wagenet-ip-ban-list/update.sh

#!/bin/bash

set -euo pipefail
IFS=$'\n\t'

# --- Configurable variables ---
SRC_FILE="/var/www/html/banned.txt"
REPO_DIR="/git/repository"
DEST_FILE="banned.txt"

# --- Functions ---
usage() {
    echo "Usage: $0 [-s source_file] [-d repo_dir] [-f dest_file]"
    echo "  -s    Source file path (default: $SRC_FILE)"
    echo "  -d    Git repo directory (default: $REPO_DIR)"
    echo "  -f    Destination filename inside repo (default: $DEST_FILE)"
    exit 1
}

# --- Parse arguments ---
while getopts ":s:d:f:h" opt; do
    case $opt in
        s) SRC_FILE="$OPTARG" ;;
        d) REPO_DIR="$OPTARG" ;;
        f) DEST_FILE="$OPTARG" ;;
        h) usage ;;
        \?) echo "Invalid option: -$OPTARG" >&2; usage ;;
    esac
done

# --- Main logic ---
if [[ ! -f "$SRC_FILE" ]]; then
    echo "Error: Source file '$SRC_FILE' not found." >&2
    exit 1
fi

if [[ ! -d "$REPO_DIR/.git" ]]; then
    echo "Error: '$REPO_DIR' is not a git repository." >&2
    exit 1
fi

cd "$REPO_DIR"

# Ensure a clean state for pulling: discard any local changes to the target file
# from previous failed runs so that pull (especially with pull.rebase=true) works.
if ! git diff --quiet -- "$DEST_FILE" 2>/dev/null || ! git diff --quiet --cached -- "$DEST_FILE" 2>/dev/null; then
    git restore --worktree --staged -- "$DEST_FILE" || true
fi

# Update from remote before making local changes (works with pull.rebase=true)
git pull --rebase --autostash || git pull --rebase

# Copy and commit if there are changes
cp "$SRC_FILE" "$DEST_FILE"
git add "$DEST_FILE"
COMMIT_MSG="Update banned IP list — $(date '+%Y-%m-%d %H:%M:%S %Z')"
git commit -m "$COMMIT_MSG" || echo "No changes to commit."

# Push; if rejected due to remote updates, rebase and retry once
if ! git push; then
    echo "Push failed; rebasing onto remote and retrying..." >&2
    git pull --rebase --autostash || git pull --rebase
    git push
fi