-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enhanced Playbook #3
base: master
Are you sure you want to change the base?
Conversation
Tested on ``` DISTRIB_ID=Ubuntu DISTRIB_RELEASE=22.04 DISTRIB_CODENAME=jammy DISTRIB_DESCRIPTION="Ubuntu 22.04.3 LTS" PRETTY_NAME="Ubuntu 22.04.3 LTS" ```
Oh nice, thanks for the contributions. As soon as I have a chance to review I'll look to merge these. In the past I've kept things a little more enterprise linux orientated than ubuntu, but these days I'm keen to have support and use both. |
In order to compile with the http geoip module I needed to add the following to the Debian pre-reqs:
Do you know if this the preferred library to use for this ? Perhaps there are better ones with better databases of locations etc ? There are existing pre-req packages which are providing a libmaxminddb library ? |
Yes, i changes the libgeoip-dev to libmaxminddb cause it's have more wider community support. |
Ok, so maybe line 62 of task/compile.yml should be ?
instead of:
Then download and compile mod-geoip2 in a similar fashion to as we doing for modsecurity ? Or have it installed from a repo package, such as libnginx-mod-http-geoip2 for ubuntu (but that assumes you are using ubuntu packages for nginx, not the official repo. Unless I have missed something ? |
So, to use MaxMind GeoIP inside the nginx configuration we need It's only going to be available if we are enabling the Enables building the ngx_http_geoip_module module that creates variables depending on the client IP address and the precompiled MaxMind databases. This module is not built by default. |
On a freshly built VM and using the role from your repo there is an error which stops the role from finishing:
I can either not enable the module or install the old library, either of these work to allow the role to complete. What changes would you recommend ? If using nginx from Ubuntu repos, there is a package named "libnginx-mod-http-geoip2" which provides a GeoIP2 module. Otherwise building it from source looks like it will want this code: https://github.com/leev/ngx_http_geoip2_module |
I've tested with building the GeoIP2 module from source, it wasn't much to add to the role. I assume nginx configuration to use GeoIP2 is actually a little different to using GeoIP ? |
Hello, yes forget to mention we need the |
I've made some changes which incorporated most of your updates/fixes. This role now has options to build the GeoIP and/or the MaxMind Nginx modules :) For anyone, please let me know if you find any issues since these changes. |
Hey there,
Hope you're doing well! Just wanted to say thanks for creating these playbooks – they're really great.
By the way, I made some tweaks to get them up and running with Ubuntu 22.04.3 LTS. Everything seems to work smoothly on my end. Here’s the setup I used for testing:
Cheers 🍻