Infra-Mirrors/docker-swag
1
0
Fork 0
mirror of https://github.com/linuxserver/docker-swag.git synced 2024-07-01 00:51:27 +00:00
Code Issues Packages Projects Releases Wiki Activity
12386fbfc7
docker-swag/root/defaults/geoip2.conf
Eric Nemchik b1ae12189f Fix indentation
2021-04-27 14:32:41 -05:00

124 lines
3.6 KiB
Plaintext
Raw Blame History

## Version 2020/10/27 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/geoip2.conf
# To enable, uncommment the Geoip2 config line in nginx.conf
# Add the -e MAXMINDDB_LICENSE_KEY=<licensekey> to automatically download the Geolite2 database.
# A Maxmind license key can be acquired here: https://www.maxmind.com/en/geolite2/signup
geoip2 /config/geoip2db/GeoLite2-City.mmdb {
auto_reload 1w;
$geoip2_data_city_name city names en;
$geoip2_data_postal_code postal code;
$geoip2_data_latitude location latitude;
$geoip2_data_longitude location longitude;
$geoip2_data_state_name subdivisions 0 names en;
$geoip2_data_state_code subdivisions 0 iso_code;
$geoip2_data_continent_code continent code;
$geoip2_data_country_iso_code country iso_code;
}
# GEOIP2 COUNTRY CONFIG
map $geoip2_data_country_iso_code $allowed_country {
# default must be yes or no
# If default is set to "no" you will need to add the local ip ranges that you want to allow access in the $allow_list variable below.
default yes;
# Below you will setup conditions with yes or no
# ex: <condition> <yes/no>;
# allow United Kingdom.
#GB yes;
}
# GEOIP2 CITY CONFIG
map $geoip2_data_city_name $allowed_city {
# default must be yes or no
# If default is set to "no" you will need to add the local ip ranges that you want to allow access in the $allow_list variable below.
default yes;
# Below you will setup conditions with yes or no
# ex: <condition> <yes/no>;
# allow Inverness.
#Inverness yes;
}
# ALLOW LOCAL ACCESS
geo $allow_list {
default yes; # Set this to no if $allowed_country or $allowed_city default is no.
# IP/CIDR yes; # e.g. 192.168.1.0/24 yes;
}
# Server config example:
# Add the following if statements inside any server context where you want to geo block countries.
########################################
# if ($allow_list = yes) {
# set $allowed_country yes;
# }
# if ($allowed_country = no) {
# return 444;
# }
#########################################
# Add the following if statements inside any server context where you want to geo block cities.
########################################
# if ($allow_list = yes) {
# set $allowed_country yes;
# }
# if ($allowed_city = no) {
# return 444;
# }
#########################################
# Example using a config from proxy-confs
#server {
# listen 443 ssl;
# listen [::]:443 ssl;
#
# server_name unifi.*;
#
# include /config/nginx/ssl.conf;
#
# client_max_body_size 0;
#
# # enable for ldap auth, fill in ldap details in ldap.conf
# #include /config/nginx/ldap.conf;
#
# # enable for Authelia
# #include /config/nginx/authelia-server.conf;
# # Allow lan access if default is set to no
# if ($allow_list = yes) {
# set $allowed_country yes;
# }
# # Country geo block
# if ($allowed_country = no) {
# return 444;
# }
#
# location / {
# # enable the next two lines for http auth
# #auth_basic "Restricted";
# #auth_basic_user_file /config/nginx/.htpasswd;
#
# # enable the next two lines for ldap auth
# #auth_request /auth;
# #error_page 401 =200 /ldaplogin;
#
# # enable for Authelia
# #include /config/nginx/authelia-location.conf;
#
# include /config/nginx/proxy.conf;
# resolver 127.0.0.11 valid=30s;
# set $upstream_app unifi-controller;
# set $upstream_port 8443;
# set $upstream_proto https;
# proxy_pass $upstream_proto://$upstream_app:$upstream_port;
#
# proxy_buffering off;
# }
#}
Reference in New Issue View Git Blame Copy Permalink