2020-09-20 17:30:06 -04:00
|
|
|
## Version 2020/09/20 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/geoip2.conf
|
|
|
|
# To enable, uncommment the Geoip2 config line in nginx.conf
|
|
|
|
# Add the -e MAXMINDDB_LICENSE_KEY=<licensekey> to automatically download the Geolite2 database.
|
2020-09-20 18:39:13 -04:00
|
|
|
# A Maxmind license key can be acquired here: https://www.maxmind.com/en/geolite2/signup
|
2020-09-20 17:30:06 -04:00
|
|
|
|
2020-09-22 21:08:00 -04:00
|
|
|
geoip2 /config/geoip2db/GeoLite2-City.mmdb {
|
2020-09-22 20:53:40 -04:00
|
|
|
auto_reload 1w;
|
|
|
|
$geoip2_data_city_name city names en;
|
|
|
|
$geoip2_data_postal_code postal code;
|
|
|
|
$geoip2_data_latitude location latitude;
|
|
|
|
$geoip2_data_longitude location longitude;
|
|
|
|
$geoip2_data_state_name subdivisions 0 names en;
|
|
|
|
$geoip2_data_state_code subdivisions 0 iso_code;
|
|
|
|
$geoip2_data_continent_code continent code;
|
|
|
|
$geoip2_data_country_iso_code country iso_code;
|
2020-09-20 17:30:06 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
# GEOIP2 COUNTRY CONFIG
|
2020-09-22 20:53:40 -04:00
|
|
|
map $geoip2_data_country_iso_code $allowed_country {
|
|
|
|
# default must be yes or no
|
|
|
|
default yes;
|
|
|
|
|
|
|
|
# Below you will setup conditions with yes or no
|
|
|
|
# ex: <condition> <yes/no>;
|
|
|
|
# If your default is set to yes you can setup conditions that would set it to no (and vice versa)
|
|
|
|
# Conditions are either network address (CIDR notation) or country code
|
|
|
|
|
|
|
|
# allow United Kingdom.
|
|
|
|
#GB yes;
|
|
|
|
|
|
|
|
# allow local access.
|
|
|
|
#192.168.1.0/24 yes;
|
2020-09-20 17:30:06 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
# GEOIP2 CITY CONFIG
|
2020-09-22 20:53:40 -04:00
|
|
|
map $geoip2_data_city_name $allowed_city {
|
|
|
|
# default must be yes or no
|
|
|
|
default yes;
|
|
|
|
|
|
|
|
# Below you will setup conditions with yes or no
|
|
|
|
# ex: <condition> <yes/no>;
|
|
|
|
# If your default is set to yes you can setup conditions that would set it to no (and vice versa)
|
|
|
|
# Conditions are either network address (CIDR notation) or city name
|
2020-09-20 17:30:06 -04:00
|
|
|
|
2020-09-22 20:53:40 -04:00
|
|
|
# allow Inverness.
|
|
|
|
#Inverness yes;
|
|
|
|
|
|
|
|
# allow local access.
|
|
|
|
#192.168.1.0/24 yes;
|
|
|
|
}
|
2020-09-20 17:30:06 -04:00
|
|
|
|
|
|
|
# Server config example:
|
2020-09-22 11:16:01 -04:00
|
|
|
# Add the following if statement inside any server context where you want to geo block countries.
|
2020-09-20 17:30:06 -04:00
|
|
|
|
2020-09-22 11:16:01 -04:00
|
|
|
########################################
|
2020-09-20 17:30:06 -04:00
|
|
|
# if ($allowed_country = no) {
|
|
|
|
# return 444;
|
|
|
|
# }
|
2020-09-22 11:16:01 -04:00
|
|
|
#########################################
|
2020-09-20 17:30:06 -04:00
|
|
|
|
2020-09-22 11:16:01 -04:00
|
|
|
# Add the following if statement inside any server context where you want to geo block cities.
|
|
|
|
########################################
|
|
|
|
# if ($allowed_city = no) {
|
|
|
|
# return 444;
|
|
|
|
# }
|
|
|
|
#########################################
|
|
|
|
|
|
|
|
# Example using a config from proxy-confs
|
2020-09-20 17:30:06 -04:00
|
|
|
|
|
|
|
#server {
|
2020-09-22 11:16:01 -04:00
|
|
|
# listen 443 ssl;
|
|
|
|
# listen [::]:443 ssl;
|
|
|
|
#
|
|
|
|
# server_name unifi.*;
|
2020-09-20 17:30:06 -04:00
|
|
|
#
|
2020-09-22 11:16:01 -04:00
|
|
|
# include /config/nginx/ssl.conf;
|
2020-09-20 17:30:06 -04:00
|
|
|
#
|
2020-09-22 11:16:01 -04:00
|
|
|
# client_max_body_size 0;
|
|
|
|
#
|
|
|
|
# # enable for ldap auth, fill in ldap details in ldap.conf
|
|
|
|
# #include /config/nginx/ldap.conf;
|
|
|
|
#
|
|
|
|
# # enable for Authelia
|
|
|
|
# #include /config/nginx/authelia-server.conf;
|
2020-09-20 17:30:06 -04:00
|
|
|
|
|
|
|
|
2020-09-22 20:53:40 -04:00
|
|
|
# # Country geo block
|
2020-09-22 11:16:01 -04:00
|
|
|
# if ($allowed_country = no) {
|
|
|
|
# return 444;
|
|
|
|
# }
|
2020-09-20 17:30:06 -04:00
|
|
|
|
|
|
|
|
|
|
|
#
|
2020-09-22 11:16:01 -04:00
|
|
|
# location / {
|
|
|
|
# # enable the next two lines for http auth
|
|
|
|
# #auth_basic "Restricted";
|
|
|
|
# #auth_basic_user_file /config/nginx/.htpasswd;
|
2020-09-20 17:30:06 -04:00
|
|
|
#
|
2020-09-22 11:16:01 -04:00
|
|
|
# # enable the next two lines for ldap auth
|
|
|
|
# #auth_request /auth;
|
|
|
|
# #error_page 401 =200 /ldaplogin;
|
2020-09-20 17:30:06 -04:00
|
|
|
#
|
2020-09-22 11:16:01 -04:00
|
|
|
# # enable for Authelia
|
|
|
|
# #include /config/nginx/authelia-location.conf;
|
2020-09-20 17:30:06 -04:00
|
|
|
#
|
2020-09-22 11:16:01 -04:00
|
|
|
# include /config/nginx/proxy.conf;
|
|
|
|
# resolver 127.0.0.11 valid=30s;
|
|
|
|
# set $upstream_app unifi-controller;
|
|
|
|
# set $upstream_port 8443;
|
|
|
|
# set $upstream_proto https;
|
|
|
|
# proxy_pass $upstream_proto://$upstream_app:$upstream_port;
|
2020-09-20 17:30:06 -04:00
|
|
|
#
|
2020-09-22 11:16:01 -04:00
|
|
|
# proxy_buffering off;
|
|
|
|
# }
|
2020-09-20 17:30:06 -04:00
|
|
|
#}
|