From 38fa575e1e1191c6dcbab4a2990b00eb9ccd2943 Mon Sep 17 00:00:00 2001 From: gilbN Date: Mon, 26 Oct 2020 22:51:04 +0100 Subject: [PATCH 1/2] adds a lan allow list if default is no. --- root/defaults/geoip2.conf | 30 +++++++++++++++++++----------- 1 file changed, 19 insertions(+), 11 deletions(-) diff --git a/root/defaults/geoip2.conf b/root/defaults/geoip2.conf index 67dd3487..67bc2348 100644 --- a/root/defaults/geoip2.conf +++ b/root/defaults/geoip2.conf @@ -18,48 +18,52 @@ geoip2 /config/geoip2db/GeoLite2-City.mmdb { # GEOIP2 COUNTRY CONFIG map $geoip2_data_country_iso_code $allowed_country { # default must be yes or no + # If default is set to "no" you will need to add the local ip ranges that you want to allow access in the $allow_list variable below. default yes; # Below you will setup conditions with yes or no # ex: ; - # If your default is set to yes you can setup conditions that would set it to no (and vice versa) - # Conditions are either network address (CIDR notation) or country code # allow United Kingdom. #GB yes; - - # allow local access. - #192.168.1.0/24 yes; } # GEOIP2 CITY CONFIG map $geoip2_data_city_name $allowed_city { # default must be yes or no + # If default is set to "no" you will need to add the local ip ranges that you want to allow access in the $allow_list variable below. default yes; # Below you will setup conditions with yes or no # ex: ; - # If your default is set to yes you can setup conditions that would set it to no (and vice versa) - # Conditions are either network address (CIDR notation) or city name # allow Inverness. #Inverness yes; +} - # allow local access. - #192.168.1.0/24 yes; +# ALLOW LOCAL ACCESS +geo $allow_list { + default yes; # Set this to no if $allowed_country or $allowed_city default is no. + # IP/CIDR yes; # e.g. 192.168.1.0/24 yes; } # Server config example: -# Add the following if statement inside any server context where you want to geo block countries. +# Add the following if statements inside any server context where you want to geo block countries. ######################################## +# if ($allow_list = yes) { +# set $allowed_country yes; +# } # if ($allowed_country = no) { # return 444; # } ######################################### -# Add the following if statement inside any server context where you want to geo block cities. +# Add the following if statements inside any server context where you want to geo block cities. ######################################## +# if ($allow_list = yes) { +# set $allowed_country yes; +# } # if ($allowed_city = no) { # return 444; # } @@ -84,6 +88,10 @@ map $geoip2_data_city_name $allowed_city { # #include /config/nginx/authelia-server.conf; +# # Allow lan access if default is set to no +# if ($allow_list = yes) { +# set $allowed_country yes; +# } # # Country geo block # if ($allowed_country = no) { # return 444; From a81ab8bcf1309ff66434ebc6b2456dcf8d993794 Mon Sep 17 00:00:00 2001 From: GilbN <24592972+gilbN@users.noreply.github.com> Date: Tue, 27 Oct 2020 09:37:00 +0100 Subject: [PATCH 2/2] update version --- root/defaults/geoip2.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/root/defaults/geoip2.conf b/root/defaults/geoip2.conf index 67bc2348..702c4dcc 100644 --- a/root/defaults/geoip2.conf +++ b/root/defaults/geoip2.conf @@ -1,4 +1,4 @@ -## Version 2020/09/20 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/geoip2.conf +## Version 2020/10/27 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/geoip2.conf # To enable, uncommment the Geoip2 config line in nginx.conf # Add the -e MAXMINDDB_LICENSE_KEY= to automatically download the Geolite2 database. # A Maxmind license key can be acquired here: https://www.maxmind.com/en/geolite2/signup