From 891aa6bc717b982ee5587b1f1ea5c2f8c6d06daa Mon Sep 17 00:00:00 2001
From: Marius <gilberg@gmail.com>
Date: Tue, 22 Sep 2020 17:16:01 +0200
Subject: [PATCH] added suggested changes

---
 root/defaults/default     |  6 ++++
 root/defaults/geoip2.conf | 76 ++++++++++++++++++++++-----------------
 2 files changed, 50 insertions(+), 32 deletions(-)

diff --git a/root/defaults/default b/root/defaults/default
index 384a60e..e290c6e 100644
--- a/root/defaults/default
+++ b/root/defaults/default
@@ -30,6 +30,12 @@ server {
 	# enable for Authelia
 	#include /config/nginx/authelia-server.conf;
 
+	# enable for geo blocking
+	# See /config/nginx/geoip2.conf for more information. 
+	#if ($allowed_country = no) {
+	#return 444;
+	#}
+
 	client_max_body_size 0;
 
 	location / {
diff --git a/root/defaults/geoip2.conf b/root/defaults/geoip2.conf
index 818938f..4d63bdc 100644
--- a/root/defaults/geoip2.conf
+++ b/root/defaults/geoip2.conf
@@ -30,54 +30,66 @@ map $geoip2_data_country_code $allowed_country {
 
 
 # Server config example:
-# Add the following if statement inside any server context you want to geo block.
+# Add the following if statement inside any server context where you want to geo block countries.
 
-# COUNTRY GEO BLOCK	
+########################################
 #	if ($allowed_country = no) {
 #	return 444;
 #	}
+#########################################
 
-# Full example:
+# Add the following if statement inside any server context where you want to geo block cities.
+########################################
+#	if ($allowed_city = no) {
+#	return 444;
+#	}
+#########################################
+
+# Example using a config from proxy-confs
 
-# sample config for "default" with the geo block added
 #server {
-#	listen 443 ssl http2 default_server;
-#	listen [::]:443 ssl http2 default_server;
+#    listen 443 ssl;
+#    listen [::]:443 ssl;
 #
-#	root /config/www;
-#	index index.html index.htm index.php;
+#    server_name unifi.*;
 #
-#	server_name _;
+#    include /config/nginx/ssl.conf;
+#
+#    client_max_body_size 0;
+#
+#    # enable for ldap auth, fill in ldap details in ldap.conf
+#    #include /config/nginx/ldap.conf;
+#
+#    # enable for Authelia
+#    #include /config/nginx/authelia-server.conf;
 
 
-# COUNTRY GEO BLOCK	
-#	if ($allowed_country = no) {
-#	return 444;
-#	}
+#    # Country geo block	
+#    if ($allowed_country = no) {
+#       return 444;
+#    }
 
 
-#	# enable subfolder method reverse proxy confs
-#	include /config/nginx/proxy-confs/*.subfolder.conf;
 #
-#	# all ssl related config moved to ssl.conf
-#	include /config/nginx/ssl.conf;
+#    location / {
+#        # enable the next two lines for http auth
+#        #auth_basic "Restricted";
+#        #auth_basic_user_file /config/nginx/.htpasswd;
 #
-#	# enable for ldap auth
-#	#include /config/nginx/ldap.conf;
+#        # enable the next two lines for ldap auth
+#        #auth_request /auth;
+#        #error_page 401 =200 /ldaplogin;
 #
-#	# enable for Authelia
-#	#include /config/nginx/authelia-server.conf;
+#        # enable for Authelia
+#        #include /config/nginx/authelia-location.conf;
 #
-#	client_max_body_size 0;
+#        include /config/nginx/proxy.conf;
+#        resolver 127.0.0.11 valid=30s;
+#        set $upstream_app unifi-controller;
+#        set $upstream_port 8443;
+#        set $upstream_proto https;
+#        proxy_pass $upstream_proto://$upstream_app:$upstream_port;
 #
-#	location / {
-#		try_files $uri $uri/ /index.html /index.php?$args =404;
-#	}
-#
-#	location ~ \.php$ {
-#		fastcgi_split_path_info ^(.+\.php)(/.+)$;
-#		fastcgi_pass 127.0.0.1:9000;
-#		fastcgi_index index.php;
-#		include /etc/nginx/fastcgi_params;
-#	}
+#        proxy_buffering off;
+#    }
 #}