Deploy local server's ipset rules to other remote servers automatically.
- Clone repository
git clone git@github.com:alexbiship/python-ipset.git- Copy RSA(SSH) key for
rootuser for remote access, change name toid_rsa.keyand copy to the root path of the project directory
chmod 400 id_rsa.key- All installation and running commands on remote servers are required
rootuser permission. Allowrootuser login on remote servers if it's disabled. See here for more info Login asrootPython v3.6+ is required and tested on Ubuntu 18.04
add-apt-repository ppa:deadsnakes/ppa
apt update
apt -y install python3
apt -y install python3-pip
pip3 install virtualenv- Create virtual env and install dependencies
cd $YOUR_PROJECT_DIRECTORY
virtualenv .venv
source .venv/bin/activate
pip3 install -r requirements.txt- Install iptables-persistent plugin(this can't be installed automatically via bash since it requires client interaction(yes/no prompt))
apt -y install iptables-persistent- Check all available CLI commands
python3 main.py- Firstly, run
initcommand and install and config basic settings automatically for local(or main) server that this script runs on.
python3 main.py init- Register remote servers. host name can be public IP or domain name
python3 main.py add-server- initialize remote servers(this will install all stuff like
ipsets, ipset-persistence, etc on remote server side). You must run this command after registering new server otherwise it won't work as expected.
python3 main.py init-remote- Add two cron jobs. One is for synching data between local and mysql db, other one is to deploy ipset rules to all remote servers
crontab -e
# setup cron job
* * * * * cd /path/to/the/project/folder && .venv/bin/python3 main.py sync
* * * * * cd /path/to/the/project/folder && .venv/bin/python3 main.py deploy