Merge pull request #26 from gilbN/geoip2-lan-fix

adds an allow LAN ip list if geoip2 default is no.
This commit is contained in:
aptalca 2020-10-27 09:06:21 -04:00 committed by GitHub
commit 50371fea4f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -1,4 +1,4 @@
## Version 2020/09/20 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/geoip2.conf ## Version 2020/10/27 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/geoip2.conf
# To enable, uncommment the Geoip2 config line in nginx.conf # To enable, uncommment the Geoip2 config line in nginx.conf
# Add the -e MAXMINDDB_LICENSE_KEY=<licensekey> to automatically download the Geolite2 database. # Add the -e MAXMINDDB_LICENSE_KEY=<licensekey> to automatically download the Geolite2 database.
# A Maxmind license key can be acquired here: https://www.maxmind.com/en/geolite2/signup # A Maxmind license key can be acquired here: https://www.maxmind.com/en/geolite2/signup
@ -18,48 +18,52 @@ geoip2 /config/geoip2db/GeoLite2-City.mmdb {
# GEOIP2 COUNTRY CONFIG # GEOIP2 COUNTRY CONFIG
map $geoip2_data_country_iso_code $allowed_country { map $geoip2_data_country_iso_code $allowed_country {
# default must be yes or no # default must be yes or no
# If default is set to "no" you will need to add the local ip ranges that you want to allow access in the $allow_list variable below.
default yes; default yes;
# Below you will setup conditions with yes or no # Below you will setup conditions with yes or no
# ex: <condition> <yes/no>; # ex: <condition> <yes/no>;
# If your default is set to yes you can setup conditions that would set it to no (and vice versa)
# Conditions are either network address (CIDR notation) or country code
# allow United Kingdom. # allow United Kingdom.
#GB yes; #GB yes;
# allow local access.
#192.168.1.0/24 yes;
} }
# GEOIP2 CITY CONFIG # GEOIP2 CITY CONFIG
map $geoip2_data_city_name $allowed_city { map $geoip2_data_city_name $allowed_city {
# default must be yes or no # default must be yes or no
# If default is set to "no" you will need to add the local ip ranges that you want to allow access in the $allow_list variable below.
default yes; default yes;
# Below you will setup conditions with yes or no # Below you will setup conditions with yes or no
# ex: <condition> <yes/no>; # ex: <condition> <yes/no>;
# If your default is set to yes you can setup conditions that would set it to no (and vice versa)
# Conditions are either network address (CIDR notation) or city name
# allow Inverness. # allow Inverness.
#Inverness yes; #Inverness yes;
}
# allow local access. # ALLOW LOCAL ACCESS
#192.168.1.0/24 yes; geo $allow_list {
default yes; # Set this to no if $allowed_country or $allowed_city default is no.
# IP/CIDR yes; # e.g. 192.168.1.0/24 yes;
} }
# Server config example: # Server config example:
# Add the following if statement inside any server context where you want to geo block countries. # Add the following if statements inside any server context where you want to geo block countries.
######################################## ########################################
# if ($allow_list = yes) {
# set $allowed_country yes;
# }
# if ($allowed_country = no) { # if ($allowed_country = no) {
# return 444; # return 444;
# } # }
######################################### #########################################
# Add the following if statement inside any server context where you want to geo block cities. # Add the following if statements inside any server context where you want to geo block cities.
######################################## ########################################
# if ($allow_list = yes) {
# set $allowed_country yes;
# }
# if ($allowed_city = no) { # if ($allowed_city = no) {
# return 444; # return 444;
# } # }
@ -84,6 +88,10 @@ map $geoip2_data_city_name $allowed_city {
# #include /config/nginx/authelia-server.conf; # #include /config/nginx/authelia-server.conf;
# # Allow lan access if default is set to no
# if ($allow_list = yes) {
# set $allowed_country yes;
# }
# # Country geo block # # Country geo block
# if ($allowed_country = no) { # if ($allowed_country = no) {
# return 444; # return 444;