| |
| geoip2:nginx [2026/02/19 04:13] – létrehozva riba.zoltan | geoip2:nginx [2026/02/19 04:44] (aktuális) – riba.zoltan |
|---|
| |
| <code> | <code> |
| # dnf install gcc libmaxminddb-devel make tar | # dnf install gcc glibc-headers libmaxminddb-devel make openssl-devel pcre2-devel redhat-rpm-config tar zlib-devel |
| </code> | </code> |
| |
| # ./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-http_v3_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64-v2 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie' --with-compat --add-dynamic-module=/usr/local/src/ngx_http_geoip2_module-3.4 | # ./configure --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-http_v3_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-cc-opt='-O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -march=x86-64-v2 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie' --with-compat --add-dynamic-module=/usr/local/src/ngx_http_geoip2_module-3.4 |
| |
| | ... |
| | Configuration summary |
| | + using threads |
| | + using system PCRE2 library |
| | + using system OpenSSL library |
| | + using system zlib library |
| | |
| | nginx path prefix: "/etc/nginx" |
| | nginx binary file: "/usr/sbin/nginx" |
| | nginx modules path: "/usr/lib64/nginx/modules" |
| | nginx configuration prefix: "/etc/nginx" |
| | nginx configuration file: "/etc/nginx/nginx.conf" |
| | nginx pid file: "/var/run/nginx.pid" |
| | nginx error log file: "/var/log/nginx/error.log" |
| | nginx http access log file: "/var/log/nginx/access.log" |
| | nginx http client request body temporary files: "/var/cache/nginx/client_temp" |
| | nginx http proxy temporary files: "/var/cache/nginx/proxy_temp" |
| | nginx http fastcgi temporary files: "/var/cache/nginx/fastcgi_temp" |
| | nginx http uwsgi temporary files: "/var/cache/nginx/uwsgi_temp" |
| | nginx http scgi temporary files: "/var/cache/nginx/scgi_temp" |
| | </code> |
| | |
| | Modul fordítása. |
| | |
| | <code> |
| | # make modules |
| | ... |
| | make[1]: Leaving directory '/usr/local/src/nginx-1.29.5' |
| | </code> |
| | |
| | Az elkészült modul a /usr/local/src/nginx-1.29.5/objs alatt található ngx_http_geoip2_module.so néven. Ezt a modult kell az nginx szerverre másolni és betölteni. |
| | |
| | ==== GeoIP2 modul beállítása ==== |
| | |
| | Az NGINX szerveren engedélyezni kell a modult, majd el kell végezni a konfigurációt. A modul helye a /usr/share/nginx/modules, vagy a /usr/lib64/nginx/modules könyvtár. |
| | |
| | Be kell tölteni a modult. Ehhez a /etc/nginx/nginx.conf fájl elejére be kell illeszteni a megfelelő load_module bejegyzést. |
| | |
| | <code> |
| | load_module modules/ngx_http_geoip2_module.so; |
| | |
| | user nginx; |
| | worker_processes auto; |
| | ... |
| | </code> |
| | |
| | A http szakaszban meg kell adni a geoip2 beállításokat. Ezt legegyszerűbben a /etc/nginx/conf.d könyvtárban elhelyezett drop-in fájl segítségével tudjuk megtenni. |
| | |
| | <code> |
| | # cat > /etc/nginx/conf.d/10-maxminddb.conf <<'EOF' |
| | geoip2 /usr/share/GeoIP/GeoLite2-Country.mmdb { |
| | $geoip2_country_code country iso_code; |
| | $geoip2_country_name country names en; |
| | } |
| | |
| | geoip2 /usr/share/GeoIP/GeoLite2-City.mmdb { |
| | $geoip2_city_name city names en; |
| | } |
| | EOF |
| | </code> |
| | |
| | A default szerver szakaszban érdemes egy teszt location-t beállítani. |
| | |
| | <code> |
| | ... |
| | |
| | location /geoip-test { |
| | add_header X-Country-Code $geoip2_country_code always; |
| | add_header X-Country-Name $geoip2_country_name always; |
| | return 200 "Country: $geoip2_country_name ($geoip2_country_code)\nCity: $geoip2_city_name\n"; |
| | } |
| | |
| | ... |
| | </code> |
| | |
| | Az nginx újraindítása után tesztelhető a működés: |
| | |
| | <code> |
| | $ curl https://server/geoip-test |
| | Country: Hungary (HU) |
| | City: Budapest |
| | </code> |
