Question 82913 in Docker Question posted in
The official documentation can be found here.

Nginx geoip does not show the country in the logs – Docker

I am using a public repo for nginx configured for geolocation with geoip, but I am getting dashes in the fields $geoip2_data_country_code $geoip2_data_country_name'. I have the following Dockerfile:

FROM alpine:3.11

COPY GeoLite2-Country.mmdb /usr/share/geoip/

# Install libmaxminddb and ngx_http_geoip2_module

ENV MAXMIND_VERSION=1.2.1

RUN set -x 
  && apk add --no-cache --virtual .build-deps 
    alpine-sdk 
    perl 
  && git clone https://github.com/leev/ngx_http_geoip2_module /ngx_http_geoip2_module 
  && wget https://github.com/maxmind/libmaxminddb/releases/download/${MAXMIND_VERSION}/libmaxminddb-${MAXMIND_VERSION}.tar.gz 
  && tar xf libmaxminddb-${MAXMIND_VERSION}.tar.gz 
  && cd libmaxminddb-${MAXMIND_VERSION} 
  && ./configure 
  && make 
  && make check 
  && make install 
  && apk del .build-deps

# TODO fix issue with non zero return code

RUN ldconfig || :

# Install nginx

ENV NGINX_VERSION 1.15.11

RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 
    && CONFIG="
        --prefix=/etc/nginx 
        --sbin-path=/usr/sbin/nginx 
        --modules-path=/usr/lib/nginx/modules 
        --conf-path=/etc/nginx/nginx.conf 
        --error-log-path=/var/log/nginx/error.log 
        --http-log-path=/var/log/nginx/access.log 
        --pid-path=/var/run/nginx.pid 
        --lock-path=/var/run/nginx.lock 
        --http-client-body-temp-path=/var/cache/nginx/client_temp 
        --http-proxy-temp-path=/var/cache/nginx/proxy_temp 
        --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp 
        --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp 
        --http-scgi-temp-path=/var/cache/nginx/scgi_temp 
        --user=nginx 
        --group=nginx 
        --with-http_ssl_module 
        --with-http_realip_module 
        --with-http_addition_module 
        --with-http_sub_module 
        --with-http_dav_module 
        --with-http_flv_module 
        --with-http_mp4_module 
        --with-http_gunzip_module 
        --with-http_gzip_static_module 
        --with-http_random_index_module 
        --with-http_secure_link_module 
        --with-http_stub_status_module 
        --with-http_auth_request_module 
        --with-http_xslt_module=dynamic 
        --with-http_image_filter_module=dynamic 
        --with-http_geoip_module=dynamic 
        --with-threads 
        --with-stream 
        --with-stream_ssl_module 
        --with-stream_ssl_preread_module 
        --with-stream_realip_module 
        --with-stream_geoip_module=dynamic 
        --with-http_slice_module 
        --with-mail 
        --with-mail_ssl_module 
        --with-compat 
        --with-file-aio 
        --with-http_v2_module 
    --add-dynamic-module=/ngx_http_geoip2_module 
    " 
    && addgroup -S nginx 
    && adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx 
    && apk add --no-cache --virtual .build-deps 
        gcc 
        libc-dev 
        make 
        openssl-dev 
        pcre-dev 
        zlib-dev 
        linux-headers 
        curl 
        gnupg1 
        libxslt-dev 
        gd-dev 
        geoip-dev 
    && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz 
    && curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc  -o nginx.tar.gz.asc 
    && export GNUPGHOME="$(mktemp -d)" 
    && found=''; 
    for server in 
        ha.pool.sks-keyservers.net 
        hkp://keyserver.ubuntu.com:80 
        hkp://p80.pool.sks-keyservers.net:80 
        pgp.mit.edu 
    ; do 
        echo "Fetching GPG key $GPG_KEYS from $server"; 
        gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; 
    done; 
    test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; 
    gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz 
    && rm -rf "$GNUPGHOME" nginx.tar.gz.asc 
    && mkdir -p /usr/src 
    && tar -zxC /usr/src -f nginx.tar.gz 
    && rm nginx.tar.gz 
    && cd /usr/src/nginx-$NGINX_VERSION 
    && ./configure $CONFIG --with-debug 
    && make -j$(getconf _NPROCESSORS_ONLN) 
    && mv objs/nginx objs/nginx-debug 
    && mv objs/ngx_http_xslt_filter_module.so objs/ngx_http_xslt_filter_module-debug.so 
    && mv objs/ngx_http_image_filter_module.so objs/ngx_http_image_filter_module-debug.so 
    && mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so 
    && mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so 
    && ./configure $CONFIG 
    && make -j$(getconf _NPROCESSORS_ONLN) 
    && make install 
    && rm -rf /etc/nginx/html/ 
    && mkdir /etc/nginx/conf.d/ 
    && mkdir -p /usr/share/nginx/html/ 
    && install -m644 html/index.html /usr/share/nginx/html/ 
    && install -m644 html/50x.html /usr/share/nginx/html/ 
    && install -m755 objs/nginx-debug /usr/sbin/nginx-debug 
    && install -m755 objs/ngx_http_xslt_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_xslt_filter_module-debug.so 
    && install -m755 objs/ngx_http_image_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_image_filter_module-debug.so 
    && install -m755 objs/ngx_http_geoip_module-debug.so /usr/lib/nginx/modules/ngx_http_geoip_module-debug.so 
    && install -m755 objs/ngx_stream_geoip_module-debug.so /usr/lib/nginx/modules/ngx_stream_geoip_module-debug.so 
    && ln -s ../../usr/lib/nginx/modules /etc/nginx/modules 
    && strip /usr/sbin/nginx* 
    && strip /usr/lib/nginx/modules/*.so 
    && rm -rf /usr/src/nginx-$NGINX_VERSION 
    
