docker-swag/root/defaults/geoip2.conf

## Version 2020/09/20 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/geoip2.conf
# To enable, uncommment the Geoip2 config line in nginx.conf
# Add the -e MAXMINDDB_LICENSE_KEY=<licensekey> to automatically download the Geolite2 database.
# A Maxmind license key can be acquired here: https://www.maxmind.com/en/geolite2/signup
# The below config is for geoblocking any country/city you add. The default config is blocking all countries/cities except the ones you set to "yes". 
# If you want to do the opposite, set default to "yes", and the countries/cities to "no".
# As the default config blocks all IP's except the ones in the GeoLite2-City.mmdb database set to yes, you will need to allow your lan ip for local access. 


geoip2 /config/geoip2db/GeoLite2-City.mmdb {
    auto_reload 5m;
    $geoip2_data_country_code country iso_code;
    $geoip2_data_city_name city names en;
}

# GEOIP2 COUNTRY CONFIG
map $geoip2_data_country_code $allowed_country {
    default no;
    <COUNTRY-CODE> yes; # e.g GB yes; for United Kingdom
    IP/CIDR yes; # e.g. 192.168.1.0/24 yes; for local access.
}

#(Optional)
# GEOIP2 CITY CONFIG
#    map $geoip2_data_city_name $allowed_city {
#    default no;
#    <CITY-NAME> yes; # e.g Inverness yes;
#    IP/CIDR yes; # e.g. 192.168.1.0/24 yes; for local access.
#    }


# Server config example:
# Add the following if statement inside any server context where you want to geo block countries.

########################################
#	if ($allowed_country = no) {
#	return 444;
#	}
#########################################

# Add the following if statement inside any server context where you want to geo block cities.
########################################
#	if ($allowed_city = no) {
#	return 444;
#	}
#########################################

# Example using a config from proxy-confs

#server {
#    listen 443 ssl;
#    listen [::]:443 ssl;
#
#    server_name unifi.*;
#
#    include /config/nginx/ssl.conf;
#
#    client_max_body_size 0;
#
#    # enable for ldap auth, fill in ldap details in ldap.conf
#    #include /config/nginx/ldap.conf;
#
#    # enable for Authelia
#    #include /config/nginx/authelia-server.conf;


#    # Country geo block	
#    if ($allowed_country = no) {
#       return 444;
#    }


#
#    location / {
#        # enable the next two lines for http auth
#        #auth_basic "Restricted";
#        #auth_basic_user_file /config/nginx/.htpasswd;
#
#        # enable the next two lines for ldap auth
#        #auth_request /auth;
#        #error_page 401 =200 /ldaplogin;
#
#        # enable for Authelia
#        #include /config/nginx/authelia-location.conf;
#
#        include /config/nginx/proxy.conf;
#        resolver 127.0.0.11 valid=30s;
#        set $upstream_app unifi-controller;
#        set $upstream_port 8443;
#        set $upstream_proto https;
#        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
#
#        proxy_buffering off;
#    }
#}
added geoip2 configs 2020-09-20 21:30:06 +00:00			`## Version 2020/09/20 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/geoip2.conf`
			`# To enable, uncommment the Geoip2 config line in nginx.conf`
			`# Add the -e MAXMINDDB_LICENSE_KEY=<licensekey> to automatically download the Geolite2 database.`
typo 2020-09-20 22:39:13 +00:00			`# A Maxmind license key can be acquired here: https://www.maxmind.com/en/geolite2/signup`
added geoip2 configs 2020-09-20 21:30:06 +00:00			`# The below config is for geoblocking any country/city you add. The default config is blocking all countries/cities except the ones you set to "yes".`
			`# If you want to do the opposite, set default to "yes", and the countries/cities to "no".`
			`# As the default config blocks all IP's except the ones in the GeoLite2-City.mmdb database set to yes, you will need to allow your lan ip for local access.`


			`geoip2 /config/geoip2db/GeoLite2-City.mmdb {`
			`auto_reload 5m;`
			`$geoip2_data_country_code country iso_code;`
			`$geoip2_data_city_name city names en;`
			`}`

