Create install-ntopng-geoip.sh

install-ntopng-geoip.sh

@@ -0,0 +1,83 @@
+#!/bin/sh
+# ========================================================================
+# OPNsense ntopng GeoIP installer
+# One-command setup: MaxMind City+Country + ipinfo.io ASN
+# Silent updater script: /usr/local/bin/ntopng-updategeo.sh
+# You can get free key for https://ipinfo.io/ and https://www.maxmind.com/
+# Ipinfo has more and acurate records, but Ntopng does not support it
+# Usage with fetch:
+# fetch -o - https://raw.githubusercontent.com/YOURUSERNAME/YOURREPO/main/install-ntopng-geoip.sh \
+#    | sh -s -- YOUR_MAXMIND_LICENSE_KEY_HERE your_ipinfo_token_here
+# Usage with curl:
+# curl -fsSL https://raw.githubusercontent.com/YOURUSERNAME/YOURREPO/main/install-ntopng-geoip.sh \
+#    | sh -s -- YOUR_MAXMIND_LICENSE_KEY_HERE your_ipinfo_token_here
+# ========================================================================
+if [ $# -ne 2 ]; then
+    echo "Usage: $0 MAXMIND_LICENSE_KEY IPINFO_TOKEN"
+    echo "Example:"
+    echo "  fetch -o - https://raw.githubusercontent.com/YOURUSER/YOURREPO/main/install-ntopng-geoip.sh | sh -s -- YOUR_MAXMIND_KEY your_ipinfo_token"
+    exit 1
+fi
+
+MAXMIND_KEY="$1"
+IPINFO_TOKEN="$2"
+
+echo "=== Setting up ntopng GeoIP updater ==="
+
+# 1. Create config with your keys
+cat << EOF > /usr/local/etc/GeoIP.conf
+LicenseKey ${MAXMIND_KEY}
+IPINFO_TOKEN ${IPINFO_TOKEN}
+EOF
+
+# 2. Create the silent updater script
+cat << 'UPDATER' > /usr/local/bin/ntopng-updategeo.sh
+#!/bin/sh
+# Silent ntopng GeoIP updater - MaxMind City/Country + ipinfo ASN
+# No output on success, only critical errors
+
+set -e
+
+GEOIP_DIR="/usr/local/share/ntopng/httpdocs/geoip"
+CONF_FILE="/usr/local/etc/GeoIP.conf"
+
+mkdir -p "${GEOIP_DIR}"
+cd "${GEOIP_DIR}"
+
+LICENSE_KEY=$(awk -F ' ' '/^#/ {next} $1=="LicenseKey" {print $2}' "${CONF_FILE}")
+IPINFO_TOKEN=$(awk -F ' ' '/^#/ {next} $1=="IPINFO_TOKEN" {print $2}' "${CONF_FILE}")
+
+if [ -z "${LICENSE_KEY}" ] || [ -z "${IPINFO_TOKEN}" ]; then
+    echo "ERROR: Missing LicenseKey or IPINFO_TOKEN in ${CONF_FILE}" >&2
+    exit 1
+fi
+
+# MaxMind City
+fetch -q -o - "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=${LICENSE_KEY}&suffix=tar.gz" \
+    | tar xz --strip-components=1 --wildcards "*.mmdb" 2>/dev/null || true
+mv GeoLite2-City_*/GeoLite2-City.mmdb . 2>/dev/null || true
+
+# ipinfo.io ASN (saved as Geolite2-ASN.mmdb instead of maxmind)
+fetch -q -o GeoLite2-ASN.mmdb "https://ipinfo.io/data/free/asn.mmdb?token=${IPINFO_TOKEN}"
+
+# Permissions
+chown root:wheel *.mmdb 2>/dev/null || true
+chmod 444 *.mmdb
+
+# Restart ntopng (silent)
+/usr/local/etc/rc.d/ntopng restart >/dev/null 2>&1 || true
+UPDATER
+
+# 3. Make executable
+chmod 755 /usr/local/bin/ntopng-updategeo.sh
+
+# 4. Run once (silent on success)
+echo "→ Running initial update (this may take a few seconds)..."
+/usr/local/bin/ntopng-updategeo.sh
+
+echo "   Updater installed at: /usr/local/bin/ntopng-updategeo.sh"
+echo "   Config file:          /usr/local/etc/GeoIP.conf"
+echo ""
+echo "Now add it to Cron (System → Settings → Cron):"
+echo "   Command: /usr/local/bin/ntopng-updategeo.sh"
+echo "   Run Weekly or Monthly at any hour you like (e.g. 3:00 AM)"