From 7b2dab1fbfb761a0c100cefb449b2bbc3ab51447 Mon Sep 17 00:00:00 2001 From: LinuxServer-CI Date: Thu, 25 Nov 2021 06:18:49 +0100 Subject: [PATCH 1/5] Bot Updating Package Versions --- package_versions.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package_versions.txt b/package_versions.txt index 4b1f7ee..6e50a3a 100755 --- a/package_versions.txt +++ b/package_versions.txt @@ -209,7 +209,7 @@ py3-six-1.15.0-r1 py3-toml-0.10.2-r2 py3-urllib3-1.26.5-r0 py3-webencodings-0.5.1-r4 -python3-3.9.5-r1 +python3-3.9.5-r2 readline-8.1.0-r0 s6-ipcserver-2.10.0.3-r0 scanelf-1.3.2-r0 From 522fed5d1bc9643f7cde310f97647c612de00327 Mon Sep 17 00:00:00 2001 From: LinuxServer-CI Date: Thu, 2 Dec 2021 06:19:05 +0100 Subject: [PATCH 2/5] Bot Updating Package Versions --- package_versions.txt | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/package_versions.txt b/package_versions.txt index 6e50a3a..015b5ae 100755 --- a/package_versions.txt +++ b/package_versions.txt @@ -133,8 +133,8 @@ php7-ctype-7.4.26-r0 php7-curl-7.4.26-r0 php7-dom-7.4.26-r0 php7-exif-7.4.26-r0 -php7-fileinfo-7.4.25-r0 -php7-fpm-7.4.25-r0 +php7-fileinfo-7.4.26-r0 +php7-fpm-7.4.26-r0 php7-ftp-7.4.26-r0 php7-gd-7.4.26-r0 php7-gmp-7.4.26-r0 @@ -164,7 +164,7 @@ php7-pgsql-7.4.26-r0 php7-phar-7.4.26-r0 php7-posix-7.4.26-r0 php7-session-7.4.26-r0 -php7-simplexml-7.4.25-r0 +php7-simplexml-7.4.26-r0 php7-soap-7.4.26-r0 php7-sockets-7.4.26-r0 php7-sodium-7.4.26-r0 @@ -173,7 +173,7 @@ php7-tokenizer-7.4.26-r0 php7-xml-7.4.26-r0 php7-xmlreader-7.4.26-r0 php7-xmlrpc-7.4.26-r0 -php7-xmlwriter-7.4.25-r0 +php7-xmlwriter-7.4.26-r0 php7-xsl-7.4.26-r0 php7-zip-7.4.26-r0 pinentry-1.1.1-r0 From 4929672e6294724d1720f8b30dd140b05e30268b Mon Sep 17 00:00:00 2001 From: quietsy Date: Sat, 30 Oct 2021 21:42:54 +0300 Subject: [PATCH 3/5] Move maxmind to a new mod --- readme-vars.yml | 2 +- root/defaults/default | 6 -- root/defaults/geoip2.conf | 123 ------------------------------ root/defaults/nginx.conf | 8 -- root/etc/cont-init.d/50-config | 14 ---- root/etc/cont-init.d/70-templates | 1 - 6 files changed, 1 insertion(+), 153 deletions(-) delete mode 100644 root/defaults/geoip2.conf diff --git a/readme-vars.yml b/readme-vars.yml index f2afdac..10af9f4 100755 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -58,7 +58,6 @@ opt_param_env_vars: - { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" } - { env_var: "EXTRA_DOMAINS", env_value: "", desc: "Additional fully qualified domain names (comma separated, no spaces) ie. `extradomain.com,subdomain.anotherdomain.org,*.anotherdomain.org`" } - { env_var: "STAGING", env_value: "false", desc: "Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes." } - - { env_var: "MAXMINDDB_LICENSE_KEY", env_value: "", desc: "Add your MaxmindDB license key to automatically download the GeoLite2-City.mmdb database. Download location is /config/geoip2db. The database is updated weekly."} opt_param_usage_include_vols: false opt_param_volumes: - { vol_path: "/config", vol_host_path: "/path/to/appdata/config", desc: "Configuration files." } @@ -155,6 +154,7 @@ app_setup_nginx_reverse_proxy_block: "" # changelog changelogs: + - { date: "30.11.21:", desc: "Move maxmind to a [new mod](https://github.com/linuxserver/docker-mods/tree/swag-maxmind)" } - { date: "22.11.21:", desc: "Added support for Infomaniak DNS for certificate generation." } - { date: "20.11.21:", desc: "Added support for dnspod validation." } - { date: "15.11.21:", desc: "Added support for deSEC DNS for wildcard certificate generation." } diff --git a/root/defaults/default b/root/defaults/default index 3593668..82e19e8 100644 --- a/root/defaults/default +++ b/root/defaults/default @@ -32,12 +32,6 @@ server { # enable for Authelia #include /config/nginx/authelia-server.conf; - # enable for geo blocking - # See /config/nginx/geoip2.conf for more information. - #if ($allowed_country = no) { - #return 444; - #} - client_max_body_size 0; location / { diff --git a/root/defaults/geoip2.conf b/root/defaults/geoip2.conf deleted file mode 100644 index 846c5b5..0000000 --- a/root/defaults/geoip2.conf +++ /dev/null @@ -1,123 +0,0 @@ -## Version 2020/10/27 