nginx根据ip的地理位置进行转发代理(GeoIP2)
nginx要获取到ip地理位置,需要在nginx引用第三方ngx_http_geoip2_module模块,而ngx_http_geoip2_module模块依赖libmaxminddb;另外ip对应的地理位置离线的需要从GeoIP2站点上下载下来;最后在nginx.conf文件中引用ngx_http_geoip2_module模块,配置离线数据库才可以获取地理位置
nginx日志中的效果图
一、安装libmaxminddb
#下载包
wget https://github.com/maxmind/libmaxminddb/releases/download/1.7.1/libmaxminddb-1.7.1.tar.gz
tar -zxvf libmaxminddb-1.7.1.tar.gz
cd libmaxminddb-1.7.1/
#安装
./configure
make
make check
make install
#编译安装完成后需要将库的安装位置添加到系统路径中
sh -c "echo /usr/local/lib >> /etc/ld.so.conf.d/local.conf"
ldconfig
二、nginx添加ngx_http_geoip2_module模块
下载地址:https://github.com/leev/ngx_http_geoip2_module/releases
tar -zxvf ngx_http_geoip2_module-3.4.tar.gz
mv ngx_http_geoip2_module-3.4 /usr/local/src/ngx_http_geoip2_module
#备份原来的编译后的nginx
cp -r /usr/local/nginx /usr/local/nginx_bak20230818
#进入源代码文件目录下重新安装
cd /usr/local/nginx-1.20.2
./configure --prefix=/usr/local/nginx --with-http_ssl_module --add-module=/usr/local/src/ngx_http_geoip2_module
make
#将编译后的nginxc程序复制到/usr/local/nginx/sbin目录下替换原来的nginx程序
cp objs/nginx /usr/local/nginx/sbin/nginx
#查看geoip模块是否添加成功
/usr/local/nginx/sbin/nginx -V
三、下载IP离线数据库,GeoIP2-Country和GeoIP2-City
1. 输入网址进入https://www.maxmind.com/
2. 进入下载页面
3.注册用户
4. 再次进入到刚才注册用户的界面,点击Download Files
四、nginx配置
引入geoip2
##
# GeoIP Setting
##
# 国家数据库
geoip2 /usr/local/nginx/conf/GeoLite2-Country.mmdb {
#国家代码
$geoip2_data_country_code default=China source=$remote_addr country iso_code;
#国家名称
$geoip2_data_country_name country names en;
#洲代码
$geoip2_data_continent_code continent code;
#洲名称
$geoip2_data_continent_name continent names en;
}
# 城市数据库
geoip2 /usr/local/nginx/conf/GeoLite2-City.mmdb {
#城市名称
$geoip2_data_city_name city names en;
#省份代码
$geoip2_data_province_code subdivisions 0 iso_code;
#省份名称
$geoip2_data_province_name subdivisions 0 names en;
}
日志输出ip属地
log_format country '$remote_addr "$geoip2_data_country_name" "$geoip2_data_city_name" "$geoip2_data_province_name" "$time_local" "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log country;
完整配置
http {
geoip2 /usr/local/nginx/conf/GeoLite2-Country.mmdb {
$geoip2_data_country_code default=China source=$remote_addr country iso_code;
$geoip2_data_country_name country names en;
$geoip2_data_continent_code continent code;
$geoip2_data_continent_name continent names en;
}
geoip2 /usr/local/nginx/conf/GeoLite2-City.mmdb {
$geoip2_data_city_name city names en;
$geoip2_data_province_code subdivisions 0 iso_code;
$geoip2_data_province_name subdivisions 0 names en;
}
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
log_format country '$remote_addr "$geoip2_data_country_name" "$geoip2_data_city_name" "$geoip2_data_province_name" "$time_local" "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log country;
记录用、nginx添加http_geoip_module模块
- 查看当前nginx已经安装的模块
/usr/local/nginx/sbin/nginx -V
发现原来安装的配置是这个--prefix=/usr/local/nginx --with-http_ssl_module
将原来配置后面再加一个geoip模块 --with-http_geoip_module
安装命令变成了./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_geoip_module
- nginx添加geoip模块
#备份原来的编译后的nginx cp -r /usr/local/nginx /usr/local/nginx_bak20230818 #进入源代码文件目录下重新安装 cd /usr/local/nginx-1.20.2 ./configure --prefix=/usr/local/nginx --with-http_ssl_module --with-http_geoip_module make #将编译后的nginxc程序复制到/usr/local/nginx/sbin目录下替换原来的nginx程序 cp objs/nginx /usr/local/nginx/sbin/nginx #查看geoip模块是否添加成功 /usr/local/nginx/sbin/nginx -V
参考:https://blog.awolon.fun/archives/nginx-record-geoip-data.html
https://github.com/leev/ngx_http_geoip2_module
https://www.pianshen.com/article/39572688425/
https://m.php.cn/faq/557270.html