From 3ddf83868b5fb5810b42808cb9f32474db5309d6 Mon Sep 17 00:00:00 2001 From: ghostersk <68815071+ghostersk@users.noreply.github.com> Date: Sun, 19 Apr 2026 16:40:22 +0100 Subject: [PATCH] Create install-ntopng-geoip.sh --- install-ntopng-geoip.sh | 83 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) create mode 100644 install-ntopng-geoip.sh diff --git a/install-ntopng-geoip.sh b/install-ntopng-geoip.sh new file mode 100644 index 0000000..2ca7087 --- /dev/null +++ b/install-ntopng-geoip.sh @@ -0,0 +1,83 @@ +#!/bin/sh +# ======================================================================== +# OPNsense ntopng GeoIP installer +# One-command setup: MaxMind City+Country + ipinfo.io ASN +# Silent updater script: /usr/local/bin/ntopng-updategeo.sh +# You can get free key for https://ipinfo.io/ and https://www.maxmind.com/ +# Ipinfo has more and acurate records, but Ntopng does not support it +# Usage with fetch: +# fetch -o - https://raw.githubusercontent.com/YOURUSERNAME/YOURREPO/main/install-ntopng-geoip.sh \ +# | sh -s -- YOUR_MAXMIND_LICENSE_KEY_HERE your_ipinfo_token_here +# Usage with curl: +# curl -fsSL https://raw.githubusercontent.com/YOURUSERNAME/YOURREPO/main/install-ntopng-geoip.sh \ +# | sh -s -- YOUR_MAXMIND_LICENSE_KEY_HERE your_ipinfo_token_here +# ======================================================================== +if [ $# -ne 2 ]; then + echo "Usage: $0 MAXMIND_LICENSE_KEY IPINFO_TOKEN" + echo "Example:" + echo " fetch -o - https://raw.githubusercontent.com/YOURUSER/YOURREPO/main/install-ntopng-geoip.sh | sh -s -- YOUR_MAXMIND_KEY your_ipinfo_token" + exit 1 +fi + +MAXMIND_KEY="$1" +IPINFO_TOKEN="$2" + +echo "=== Setting up ntopng GeoIP updater ===" + +# 1. Create config with your keys +cat << EOF > /usr/local/etc/GeoIP.conf +LicenseKey ${MAXMIND_KEY} +IPINFO_TOKEN ${IPINFO_TOKEN} +EOF + +# 2. Create the silent updater script +cat << 'UPDATER' > /usr/local/bin/ntopng-updategeo.sh +#!/bin/sh +# Silent ntopng GeoIP updater - MaxMind City/Country + ipinfo ASN +# No output on success, only critical errors + +set -e + +GEOIP_DIR="/usr/local/share/ntopng/httpdocs/geoip" +CONF_FILE="/usr/local/etc/GeoIP.conf" + +mkdir -p "${GEOIP_DIR}" +cd "${GEOIP_DIR}" + +LICENSE_KEY=$(awk -F ' ' '/^#/ {next} $1=="LicenseKey" {print $2}' "${CONF_FILE}") +IPINFO_TOKEN=$(awk -F ' ' '/^#/ {next} $1=="IPINFO_TOKEN" {print $2}' "${CONF_FILE}") + +if [ -z "${LICENSE_KEY}" ] || [ -z "${IPINFO_TOKEN}" ]; then + echo "ERROR: Missing LicenseKey or IPINFO_TOKEN in ${CONF_FILE}" >&2 + exit 1 +fi + +# MaxMind City +fetch -q -o - "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=${LICENSE_KEY}&suffix=tar.gz" \ + | tar xz --strip-components=1 --wildcards "*.mmdb" 2>/dev/null || true +mv GeoLite2-City_*/GeoLite2-City.mmdb . 2>/dev/null || true + +# ipinfo.io ASN (saved as Geolite2-ASN.mmdb instead of maxmind) +fetch -q -o GeoLite2-ASN.mmdb "https://ipinfo.io/data/free/asn.mmdb?token=${IPINFO_TOKEN}" + +# Permissions +chown root:wheel *.mmdb 2>/dev/null || true +chmod 444 *.mmdb + +# Restart ntopng (silent) +/usr/local/etc/rc.d/ntopng restart >/dev/null 2>&1 || true +UPDATER + +# 3. Make executable +chmod 755 /usr/local/bin/ntopng-updategeo.sh + +# 4. Run once (silent on success) +echo "→ Running initial update (this may take a few seconds)..." +/usr/local/bin/ntopng-updategeo.sh + +echo " Updater installed at: /usr/local/bin/ntopng-updategeo.sh" +echo " Config file: /usr/local/etc/GeoIP.conf" +echo "" +echo "Now add it to Cron (System → Settings → Cron):" +echo " Command: /usr/local/bin/ntopng-updategeo.sh" +echo " Run Weekly or Monthly at any hour you like (e.g. 3:00 AM)"