diff --git a/readme-vars.yml b/readme-vars.yml index d28f129..2cd11fe 100755 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -58,7 +58,6 @@ opt_param_env_vars: - { env_var: "ONLY_SUBDOMAINS", env_value: "false", desc: "If you wish to get certs only for certain subdomains, but not the main domain (main domain may be hosted on another machine and cannot be validated), set this to `true`" } - { env_var: "EXTRA_DOMAINS", env_value: "", desc: "Additional fully qualified domain names (comma separated, no spaces) ie. `extradomain.com,subdomain.anotherdomain.org,*.anotherdomain.org`" } - { env_var: "STAGING", env_value: "false", desc: "Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes." } - - { env_var: "MAXMINDDB_LICENSE_KEY", env_value: "", desc: "Add your MaxmindDB license key to automatically download the GeoLite2-City.mmdb database. Download location is /config/geoip2db. The database is updated weekly."} opt_param_usage_include_vols: false opt_param_volumes: - { vol_path: "/config", vol_host_path: "/path/to/appdata/config", desc: "Configuration files." } @@ -155,6 +154,7 @@ app_setup_nginx_reverse_proxy_block: "" # changelog changelogs: + - { date: "30.11.21:", desc: "Move maxmind to a [new mod](https://github.com/linuxserver/docker-mods/tree/swag-maxmind)" } - { date: "27.11.21:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf - Rebasing to alpine 3.15 with php8. Restructure nginx configs ([see changes in base](https://github.com/linuxserver/docker-baseimage-alpine-nginx/pull/84))." } - { date: "22.11.21:", desc: "Added support for Infomaniak DNS for certificate generation." } - { date: "20.11.21:", desc: "Added support for dnspod validation." } diff --git a/root/defaults/nginx/server-confs/geoip2.conf.sample b/root/defaults/nginx/server-confs/geoip2.conf.sample deleted file mode 100644 index a830fbb..0000000 --- a/root/defaults/nginx/server-confs/geoip2.conf.sample +++ /dev/null @@ -1,104 +0,0 @@ -## Version 2021/11/25 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/server-confs/geoip2.conf.sample -# To enable, uncommment the Geoip2 config line in nginx.conf -# Add the -e MAXMINDDB_LICENSE_KEY= to automatically download the Geolite2 database. -# A Maxmind license key can be acquired here: https://www.maxmind.com/en/geolite2/signup - -geoip2 /config/geoip2db/GeoLite2-City.mmdb { - auto_reload 1w; - $geoip2_data_city_name city names en; - $geoip2_data_postal_code postal code; - $geoip2_data_latitude location latitude; - $geoip2_data_longitude location longitude; - $geoip2_data_state_name subdivisions 0 names en; - $geoip2_data_state_code subdivisions 0 iso_code; - $geoip2_data_continent_code continent code; - $geoip2_data_country_iso_code country iso_code; -} - -# GEOIP2 COUNTRY CONFIG -map $geoip2_data_country_iso_code $allowed_country { - # default must be yes or no - # If default is set to "no" you will need to add the local ip ranges that you want to allow access in the $allow_list variable below. - default yes; - - # Below you will setup conditions with yes or no - # ex: ; - - # allow United Kingdom. - #GB yes; -} - -# GEOIP2 CITY CONFIG -map $geoip2_data_city_name $allowed_city { - # default must be yes or no - # If default is set to "no" you will need to add the local ip ranges that you want to allow access in the $allow_list variable below. - default yes; - - # Below you will setup conditions with yes or no - # ex: ; - - # allow Inverness. - #Inverness yes; -} - -# ALLOW LOCAL ACCESS -geo $allow_list { - default yes; # Set this to no if $allowed_country or $allowed_city default is no. - # IP/CIDR yes; # e.g. 192.168.1.0/24 yes; -} - -# Server config example: -# Add the following if statements inside any server context where you want to geo block countries. - -######################################## -# if ($allow_list = yes) { -# set $allowed_country yes; -# } -# if ($allowed_country = no) { -# return 444; -# } -######################################### -# Add the following if statements inside any server context where you want to geo block cities. -######################################## -# if ($allow_list = yes) { -# set $allowed_country yes; -# } -# if ($allowed_city = no) { -# return 444; -# } -######################################### - -# Example using a config from proxy-confs - -# server { -# include /config/nginx/server-confs/*.conf; - -# server_name unifi.*; - -# client_max_body_size 0; - -# # Allow lan access if default is set to no -# if ($allow_list = yes) { -# set $allowed_country yes; -# } -# # Country geo block -# if ($allowed_country = no) { -# return 444; -# } - -# set $htpasswd_file /config/nginx/.htpasswd; -# set $auth_basic "Restricted"; -# if (!-f $htpasswd_file) { -# set $auth_basic off; -# } -# location / { -# include /config/nginx/location-confs/*.conf; - -# set $upstream_app unifi-controller; -# set $upstream_port 8443; -# set $upstream_proto https; -# proxy_pass $upstream_proto://$upstream_app:$upstream_port; - -# proxy_buffering off; -# } -# } diff --git a/root/etc/cont-init.d/50-config b/root/etc/cont-init.d/50-config index 1c902dd..f0fa196 100644 --- a/root/etc/cont-init.d/50-config +++ b/root/etc/cont-init.d/50-config @@ -322,18 +322,6 @@ fi rm -rf /var/lib/libmaxminddb [[ ! -d /var/lib/libmaxminddb ]] && \ ln -s /config/geoip2db /var/lib/libmaxminddb -# check GeoIP2 database -if [ -n "$MAXMINDDB_LICENSE_KEY" ]; then - sed -i "s|.*MAXMINDDB_LICENSE_KEY.*|MAXMINDDB_LICENSE_KEY=\"${MAXMINDDB_LICENSE_KEY}\"|g" /etc/libmaxminddb.cron.conf - if [ ! -f /var/lib/libmaxminddb/GeoLite2-City.mmdb ]; then - echo "Downloading GeoIP2 City database." - /etc/periodic/weekly/libmaxminddb - fi -elif [ -f /var/lib/libmaxminddb/GeoLite2-City.mmdb ]; then - echo -e "Currently using the user provided GeoLite2-City.mmdb.\nIf you want to enable weekly auto-updates of the database, retrieve a free license key from MaxMind,\nand add a new env variable \"MAXMINDDB_LICENSE_KEY\", set to your license key." -else - echo -e "Starting 2019/12/30, GeoIP2 databases require personal license key to download. Please retrieve a free license key from MaxMind,\nand add a new env variable \"MAXMINDDB_LICENSE_KEY\", set to your license key." -fi # logfiles needed by fail2ban [[ ! -f /config/log/nginx/error.log ]] && \