Adjust geoip2 instructions

2024-06-26 06:32:16 +00:00 · 2020-09-22 19:53:40 -05:00 · 2020-09-22 19:53:40 -05:00 · b58ee45818
commit b58ee45818
parent 891aa6bc71
2 changed files with 40 additions and 20 deletions
--- a/root/defaults/default
+++ b/root/defaults/default
@ -31,7 +31,7 @@ server {
 	#include /config/nginx/authelia-server.conf;

 	# enable for geo blocking
-	# See /config/nginx/geoip2.conf for more information. 
+	# See /config/nginx/geoip2.conf for more information.
 	#if ($allowed_country = no) {
 	#return 444;
 	#}
--- a/root/defaults/geoip2.conf
+++ b/root/defaults/geoip2.conf
@ -2,32 +2,52 @@
 # To enable, uncommment the Geoip2 config line in nginx.conf
 # Add the -e MAXMINDDB_LICENSE_KEY=<licensekey> to automatically download the Geolite2 database.
 # A Maxmind license key can be acquired here: https://www.maxmind.com/en/geolite2/signup
-# The below config is for geoblocking any country/city you add. The default config is blocking all countries/cities except the ones you set to "yes". 
-# If you want to do the opposite, set default to "yes", and the countries/cities to "no".
-# As the default config blocks all IP's except the ones in the GeoLite2-City.mmdb database set to yes, you will need to allow your lan ip for local access. 

-
-geoip2 /config/geoip2db/GeoLite2-City.mmdb {
-    auto_reload 5m;
-    $geoip2_data_country_code country iso_code;
-    $geoip2_data_city_name city names en;
+geoip2 /config/geoip2db//GeoLite2-City.mmdb {
+    auto_reload 1w;
+    $geoip2_data_city_name   city names en;
+    $geoip2_data_postal_code postal code;
+    $geoip2_data_latitude    location latitude;
+    $geoip2_data_longitude   location longitude;
+    $geoip2_data_state_name  subdivisions 0 names en;
+    $geoip2_data_state_code  subdivisions 0 iso_code;
+    $geoip2_data_continent_code   continent code;
+    $geoip2_data_country_iso_code country iso_code;
 }

 # GEOIP2 COUNTRY CONFIG
-map $geoip2_data_country_code $allowed_country {
-    default no;
-    <COUNTRY-CODE> yes; # e.g GB yes; for United Kingdom
-    IP/CIDR yes; # e.g. 192.168.1.0/24 yes; for local access.
+map $geoip2_data_country_iso_code $allowed_country {
+    # default must be yes or no
+    default yes;
+
+    # Below you will setup conditions with yes or no
+    # ex: <condition> <yes/no>;
+    # If your default is set to yes you can setup conditions that would set it to no (and vice versa)
+    # Conditions are either network address (CIDR notation) or country code
+
+    # allow United Kingdom.
+    #GB yes;
+
+    # allow local access.
+    #192.168.1.0/24 yes;
 }

-#(Optional)
 # GEOIP2 CITY CONFIG
-#    map $geoip2_data_city_name $allowed_city {
-#    default no;
-#    <CITY-NAME> yes; # e.g Inverness yes;
-#    IP/CIDR yes; # e.g. 192.168.1.0/24 yes; for local access.
-#    }
+map $geoip2_data_city_name $allowed_city {
+    # default must be yes or no
+    default yes;

+    # Below you will setup conditions with yes or no
+    # ex: <condition> <yes/no>;
+    # If your default is set to yes you can setup conditions that would set it to no (and vice versa)
+    # Conditions are either network address (CIDR notation) or city name
+
+    # allow Inverness.
+    #Inverness yes;
+
+    # allow local access.
+    #192.168.1.0/24 yes;
+}

 # Server config example:
 # Add the following if statement inside any server context where you want to geo block countries.
@ -64,7 +84,7 @@ map $geoip2_data_country_code $allowed_country {
 #    #include /config/nginx/authelia-server.conf;


-#    # Country geo block	
+#    # Country geo block
 #    if ($allowed_country = no) {
 #       return 444;
 #    }