Skip to content

Instantly share code, notes, and snippets.

@m00zi
Forked from kmjones1979/nginx.conf
Created June 28, 2019 16:27
Show Gist options
  • Save m00zi/55e68aab48bba885bc40e599fe83b2bd to your computer and use it in GitHub Desktop.
Save m00zi/55e68aab48bba885bc40e599fe83b2bd to your computer and use it in GitHub Desktop.
Example NGINX configuration to route based on country code using GeoIP
# load dynamic modules
load_module /etc/nginx/modules/ngx_http_geoip_module.so;
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log info;
pid /var/run/nginx.pid;
events { worker_connections 1024; }
http {
default_type text/html;
log_format main 'remote_addr: $remote_addr, remote_user: $remote_user [time_local: $time_local] request: "$request" '
'status: $status, body_bytes_sent: $body_bytes_sent, http_referer: "$http_referer" '
'http_user_agent: "$http_user_agent:", http_x_forwarded_for: "$http_x_forwarded_for" '
'geoip_area_code: $geoip_area_code, geoip_city: $geoip_city, geoip_city_continent_code: $geoip_city_continent_code, geoip_city_country_code: $geoip_city_country_code, geoip_city_country_code3: $geoip_city_country_code3, geoip_city_country_name: $geoip_city_country_name, geoip_country_code: $geoip_country_code, geoip_country_code3: $geoip_country_code3, geoip_country_name: $geoip_country_name, geoip_dma_code: $geoip_dma_code, geoip_latitude: $geoip_latitude, geoip_longitude: $geoip_longitude, geoip_org: $geoip_org, geoip_postal_code: $geoip_postal_code, geoip_region: $geoip_region, geoip_region_name: $geoip_region_name';
access_log /var/log/nginx/access.log main;
# load Maxmind GeoIP library
geoip_country /etc/nginx/GeoIP/GeoIP.dat;
geoip_city /etc/nginx/GeoIP/GeoLiteCity.dat;
geoip_proxy 127.0.0.1;
# map country code to specific NGINX upstream
map $geoip_country_code $upstream {
LR web_lr;
US web_us;
RU web_russia;
default $subnet;
}
# map private subnets to $subnet variable (used in upstream map above)
geo $subnet {
127.0.0.0/24 web_us;
10.0.0.0/24 web_us;
192.168.1.0/24 web_us;
default web_default;
}
upstream web_lr {
zone web-lr 64k;
server 127.0.0.1:3001;
}
upstream web_russia {
zone web-russia 64k;
server 127.0.0.1:4001;
}
upstream web_us {
zone web-us 64k;
server 127.0.0.1:5001;
}
upstream web_default {
zone web-default 64k;
server 127.0.0.1:6001;
}
server {
status_zone web-lr-backend;
listen 3001;
location / {
return 200 "GeoIP has matched this request to a LR country code.
http_x_realip:\t $http_x_real_ip\n
http_x_forwarded_for:\t $http_x_forwarded_for\n
geoip_country_code:\t $geoip_country_code\n";
}
}
server {
status_zone web-russia-backend;
listen 4001;
location / {
return 200 "GeoIP has matched this request to a RU country code.
http_x_realip:\t $http_x_real_ip\n
http_x_forwarded_for:\t $http_x_forwarded_for\n
geoip_country_code:\t $geoip_country_code\n";
}
}
server {
status_zone web-us-backend;
listen 5001;
location / {
return 200 "GeoIP has matched this request to a US country code.\n
http_x_realip:\t $http_x_real_ip\n
http_x_forwarded_for:\t $http_x_forwarded_for\n
geoip_country_code:\t $geoip_country_code\n";
}
}
server {
status_zone web-default-backend;
listen 6001;
location / {
return 200 "NGINX has routed this request to the default site.\n
http_x_realip:\t $http_x_real_ip\n
http_x_forwarded_for:\t $http_x_forwarded_for\n
geoip_country_code:\t $geoip_country_code\n";
}
}
server {
status_zone nginx-frontend;
listen 80;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-GeoIP-Country-Code $geoip_country_code;
real_ip_header X-Forwarded-For;
proxy_pass http://$upstream;
}
}
server {
listen 8080;
status_zone status-page;
root /usr/share/nginx/html;
location = /status.html { }
location = /status-old.html { }
location = / {
return 301 /status.html;
}
location /status {
status;
status_format json;
access_log off;
}
location /upstream_conf {
upstream_conf;
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment