Google+ Followers

2016年9月8日 星期四

Ansible 筆記 - 設定 Nginx 啟用 片段程式 @ Ubuntu 14.0

其實該寫成 Ansible Role 的,但一時之間有點懶,先把練習的片段紀錄一下。

安裝 nginx-module-geoip:

$ cat geoip-nginx.yml
    - name: install geoip packages
      apt: name={{ item }} update_cache=yes state=latest
        - nginx-module-geoip
      when: install_package is defined and install_package

    - name: check maxmind db -
      command: bash -c 'test -e /data/GeoIP.dat || curl | gunzip - > /data/GeoIP.dat'

    - name: check maxmind db -
      command: bash -c 'test -e /data/GeoLiteCity.dat || curl | gunzip - > /data/GeoLiteCity.dat'

設定 nginx.conf:

$ cat server-deploy.yml
    - include: geoip-nginx.yml
    - name: setup nginx config file - add modules/
        dest: /etc/nginx/nginx.conf
        insertbefore: '^user '
        line: 'load_module "modules/";'

    - name: setup nginx config file - setup geoip resource path
        dest: /etc/nginx/nginx.conf
        insertafter: '^http {'
        line: '    geoip_country /data/GeoIP.dat; geoip_proxy; geoip_proxy; geoip_proxy_recursive on;'
        #line: '    geoip_city    /data/GeoLiteCity.dat;'

    - name: setup nginx file to enable geoip - update log format
        dest: /etc/nginx/nginx.conf
        regexp: ".*?http_user_agent.*?http_x_forwarded_for"
        line: "                      '\"$http_user_agent\" \"$http_x_forwarded_for\"' $geoip_country_code \"$geoip_country_name\" ;"

    - name: setup nginx file to enable geoip - add GEOIP_COUNTRY_CODE for FastCGI
        dest: /etc/nginx/fastcgi_params
        insertbefore: "^fastcgi_param QUERY_STRING"
        line: "fastcgi_param     GEOIP_COUNTRY_CODE $geoip_country_code;"

如此一來,產生的 nginx.conf 如下:

$ cat /etc/nginx/nginx.conf && sudo nginx -t

load_module "modules/";
user www-data;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/;

events {
    worker_connections  1024;

http {
    geoip_country /data/GeoIP.dat; geoip_proxy; geoip_proxy; geoip_proxy_recursive on;
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"' $geoip_country_code "$geoip_country_name" ;

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

查看 /var/log/nginx/access.log 就可以看到類似的範例:

.... CN,CHN,"China"
.... US,USA,"United States"


2016年9月7日 星期三

[Linux] Nginx 啟用 nginx-module-geoip @ Ubuntu 14.04

Nginx 從 1.9.1 起,支援 Dynamic Modules 囉,此例是想要使用 MaxMind 來進行 IP 反查,接著想說有沒有方便的整合方式,像是寫 PHP 就用 MaxMind PHP library 等。

接著,就先查一下自己的 nginx 情況吧!

$ nginx -V
nginx version: nginx/1.10.1
... 找關鍵字 ...

很 OK ,接著再裝一下 吧!

$ apt-cache search nginx-module-geoip
nginx-module-geoip - geoip module
$ sudo apt-get install nginx-module-geoip
The GeoIP dynamic module for nginx has been installed.
To enable this module, add the following to /etc/nginx/nginx.conf
and reload nginx:

    load_module modules/;

Please refer to the module documentation for further details:

下載 MaxMind 資料:

$ curl | gunzip - > /data/GeoIP.dat
$ curl | gunzip - > /data/GeoLiteCity.dat

設置 Nginx,把 load_module 擺在最前頭
$ sudo vim /etc/nginx/nginx.conf
load_module "modules/";

http {
    #geoip_country /data/GeoIP.dat;
    geoip_city    /data/GeoLiteCity.dat;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for" '
                      'GeoCountry[ "$geoip_country_name" "$geoip_country_code" "$geoip_country_code3" ] '
                      'GeoCity[ "$geoip_city_country_code" "$geoip_city_country_code3" "$geoip_city_country_name" ] '
                      'GeoLocation[ "$geoip_latitude" "$geoip_longitude" "$geoip_region" "$geoip_region_name" "$geoip_city" "$geoip_postal_code" ] '

    access_log  /var/log/nginx/access.log  main;

$ sudo service nginx reload

如此一來,就可以翻 /var/log/nginx/access.log 看看豐富的 GeoInfo 啦