blocks + cron configures
blocks
to run at regular intervals (once a day, at 12AM localtime)
via cron(8).
A dedicated user account (_blocks
) isolates the execution of
blocks
from other user accounts.
-
/home/_blocks
setup-blocks+cron creates a_blocks
user, group and environment that's optimized for running blocks via cron(8). The/home/_blocks
directory contains all data and code that is generated or executed via cron(8). -
/var/cron/tabs/_blocks
setup-blocks+cron installs a crontab that executes /home/_blocks/.local/bin/blocks+cron everyday at 12AM localtime. See share/blocks+cron/crontab. -
doas.conf
setup-blocks+cron updatesdoas.conf
to be able to copy/usr/local/share/pf/blocklist
into place and reload pf.conf(5) (both tasks are done as root). See doas.conf. -
/usr/local/share/pf/blocklist
This file is the most recent copy of/home/_blocks/.local/share/blocks+cron/YYYYMMDD
. It contains pf.conf(5) tables that can be used when crafting firewall rules in/etc/pf.conf
.
$ tree -a /home/_blocks
.local
├── bin
│ └── blocks+cron
├── libexec
│ └── blocks+cron
│ ├── copy
│ └── reload
├── share
│ ├── blocks
│ │ └── .gitkeep
│ └── blocks+cron
│ └── .gitkeep
└── var
└── log
└── .gitkeep
- blocks
- doas
- pfctl
# Clone
git clone https://github.com/0x1eef/blocks.cron
cd blocks.cron
# Install
$ doas -u root make install
$ doas -u root setup-blocks+cron