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/geoip2.conf -# To enable, uncommment the Geoip2 config line in nginx.conf -# Add the -e MAXMINDDB_LICENSE_KEY= to automatically download the Geolite2 database. -# A Maxmind license key can be acquired here: https://www.maxmind.com/en/geolite2/signup - -geoip2 /config/geoip2db/GeoLite2-City.mmdb { - auto_reload 1w; - $geoip2_data_city_name city names en; - $geoip2_data_postal_code postal code; - $geoip2_data_latitude location latitude; - $geoip2_data_longitude location longitude; - $geoip2_data_state_name subdivisions 0 names en; - $geoip2_data_state_code subdivisions 0 iso_code; - $geoip2_data_continent_code continent code; - $geoip2_data_country_iso_code country iso_code; -} - -# GEOIP2 COUNTRY CONFIG -map $geoip2_data_country_iso_code $allowed_country { - # default must be yes or no - # If default is set to "no" you will need to add the local ip ranges that you want to allow access in the $allow_list variable below. - default yes; - - # Below you will setup conditions with yes or no - # ex: ; - - # allow United Kingdom. - #GB yes; -} - -# GEOIP2 CITY CONFIG -map $geoip2_data_city_name $allowed_city { - # default must be yes or no - # If default is set to "no" you will need to add the local ip ranges that you want to allow access in the $allow_list variable below. - default yes; - - # Below you will setup conditions with yes or no - # ex: ; - - # allow Inverness. - #Inverness yes; -} - -# ALLOW LOCAL ACCESS -geo $allow_list { - default yes; # Set this to no if $allowed_country or $allowed_city default is no. - # IP/CIDR yes; # e.g. 192.168.1.0/24 yes; -} - -# Server config example: -# Add the following if statements inside any server context where you want to geo block countries. - -######################################## -# if ($allow_list = yes) { -# set $allowed_country yes; -# } -# if ($allowed_country = no) { -# return 444; -# } -######################################### - -# Add the following if statements inside any server context where you want to geo block cities. -######################################## -# if ($allow_list = yes) { -# set $allowed_country yes; -# } -# if ($allowed_city = no) { -# return 444; -# } -######################################### - -# Example using a config from proxy-confs - -#server { -# listen 443 ssl; -# listen [::]:443 ssl; -# -# server_name unifi.*; -# -# include /config/nginx/ssl.conf; -# -# client_max_body_size 0; -# -# # enable for ldap auth, fill in ldap details in ldap.conf -# #include /config/nginx/ldap.conf; -# -# # enable for Authelia -# #include /config/nginx/authelia-server.conf; - - -# # Allow lan access if default is set to no -# if ($allow_list = yes) { -# set $allowed_country yes; -# } -# # Country geo block -# if ($allowed_country = no) { -# return 444; -# } - - -# -# location / { -# # enable the next two lines for http auth -# #auth_basic "Restricted"; -# #auth_basic_user_file /config/nginx/.htpasswd; -# -# # enable the next two lines for ldap auth -# #auth_request /auth; -# #error_page 401 =200 /ldaplogin; -# -# # enable for Authelia -# #include /config/nginx/authelia-location.conf; -# -# include /config/nginx/proxy.conf; -# resolver 127.0.0.11 valid=30s; -# set $upstream_app unifi-controller; -# set $upstream_port 8443; -# set $upstream_proto https; -# proxy_pass $upstream_proto://$upstream_app:$upstream_port; -# -# proxy_buffering off; -# } -#} diff --git a/root/defaults/nginx.conf b/root/defaults/nginx.conf index ea2830c..ae21a63 100644 --- a/root/defaults/nginx.conf +++ b/root/defaults/nginx.conf @@ -115,14 +115,6 @@ http { ## include /config/nginx/site-confs/*; #Removed lua. Do not remove this comment - - ## - # Geoip2 config - ## - # Uncomment to add the Geoip2 configs needed to geo block countries/cities. - ## - - #include /config/nginx/geoip2.conf; } #mail { diff --git a/root/etc/cont-init.d/50-config b/root/etc/cont-init.d/50-config index 84e86ee..abe45b1 100644 --- a/root/etc/cont-init.d/50-config +++ b/root/etc/cont-init.d/50-config @@ -76,8 +76,6 @@ cp /config/fail2ban/jail.local /etc/fail2ban/jail.local cp /defaults/authelia-server.conf /config/nginx/authelia-server.conf [[ ! -f /config/nginx/authelia-location.conf ]] && \ cp /defaults/authelia-location.conf /config/nginx/authelia-location.conf -[[ ! -f /config/nginx/geoip2.conf ]] && \ - cp /defaults/geoip2.conf /config/nginx/geoip2.conf [[ ! -f /config/www/502.html ]] && cp /defaults/502.html /config/www/502.html @@ -362,18 +360,6 @@ fi rm -rf /var/lib/libmaxminddb [[ ! -d /var/lib/libmaxminddb ]] && \ ln -s /config/geoip2db /var/lib/libmaxminddb -# check GeoIP2 database -if [ -n "$MAXMINDDB_LICENSE_KEY" ]; then - sed -i "s|.