			`# GEOIP2 COUNTRY CONFIG`
			`map $geoip2_data_country_code $allowed_country {`
			`default no;`
			`<COUNTRY-CODE> yes; # e.g GB yes; for United Kingdom`
			`IP/CIDR yes; # e.g. 192.168.1.0/24 yes; for local access.`
			`}`

			`#(Optional)`
			`# GEOIP2 CITY CONFIG`
			`# map $geoip2_data_city_name $allowed_city {`
			`# default no;`
			`# <CITY-NAME> yes; # e.g Inverness yes;`
			`# IP/CIDR yes; # e.g. 192.168.1.0/24 yes; for local access.`
			`# }`


			`# Server config example:`
added suggested changes 2020-09-22 15:16:01 +00:00			`# Add the following if statement inside any server context where you want to geo block countries.`
added geoip2 configs 2020-09-20 21:30:06 +00:00
added suggested changes 2020-09-22 15:16:01 +00:00			`########################################`
added geoip2 configs 2020-09-20 21:30:06 +00:00			`# if ($allowed_country = no) {`
			`# return 444;`
			`# }`
added suggested changes 2020-09-22 15:16:01 +00:00			`#########################################`
added geoip2 configs 2020-09-20 21:30:06 +00:00
added suggested changes 2020-09-22 15:16:01 +00:00			`# Add the following if statement inside any server context where you want to geo block cities.`
			`########################################`
			`# if ($allowed_city = no) {`
			`# return 444;`
			`# }`
			`#########################################`

			`# Example using a config from proxy-confs`
added geoip2 configs 2020-09-20 21:30:06 +00:00
			`#server {`
added suggested changes 2020-09-22 15:16:01 +00:00			`# listen 443 ssl;`
			`# listen [::]:443 ssl;`
			`#`
			`# server_name unifi.*;`
added geoip2 configs 2020-09-20 21:30:06 +00:00			`#`
added suggested changes 2020-09-22 15:16:01 +00:00			`# include /config/nginx/ssl.conf;`
added geoip2 configs 2020-09-20 21:30:06 +00:00			`#`
added suggested changes 2020-09-22 15:16:01 +00:00			`# client_max_body_size 0;`
			`#`
			`# # enable for ldap auth, fill in ldap details in ldap.conf`
			`# #include /config/nginx/ldap.conf;`
			`#`
			`# # enable for Authelia`
			`# #include /config/nginx/authelia-server.conf;`
added geoip2 configs 2020-09-20 21:30:06 +00:00

added suggested changes 2020-09-22 15:16:01 +00:00			`# # Country geo block`
			`# if ($allowed_country = no) {`
			`# return 444;`
			`# }`
added geoip2 configs 2020-09-20 21:30:06 +00:00

			`#`
added suggested changes 2020-09-22 15:16:01 +00:00			`# location / {`
			`# # enable the next two lines for http auth`
			`# #auth_basic "Restricted";`
			`# #auth_basic_user_file /config/nginx/.htpasswd;`
added geoip2 configs 2020-09-20 21:30:06 +00:00			`#`
added suggested changes 2020-09-22 15:16:01 +00:00			`# # enable the next two lines for ldap auth`
			`# #auth_request /auth;`
			`# #error_page 401 =200 /ldaplogin;`
added geoip2 configs 2020-09-20 21:30:06 +00:00			`#`
added suggested changes 2020-09-22 15:16:01 +00:00			`# # enable for Authelia`
			`# #include /config/nginx/authelia-location.conf;`
added geoip2 configs 2020-09-20 21:30:06 +00:00			`#`
added suggested changes 2020-09-22 15:16:01 +00:00			`# include /config/nginx/proxy.conf;`
			`# resolver 127.0.0.11 valid=30s;`
			`# set $upstream_app unifi-controller;`
			`# set $upstream_port 8443;`
			`# set $upstream_proto https;`
			`# proxy_pass $upstream_proto://$upstream_app:$upstream_port;`
added geoip2 configs 2020-09-20 21:30:06 +00:00			`#`
added suggested changes 2020-09-22 15:16:01 +00:00			`# proxy_buffering off;`
			`# }`
added geoip2 configs 2020-09-20 21:30:06 +00:00			`#}`