pangolin_mirror/docs-v2
1
0
Fork 0
mirror of https://github.com/fosrl/docs-v2.git synced 2026-02-07 21:46:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
0ec73abcf3a55128ef2ca6eccbcfe6e643b49543
docs-v2/self-host/community-guides/geolite2automation.mdx
Thomas Wilde 0ec73abcf3 Add ASN blocking documentation and configuration guides 
- Add manage/asnblocking.mdx documentation page covering ASN-based access control
  - Explains benefits of blocking by Autonomous System Number
  - Documents common ASNs (cloud providers, ISPs, VPN services, CDNs)
  - Provides configuration patterns for VPN/proxy blocking, datacenter filtering
  - Includes manual ASN entry support and ASN lookup resources

- Add self-host/advanced/enable-asnblocking.mdx setup guide
  - Documents GeoLite2-ASN database installation steps
  - Includes config.yml parameter (maxmind_asn_db_path)
  - Mirrors enable-geoblocking.mdx structure for consistency

- Update docs.json navigation
  - Add asnblocking to Access Control group (after geoblocking)
  - Add enable-asnblocking to Advanced Configuration section

- Update self-host/community-guides/geolite2automation.mdx
  - Add GeoLite2-ASN to GEOIPUPDATE_EDITION_IDS
  - Add maxmind_asn_path configuration example
  - Update text to reference both geoblocking and ASN blocking features
2025-12-22 10:11:50 -05:00

112 lines
4.6 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
---
title: "GeoLite2 Automation"
description: "A simple automation to download & update your GeoLite2 databases with geoipupdate"
---
<Note>
This is a community guide and is not officially supported. If you have any issues, please reach out to the [author](https://github.com/txwgnd).
</Note>
This automation lets your system automatically download & upgrade the `GeoLite2-Country` and `GeoLite2-ASN` databases from Maxmind to use for geoblocking and ASN blocking on your Pangolin host. It's utilizing Maxmind's [geoipupdate](https://github.com/maxmind/geoipupdate/tree/main) Docker container to achieve this.
Maxmind's service is free of charge for development, personal or community use. [Quote](https://support.maxmind.com/knowledge-base/articles/create-a-maxmind-account#h_01G4G4NG5C63BQ6HRG6MSS50T3)
# Table of Contents
1. **[Requirements](#1-requirements)**
2. **[Maxmind Account](#2-maxmind-account)**
3. **[API key creation](#3-api-key-creation)**
4. **[Modification of Pangolin's `docker-compose.yml`](#4-modification-of-pangolins-docker-compose-yml)**
5. **[Modification of Pangolin's `config.yml`](#5-modification-of-pangolins-config-yml)**
## 1. Requirements
* A Maxmind account for API access
* Pangolin version 1.11.0 or higher
## 2. Maxmind Account
To be able to use Maxmind's service you need to request access to the GeoLite2 databases and create an account on their [website](https://www.maxmind.com/en/geolite2/signup?utm_source=kb&utm_medium=kb-link&utm_campaign=kb-create-account).
After you successfully created an account visit the mainpage again and login to your new account.
## 3. API key creation
The next step is to create an API key for `geoipupdate`. You'll find an entry called `Manage license keys` in the menu on the left side. Head to this page and click on `Generate new license key`.
<Frame caption="Maxmind's Manage license keys page">
<img src="/images/maxmind_manage-license-keys.jpeg" alt="Maxmind's Manage license keys page" />
</Frame>
Give your new key a name. E.g. `Pangolin`.
<Frame caption="Choose a name for the key">
<img src="/images/maxmind_create-key-page.jpeg" alt="Maxmind's key creation page" />
</Frame>
After your key got created the webpage will show you your Account ID as well as the API key. Save the key now because it can only be seen once. Don't panic if something goes wrong, you can easily create new keys.
<Frame caption="Key successfully created">
<img src="/images/maxmind_key-created.jpeg" alt="The key got created successfully" />
</Frame>
After you clicked on `Return to list` you should see an overview of your keys bundled with some metadata.
## 4. Modification of Pangolin's `docker-compose.yml`
Now login to your Pangolin host and navigate to `/pangolin` in your user directory:
```bash
cd pangolin
```
Shut down Pangolin with:
```bash
docker compose down
```
Open `docker-compose.yml` with your favorite text editor.
E.g. nano:
```bash
nano docker-compose.yml
```
Append this Docker compose service at the end of your stack and add your Account ID as well as your API key you created in the last step:
```yaml
services:
(...)
geoipupdate:
container_name: geoipupdate
image: ghcr.io/maxmind/geoipupdate
restart: unless-stopped
environment:
- 'GEOIPUPDATE_ACCOUNT_ID=' # Account ID
- 'GEOIPUPDATE_LICENSE_KEY=' # API key
- 'GEOIPUPDATE_EDITION_IDS=GeoLite2-Country GeoLite2-ASN' # Which dbs should be downloaded
- 'GEOIPUPDATE_FREQUENCY=72' # Update intervall in hours
volumes:
- './config/GeoLite2:/usr/share/GeoIP'
```
#### Note
If you use the standard Pangolin deployment you shouldn't need to modify the path.
This is the bare minimum to run the container. There are other optional environment variables available. Have a look at their [docs](https://dev.maxmind.com/geoip/updating-databases/?lang=en)!
Save and close the file, but don't restart the stack yet!
## 5. Modification of Pangolin's config.yml
Navigate to `/config` within the same folder and open it with a text editor.
```bash
cd config
```
Add these lines to the `server` object
```yaml
server:
maxmind_db_path: "./config/GeoLite2/GeoLite2-Country.mmdb"
maxmind_asn_path: "./config/GeoLite2/GeoLite2-ASN.mmdb"
```
These entries tell the Pangolin application where to find the databases.
Save and close the file then navigate to the `pangolin` folder one level higher.
Restart your Pangolin stack with:
```bash
docker compose up -d
```
Et voilà, you are now able to define country rules and ASN rules for your ressources! 🏁
btw: you can use these exact databases for your Traefik dashboard too -> [Community Guide](/self-host/community-guides/traefiklogsdashboard)
Reference in New Issue View Git Blame Copy Permalink