Verified Commit 2c05e51b authored by Jelle van der Waa's avatar Jelle van der Waa 🚧
Browse files

Switch over to geipupdate for GeoIP database



The geoip2-database package no longer contains database anymore and an
account is required. The database is now downloaded with a registered
API key in the vault.
Signed-off-by: Jelle van der Waa's avatarJelle van der Waa <jelle@vdwaa.nl>
parent b755f10b
...@@ -198,6 +198,13 @@ The following steps should be used to update our managed servers: ...@@ -198,6 +198,13 @@ The following steps should be used to update our managed servers:
#### Services: #### Services:
- ~/user/ webhost - ~/user/ webhost
## mirror.pkgbuild.com
### Services
- Load balancer for PIA mirrors across the world. Uses Maxmind's GeoIP City
database for routing users to their nearest mirror. Account information is
stored in the ansible vault.
## Ansible repo workflows ## Ansible repo workflows
### Replace vault password and change vaulted passwords ### Replace vault password and change vaulted passwords
......
$ANSIBLE_VAULT;1.1;AES256
65343132353033393337636433393062303565656439373666313138353965366637653966306632
3132373731326265613864623832386438373361613431620a366338383065643931346534633965
39646165316666326237363830343833656132343634356365643865643862353632626466653833
3139313736326333640a386230393633653337303162636330363164663837343134393436323432
32316434373637363332313739363834663862653338646238643861343231616335666265616466
31386132363334663739623539323766316635626366653263636131653365666337353632643063
33376533346565366238303665303463386631326662373934363533353532313361396333343465
62326233356435636535326438356164346534666630636663613162363165326664393934623532
66326237383966643337316430386536353565626636366633333063393332333037643536616366
35306264363535653133316464386563396334353939643731613363303731636164326565353264
31666631633864633232633835383432666335666266306634396633656364376337653631373136
32616436343735363830363363326665323565633662366631356530336265303937343538626365
34653934616235333331666238613762646537333861666266356462376330383333
--- ---
- name: install nginx-mod-geoip2 - name: install nginx-mod-geoip2
pacman: name=nginx-mod-geoip2,geoip2-database state=present pacman: name=nginx-mod-geoip2,geoipupdate state=present
- name: install geoipupdate config
template: src=GeoIP.conf.j2 dest=/etc/GeoIP.conf owner=root group=root mode=0644
notify:
- name: install mirror.pkgbuild.com.conf - name: install mirror.pkgbuild.com.conf
template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/mirror.pkgbuild.com.conf owner=root group=root mode=0644 template: src=nginx.d.conf.j2 dest=/etc/nginx/nginx.d/mirror.pkgbuild.com.conf owner=root group=root mode=0644
...@@ -17,3 +21,6 @@ ...@@ -17,3 +21,6 @@
- name: make nginx log dir - name: make nginx log dir
file: path=/var/log/nginx/{{ mirror_domain }} state=directory owner=root group=root mode=0755 file: path=/var/log/nginx/{{ mirror_domain }} state=directory owner=root group=root mode=0755
- name: enable geoipupdate timer
systemd: name=geoipupdate.timer enabled=yes state=started
AccountID {{ vault_mirror_maxmind_id }}
LicenseKey {{ vault_mirror_maxmind_license }}
EditionIDs GeoLite2-City
geoip2 /usr/share/GeoIP/GeoLite2-City.mmdb { geoip2 /var/lib/GeoIP/GeoLite2-City.mmdb {
$geoip2_data_continent_name continent names en; $geoip2_data_continent_name continent names en;
} }
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment