153 lines
3.8 KiB
Plaintext
153 lines
3.8 KiB
Plaintext
map $http3:$http2:$server_protocol
|
|
$krdsh__geo_proto
|
|
{
|
|
default $server_protocol;
|
|
|
|
~^[^:]+: $http3;
|
|
~^:[^:]+: $http2;
|
|
}
|
|
|
|
map $http_user_agent
|
|
$krdsh__geo_ua
|
|
{
|
|
default $http_user_agent;
|
|
|
|
"" "<none>";
|
|
}
|
|
|
|
map $ssl_protocol
|
|
$krdsh__geo_ssl_proto
|
|
{
|
|
default $ssl_protocol;
|
|
|
|
"" "none";
|
|
}
|
|
|
|
map $ssl_alpn_protocol
|
|
$krdsh__geo_ssl_alpn
|
|
{
|
|
default $ssl_alpn_protocol;
|
|
|
|
"" "none";
|
|
}
|
|
|
|
map $ssl_session_reused
|
|
$krdsh__geo_ssl_reuse
|
|
{
|
|
default "no";
|
|
|
|
r yes;
|
|
}
|
|
|
|
map $ssl_early_data
|
|
$krdsh__geo_ssl_early
|
|
{
|
|
default "no";
|
|
|
|
1 yes;
|
|
}
|
|
|
|
map $uri
|
|
$krdsh__geo_k
|
|
{
|
|
volatile;
|
|
## default is "help"
|
|
default help;
|
|
|
|
~^/(.+)$ $1;
|
|
}
|
|
|
|
map $krdsh__geo_k
|
|
$krdsh__geo_v
|
|
{
|
|
volatile;
|
|
## default is "help"
|
|
default "usage: $host/{key}\r\nmeta keys: [help] all geo ssl version\r\nsimple keys: ip user-agent proto ssl-proto ssl-alpn ssl-reuse ssl-early country-code country-name timezone latitude longitude asn asn-org";
|
|
|
|
ip $remote_addr;
|
|
user-agent $krdsh__geo_ua;
|
|
|
|
proto $krdsh__geo_proto;
|
|
ssl-proto $krdsh__geo_ssl_proto;
|
|
ssl-alpn $krdsh__geo_ssl_alpn;
|
|
ssl-reuse $krdsh__geo_ssl_reuse;
|
|
ssl-early $krdsh__geo_ssl_early;
|
|
|
|
country-code $geoip2_country_code;
|
|
country-name $geoip2_country_name;
|
|
|
|
timezone $geoip2_timezone;
|
|
latitude $geoip2_latitude;
|
|
longitude $geoip2_longitude;
|
|
|
|
asn $geoip2_asn;
|
|
asn-org $geoip2_asn_org;
|
|
|
|
version "angie/$angie_version";
|
|
|
|
all "ip: $remote_addr\r\nuser-agent: $krdsh__geo_ua\r\nproto: $krdsh__geo_proto\r\nssl-proto: $krdsh__geo_ssl_proto\r\nssl-alpn: $krdsh__geo_ssl_alpn\r\nssl-reuse: $krdsh__geo_ssl_reuse\r\nssl-early: $krdsh__geo_ssl_early\r\ncountry-code: $geoip2_country_code\r\ncountry-name: $geoip2_country_name\r\ntimezone: $geoip2_timezone\r\nlatitude: $geoip2_latitude\r\nlongitude: $geoip2_longitude\r\nasn: $geoip2_asn\r\nasn-org: $geoip2_asn_org";
|
|
|
|
geo "ip: $remote_addr\r\ncountry-code: $geoip2_country_code\r\ncountry-name: $geoip2_country_name\r\ntimezone: $geoip2_timezone\r\nlatitude: $geoip2_latitude\r\nlongitude: $geoip2_longitude\r\nasn: $geoip2_asn\r\nasn-org: $geoip2_asn_org";
|
|
|
|
ssl "proto: $krdsh__geo_proto\r\nssl-proto: $krdsh__geo_ssl_proto\r\nssl-alpn: $krdsh__geo_ssl_alpn\r\nssl-reuse: $krdsh__geo_ssl_reuse\r\nssl-early: $krdsh__geo_ssl_early";
|
|
|
|
}
|
|
|
|
map $uri
|
|
$krdsh__geo_file
|
|
{
|
|
## guess what?..
|
|
default default.zst;
|
|
|
|
~*^/asn\.(.+)$ GeoLite2-ASN.$1;
|
|
~*^/city\.(.+)$ GeoLite2-City.$1;
|
|
~*^/country\.(.+)$ GeoLite2-Country.$1;
|
|
}
|
|
|
|
server {
|
|
server_name geo.krd.sh;
|
|
|
|
include snip.d/listen-http;
|
|
include snip.d/listen-https;
|
|
include snip.d/ssl-krd.sh;
|
|
|
|
access_log off;
|
|
keepalive_timeout 0;
|
|
|
|
root /var/www/empty;
|
|
|
|
include snip.d/empty-favicon;
|
|
|
|
location / {
|
|
default_type text/plain;
|
|
return 200 "$krdsh__geo_v\r\n";
|
|
}
|
|
|
|
location ~*^/[^/.]+\.mmdb\.[^/.]+$
|
|
{
|
|
root /usr/local/share/geoip2;
|
|
try_files /$krdsh__geo_file @file_help;
|
|
}
|
|
location ~*^/[^/.]+\.mmdb$
|
|
{
|
|
try_files /.non-existent-uri @file_help;
|
|
}
|
|
location @file_help
|
|
{
|
|
## sync with "map $uri krdsh__geo_file"
|
|
set $krdsh__geo_bases "asn city country";
|
|
## sync with file system contents
|
|
set $krdsh__geo_comps "br bz2 gz xz zst";
|
|
## sync with two above
|
|
set $krdsh__geo_example "country.mmdb.xz";
|
|
|
|
default_type text/plain;
|
|
|
|
add_header X-GeoIp-Bases $krdsh__geo_bases always;
|
|
add_header X-GeoIp-Comps $krdsh__geo_comps always;
|
|
add_header X-GeoIp-Example $krdsh__geo_example always;
|
|
|
|
return 403 "valid file names: $krdsh__geo_bases\r\nvalid trailing extensions: $krdsh__geo_comps\r\nexample: $krdsh__geo_example\r\n";
|
|
}
|
|
}
|