    # Bring in gettext so we can get `envsubst`, then throw
    # the rest away. To do this, we need to install `gettext`
    # then move `envsubst` out of the way so `gettext` can
    # be deleted completely, then move `envsubst` back.
    && apk add --no-cache --virtual .gettext gettext 
    && mv /usr/bin/envsubst /tmp/ 
    
    && runDeps="$( 
        scanelf --needed --nobanner --format '%n#p' /usr/sbin/nginx /usr/lib/nginx/modules/*.so /tmp/envsubst 
            | tr ',' 'n' 
            | sort -u 
            | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' 
    )" 
    && apk add --no-cache --virtual .nginx-rundeps $runDeps 
    && apk del .build-deps 
    && apk del .gettext 
    && mv /tmp/envsubst /usr/local/bin/ 
    
    # Bring in tzdata so users could set the timezones through the environment
    # variables
    && apk add --no-cache tzdata 
    
    # forward request and error logs to docker log collector
    && ln -sf /dev/stdout /var/log/nginx/access.log 
    && ln -sf /dev/stderr /var/log/nginx/error.log

COPY nginx.conf /etc/nginx/nginx.conf
COPY nginx.vh.default.conf /etc/nginx/conf.d/default.conf

EXPOSE 80

STOPSIGNAL SIGTERM

CMD ["nginx", "-g", "daemon off;"]

And the two files nginx.conf:

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

load_module modules/ngx_http_geoip2_module.so; # GeoIP2

events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    # GeoIP2
    geoip2 /usr/share/geoip/GeoLite2-Country.mmdb {
        $geoip2_data_country_code source=$remote_addr country iso_code;
        $geoip2_data_country_name source=$remote_addr country names en;
    }

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    # GeoIP2
    log_format  main_geo  '$remote_addr - $remote_user [$time_local] "$request" '
                          '$status $body_bytes_sent "$http_referer" '
                          '"$http_user_agent" "$http_x_forwarded_for" '
                          '$geoip2_data_country_code $geoip2_data_country_name';

    access_log  /var/log/nginx/access.log  main_geo; # GeoIP2

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

And nginx.vh.default.conf:

server {
    listen       80;
    server_name  localhost;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

}

According to this page if I do docker run --rm -p 80:80 bubelov/nginx-alpine-geoip2 then I will get the correct log:

183.88.21.120 - - [16/Apr/2019:09:08:55 +0000] "GET / HTTP/1.1" 
200 612 "-" 
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:66.0) Gecko/20100101 Firefox/66.0" "-" 
TH Thailand

But in my case it is the following:

192.168.3.1 - - [15/Jun/2022:10:46:11 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36" "10.0.8.83" - -

The actual nginx configuration file is the following:

events{}
# See blow link for Creating NGINX Plus and NGINX Configuration Files 
# https://docs.nginx.com/nginx/admin-guide/basic-functionality/managing-configuration-files/
http {
    include /etc/nginx/mime.types;
    default_type  application/octet-stream;

    # The identifier Backend is internal to nginx, and used to name this specific upstream
    upstream backend {
    # BACKEND_HOST is the internal DNS name used by the Backend Service inside the Kubernetes cluster 
    # or in the services list of the docker-compose. 
    server ${BACKEND_HOST}:${BACKEND_PORT};
    }
    server {
        listen ${NODE_PORT};
        root /usr/share/nginx/html;
        index index.html;
        location / {
        try_files $uri $uri/ /index.html;
        }
        location /api/ {
        resolver 127.0.0.11; 
        #nginx will not crash if host is not found    
        # The following statement will proxy traffic to the upstream
        proxy_pass http://backend;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
    }
}
Tags:

2

Answers


  1. 0

    Wait a second, your IP 192.168.3.1 is a private one. So it can not have a location identified.

    > mmdblookup --file GeoLite2-Country.mmdb --ip 192.168.3.1

Could not find an entry for this IP address (192.168.3.1)

    More on IP ranges: https://www.arin.net/reference/research/statistics/address_filters/

    Login or Signup to reply.
  2. 0

    Below is the list of Private Network Subnets. Inside your VPN (Virtual Private Network) network admins can assign any subnet to any location.

    RFC 1918 name   IP address range    Number of addresses     Largest CIDR block (subnet mask)    Host ID size    Mask bits   Classful description[Note 1]
24-bit block    10.0.0.0 – 10.255.255.255   16777216    10.0.0.0/8 (255.0.0.0)  24 bits     8 bits  single class A network
20-bit block    172.16.0.0 – 172.31.255.255     1048576     172.16.0.0/12 (255.240.0.0)     20 bits     12 bits     16 contiguous class B networks
16-bit block    192.168.0.0 – 192.168.255.255   65536   192.168.0.0/16 (255.255.0.0)    16 bits     16 bits     256 contiguous class C networks

    Only Public IP addresses can be found in GeoLite2-Country.mmdb. That’s why the your IP 192.168.3.1 does not return any location.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search