json
amazon: amazon.json
jq -r '(.prefixes[] | select(.service == "CLOUDFRONT") | .ip_prefix), (.ipv6_prefixes[] | select(.service == "CLOUDFRONT") | .ipv6_prefix)' $^ >$@
js/% : xml/%
./parse-xml $^ $@
dump.lua :
./merge js/* | ./format-lua $@
kabydump.pyjson : cloudflare amazon
./merge cloudflare amazon js/* | ./format-pyjson $@
run-cloudflare-top : top-1m.csv cloudflare
cat top-1m.A.* top-1m.AAAA.* | ./grep-subnet cloudflare | awk '(length($$1) > 0) {print $$1}' | sort -u | sed 's/^www\.//; s/\.$$//; s/^/,/' | grep -F -f - top-1m.csv | less
run-amazon-top : top-1m.csv amazon
cat top-1m.A.* top-1m.AAAA.* | ./grep-subnet amazon | awk '(length($$1) > 0) {print $$1}' | sort -u | sed 's/^www\.//; s/\.$$//; s/^/,/' | grep -F -f - top-1m.csv | less
# Cisco Umbrella DNS* data might seem better, but it has lots of garbage like
# non-existing TLDs. It's the rating of queries, it's not a rating of valid
# websites. *) http://s3-us-west-1.amazonaws.com/umbrella-static/top-1m.csv.zip
top-1m.csv.zip :
wget https://s3.amazonaws.com/alexa-static/top-1m.csv.zip
top-1m.csv : top-1m.csv.zip
unzip -n top-1m.csv.zip
unbound.log :
touch $@ && chmod 666 $@ # to avoid UID remaping
ssl/snakeoil :
mkdir -p ssl
cd ssl && make-ssl-cert /usr/share/ssl-cert/ssleay.cnf snakeoil # see apt:ssl-cert
ssl/fullchain.pem : ssl/snakeoil
openssl x509 -in $^ -out $@
ssl/privkey.pem : ssl/snakeoil
openssl rsa -in $^ -out $@
build-unbound :
tar cz Dockerfile kabysdoh.py | docker build -t darkk/kabysdoh-unbound -f Dockerfile -
run-unbound : ssl/privkey.pem ssl/fullchain.pem unbound.log
docker run --rm -ti --net=host -v $$PWD:/srv/kabysdoh darkk/kabysdoh-unbound:latest
push-unbound :
docker push darkk/kabysdoh-unbound