nginx根据ip的地理位置进行转发代理(GeoIP2)

nginx要获取到ip地理位置,需要在nginx引用第三方ngx_http_geoip2_module模块,而ngx_http_geoip2_module模块依赖libmaxminddb;另外ip对应的地理位置离线的需要从GeoIP2站点上下载下来;最后在nginx.conf文件中引用ngx_http_geoip2_module模块,配置离线数据库才可以获取地理位置

nginx日志中的效果图
image

一、安装libmaxminddb

#下载包
wget https://github.com/maxmind/libmaxminddb/releases/download/1.7.1/libmaxminddb-1.7.1.tar.gz
tar -zxvf libmaxminddb-1.7.1.tar.gz
cd libmaxminddb-1.7.1/
#安装
./configure
make
make check
make install
#编译安装完成后需要将库的安装位置添加到系统路径中
sh -c "echo /usr/local/lib  >> /etc/ld.so.conf.d/local.conf"
ldconfig

二、nginx添加ngx_http_geoip2_module模块

下载地址:https://github.com/leev/ngx_http_geoip2_module/releases
tar -zxvf ngx_http_geoip2_module-3.4.tar.gz
mv ngx_http_geoip2_module-3.4 /usr/local/src/ngx_http_geoip2_module
#备份原来的编译后的nginx
cp -r /usr/local/nginx /usr/local/nginx_bak20230818
#进入源代码文件目录下重新安装
cd /usr/local/nginx-1.20.2
./configure --prefix=/usr/local/nginx --with-http_ssl_module --add-module=/usr/local/src/ngx_http_geoip2_module
make
#将编译后的nginxc程序复制到/usr/local/nginx/sbin目录下替换原来的nginx程序
cp objs/nginx /usr/local/nginx/sbin/nginx
#查看geoip模块是否添加成功
/usr/local/nginx/sbin/nginx -V

三、下载IP离线数据库,GeoIP2-Country和GeoIP2-City

1. 输入网址进入https://www.maxmind.com/


2. 进入下载页面
image


image


3.注册用户
image


4. 再次进入到刚才注册用户的界面,点击Download Files
image


image


四、nginx配置

引入geoip2

##
# GeoIP Setting
##

# 国家数据库
geoip2 /usr/local/nginx/conf/GeoLite2-Country.mmdb {
    #国家代码
    $geoip2_data_country_code default=China source=$remote_addr country iso_code;
    #国家名称
    $geoip2_data_country_name country names en;
    #洲代码
    $geoip2_data_continent_code continent code;
    #洲名称
    $geoip2_data_continent_name continent names en;
}
# 城市数据库
geoip2 /usr/local/nginx/conf/GeoLite2-City.mmdb {
    #城市名称
    $geoip2_data_city_name city names en;
    #省份代码
    $geoip2_data_province_code subdivisions 0 iso_code;
    #省份名称
    $geoip2_data_province_name subdivisions 0 names en;
}

日志输出ip属地

 log_format  country '$remote_addr "$geoip2_data_country_name" "$geoip2_data_city_name" "$geoip2_data_province_name" "$time_local" "$request" '
                         '$status $body_bytes_sent "$http_referer" '
                         '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  logs/access.log  country;

完整配置

http {
    geoip2 /usr/local/nginx/conf/GeoLite2-Country.mmdb {
        $geoip2_data_country_code default=China source=$remote_addr country iso_code;
        $geoip2_data_country_name country names en;
        $geoip2_data_continent_code continent code;
        $geoip2_data_continent_name continent names en;
    }
    geoip2 /usr/local/nginx/conf/GeoLite2-City.mmdb {
        $geoip2_data_city_name city names en;
        $geoip2_data_province_code subdivisions 0 iso_code;
        $geoip2_data_province_name subdivisions 0 names en;
    }

    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;
    log_format  country '$remote_addr "$geoip2_data_country_name" "$geoip2_data_city_name" "$geoip2_data_province_name" "$time_local" "$request" '
                         '$status $body_bytes_sent "$http_referer" '
                         '"$http_user_agent" "$http_x_forwarded_for"';
    access_log  logs/access.log  country;

记录用、nginx添加http_geoip_module模块

  1. 查看当前nginx已经安装的模块
    /usr/local/nginx/sbin/nginx -V
    image
    发现原来安装的配置是这个--prefix=/usr/local/nginx --with-http_ssl_module
    将原来配置后面再加一个geoip模块 --with-http_geoip_module
    安装命令变成了 ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_geoip_module
  2. nginx添加geoip模块
    #备份原来的编译后的nginx
    cp -r /usr/local/nginx /usr/local/nginx_bak20230818
    #进入源代码文件目录下重新安装
    cd /usr/local/nginx-1.20.2
    ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_geoip_module
    make
    #将编译后的nginxc程序复制到/usr/local/nginx/sbin目录下替换原来的nginx程序
    cp objs/nginx /usr/local/nginx/sbin/nginx
    #查看geoip模块是否添加成功
    /usr/local/nginx/sbin/nginx -V
    
    image

参考:https://blog.awolon.fun/archives/nginx-record-geoip-data.html
https://github.com/leev/ngx_http_geoip2_module
https://www.pianshen.com/article/39572688425/
https://m.php.cn/faq/557270.html

posted @ 2023-08-18 17:58  tongyongliang  阅读(1130)  评论(0编辑  收藏  举报