*MAXMINDDB_LICENSE_KEY.*|MAXMINDDB_LICENSE_KEY=\"${MAXMINDDB_LICENSE_KEY}\"|g" /etc/libmaxminddb.cron.conf - if [ ! -f /var/lib/libmaxminddb/GeoLite2-City.mmdb ]; then - echo "Downloading GeoIP2 City database." - /etc/periodic/weekly/libmaxminddb - fi -elif [ -f /var/lib/libmaxminddb/GeoLite2-City.mmdb ]; then - echo -e "Currently using the user provided GeoLite2-City.mmdb.\nIf you want to enable weekly auto-updates of the database, retrieve a free license key from MaxMind,\nand add a new env variable \"MAXMINDDB_LICENSE_KEY\", set to your license key." -else - echo -e "Starting 2019/12/30, GeoIP2 databases require personal license key to download. Please retrieve a free license key from MaxMind,\nand add a new env variable \"MAXMINDDB_LICENSE_KEY\", set to your license key." -fi # logfiles needed by fail2ban [[ ! -f /config/log/nginx/error.log ]] && \ diff --git a/root/etc/cont-init.d/70-templates b/root/etc/cont-init.d/70-templates index 6b60ed1..40125c1 100644 --- a/root/etc/cont-init.d/70-templates +++ b/root/etc/cont-init.d/70-templates @@ -3,7 +3,6 @@ nginx_confs=( \ authelia-location.conf \ authelia-server.conf \ - geoip2.conf \ ldap.conf \ nginx.conf \ proxy.conf \ From 29a92e6bf113edd1bfd3980b2aac0b3667d0a6cb Mon Sep 17 00:00:00 2001 From: LinuxServer-CI Date: Sun, 5 Dec 2021 20:41:44 +0100 Subject: [PATCH 4/5] Bot Updating Templated Files --- README.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/README.md b/README.md index 3e40c45..3b1c3b0 100644 --- a/README.md +++ b/README.md @@ -161,7 +161,6 @@ services: - ONLY_SUBDOMAINS=false #optional - EXTRA_DOMAINS= #optional - STAGING=false #optional - - MAXMINDDB_LICENSE_KEY= #optional volumes: - /path/to/appdata/config:/config ports: @@ -190,7 +189,6 @@ docker run -d \ -e ONLY_SUBDOMAINS=false `#optional` \ -e EXTRA_DOMAINS= `#optional` \ -e STAGING=false `#optional` \ - -e MAXMINDDB_LICENSE_KEY= `#optional` \ -p 443:443 \ -p 80:80 `#optional` \ -v /path/to/appdata/config:/config \ @@ -220,7 +218,6 @@ Container images are configured using parameters passed at runtime (such as thos | `-e ONLY_SUBDOMAINS=false` | If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true` | | `-e EXTRA_DOMAINS=` | Additional fully qualified domain names (comma separated, no spaces) ie. `extradomain.com,subdomain.anotherdomain.org,*.anotherdomain.org` | | `-e STAGING=false` | Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes. | -| `-e MAXMINDDB_LICENSE_KEY=` | Add your MaxmindDB license key to automatically download the GeoLite2-City.mmdb database. Download location is /config/geoip2db. The database is updated weekly. | | `-v /config` | All the config files including the webroot reside here. | ## Environment variables from files (Docker secrets) @@ -332,6 +329,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64 ## Versions +* **30.11.21:** - Move maxmind to a [new mod](https://github.com/linuxserver/docker-mods/tree/swag-maxmind) * **22.11.21:** - Added support for Infomaniak DNS for certificate generation. * **20.11.21:** - Added support for dnspod validation. * **15.11.21:** - Added support for deSEC DNS for wildcard certificate generation. From 682689d0fc5d885181660a837f1c03984bd2bbc7 Mon Sep 17 00:00:00 2001 From: LinuxServer-CI Date: Thu, 9 Dec 2021 06:19:24 +0100 Subject: [PATCH 5/5] Bot Updating Package Versions --- package_versions.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package_versions.txt b/package_versions.txt index 015b5ae..42a4a9e 100755 --- a/package_versions.txt +++ b/package_versions.txt @@ -86,7 +86,7 @@ libxt-1.2.1-r0 libzip-1.7.3-r2 linux-pam-1.5.1-r1 logrotate-3.18.1-r0 -lz4-libs-1.9.3-r0 +lz4-libs-1.9.3-r1 memcached-1.6.9-r0 mpdecimal-2.5.1-r1 musl-1.2.2-r3