娃哈哈好喝所需要软件包:
nginx下载地址:
https://github.com/nginx/nginx
libmaxminddb下载地址:(可以不下载,geoip模块中已经包含了)
https://github.com/maxmind/libmaxminddb
nginx-geoip2-master下载地址:
https://github.com/ar414-com/nginx-geoip2
测试系统版本:CentOS Linux release 7.6.1810 (Core)
1、安装libmaxminddb
下载的nginx-geoip2-master.zip里包含了libmaxminddb,所以就不需要重复下载了,如果没有再单独下载
[root@centos dl]# unzip nginx-geoip2-master.zip
[root@centos dl]# cd nginx-geoip2-master/
[root@centos nginx-geoip2-master]# ls
GeoLite2-City_20200519.tar.gz libmaxminddb-1.3.2.tar.gz README.md
GeoLite2-Country_20200519.tar.gz ngx_http_geoip2_module tests
[root@centos nginx-geoip2-master]# tar -zxvf libmaxminddb-1.3.2.tar.gz
[root@centos nginx-geoip2-master]# ls
GeoLite2-City_20200519.tar.gz libmaxminddb-1.3.2 ngx_http_geoip2_module tests
GeoLite2-Country_20200519.tar.gz libmaxminddb-1.3.2.tar.gz README.md
[root@centos nginx-geoip2-master]# cd libmaxminddb-1.3.2/
[root@centos libmaxminddb-1.3.2]# ./configure && make && make
[root@centos libmaxminddb-1.3.2]# ldconfig
#返回到上级目录
[root@centos libmaxminddb-1.3.2]# cd ..
[root@centos nginx-geoip2-master]# ls
GeoLite2-City_20200519.tar.gz libmaxminddb-1.3.2 ngx_http_geoip2_module tests
GeoLite2-Country_20200519.tar.gz libmaxminddb-1.3.2.tar.gz README.md
[root@centos nginx-geoip2-master]# tar -zxvf GeoLite2-City_20200519.tar.gz
GeoLite2-City_20200519/
GeoLite2-City_20200519/README.txt
GeoLite2-City_20200519/COPYRIGHT.txt
GeoLite2-City_20200519/GeoLite2-City.mmdb
GeoLite2-City_20200519/LICENSE.txt
[root@centos nginx-geoip2-master]# tar -zxvf GeoLite2-Country_20200519.tar.gz
GeoLite2-Country_20200519/
GeoLite2-Country_20200519/COPYRIGHT.txt
GeoLite2-Country_20200519/GeoLite2-Country.mmdb
GeoLite2-Country_20200519/LICENSE.txt
#创建/data/geoip目录,不一定要放在这里,哪里都可以
[root@centos nginx-geoip2-master]# mkdir /data/geoip
[root@centos nginx-geoip2-master]# cp GeoLite2-City_20200519/GeoLite2-City.mmdb /data/geoip/
[root@centos nginx-geoip2-master]# cp GeoLite2-Country_20200519/GeoLite2-Country.mmdb /data/geoip/
#创建nginx的module目录,将所有模块放在module中
[root@centos nginx-geoip2-master]# mkdir -p /data/nginx/module
[root@centos nginx-geoip2-master]# cp -R ngx_http_geoip2_module/ /data/nginx/module/
[root@centos nginx-geoip2-master]#
测试libmaxminddb和ip数据库是否配置正确
[root@centos ~]# mmdblookup --file /data/geoip/GeoLite2-Country.mmdb --ip 8.8.8.8
{
"continent":
{
"code":
"NA" <utf8_string>
"geoname_id":
6255149 <uint32>
"names":
{
"de":
"Nordamerika" <utf8_string>
"en":
"North America" <utf8_string>
"es":
"Norteamérica" <utf8_string>
"fr":
"Amérique du Nord" <utf8_string>
"ja":
"北アメリカ" <utf8_string>
"pt-BR":
"América do Norte" <utf8_string>
"ru":
"Северная Америка" <utf8_string>
"zh-CN":
"北美洲" <utf8_string>
}
}
"country":
{
"geoname_id":
6252001 <uint32>
"iso_code":
"US" <utf8_string>
"names":
{
"de":
"USA" <utf8_string>
"en":
"United States" <utf8_string>
"es":
"Estados Unidos" <utf8_string>
"fr":
"États-Unis" <utf8_string>
"ja":
"アメリカ合衆国" <utf8_string>
"pt-BR":
"Estados Unidos" <utf8_string>
"ru":
"США" <utf8_string>
"zh-CN":
"美国" <utf8_string>
}
}
"registered_country":
{
"geoname_id":
6252001 <uint32>
"iso_code":
"US" <utf8_string>
"names":
{
"de":
"USA" <utf8_string>
"en":
"United States" <utf8_string>
"es":
"Estados Unidos" <utf8_string>
"fr":
"États-Unis" <utf8_string>
"ja":
"アメリカ合衆国" <utf8_string>
"pt-BR":
"Estados Unidos" <utf8_string>
"ru":
"США" <utf8_string>
"zh-CN":
"美国" <utf8_string>
}
}
}
[root@centos ~]#
# --ip 后面可以接json对应的tag
例如
mmdblookup --file /home/user/GeoIP/GeoLite2-City_20210406/GeoLite2-City.mmdb --ip 1.1.1.1 country names en
"China" <utf8_string>
mmdblookup --file /home/user/GeoIP/GeoLite2-City_20210406/GeoLite2-City.mmdb --ip 1.1.1.1 city names zh-CN
"深圳市" <utf8_string>
2、安装nginx
[root@centos dl]# tar -zxvf nginx-release-1.20.0.tar.gz
[root@centos nginx-release-1.20.0]# ls
auto conf contrib docs Makefile misc objs src
#configure文件在auto下面,但不能在auto下执行
#在最后加入geoip模块的路径,这里是安装在/data/nginx目录下
[root@centos nginx-release-1.20.0]# ./auto/configure --user=nginx --group=nginx --prefix=/data/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_v2_module --with-http_image_filter_module --with-http_gzip_static_module --with-http_gunzip_module --with-stream --with-stream_ssl_module --with-http_sub_module --with-http_flv_module --with-http_addition_module --with-http_realip_module --with-http_mp4_module --with-pcre --add-module=/data/nginx/module/ngx_http_geoip2_module
[root@centos nginx-release-1.20.0]# make && make install
3、配置nginx
打开nginx.conf文件,添加如下内容:
http {
include mime.types;
default_type application/octet-stream;
#下面这段添加在http段中,不能写在server中
geoip2 /data/geoip/GeoLite2-Country.mmdb {
$geoip2_country_code source=$remote_addr country iso_code;
}
geoip2 /data/geoip/GeoLite2-City.mmdb {
$geoip2_city_names location time_zone;
}
#map的功能是将前面的值赋给后面的变量
map $geoip2_country_code $allowed_country {
default yes;
CN yes;
US no;
}
…………………
4、配置站点
server{
listen 80;
server_name www.loki.cc loki.cc;
#常用方法
if ($geoip2_data_country_code != CN ) {
return 403;
}
#搭配map用法
if ($allowed_country = no) {
return 403;
}
location / {
root /data/html/loki;
index index.html;
}
access_log /var/log/nginx/loki.log;
}