feat: update Caddyfile and Docker Compose for EchoIP service with improved IP header handling and database management

2025-03-26 15:54:34 +01:00 · 2025-03-26 15:54:34 +01:00 · eeae791f72
commit eeae791f72
parent 7d4b255b4c
3 changed files with 86 additions and 3 deletions
--- a/config/ansible/tasks/servers/services/caddy/Caddyfile.j2
+++ b/config/ansible/tasks/servers/services/caddy/Caddyfile.j2
@ -65,9 +65,10 @@ fladder.mvl.sh {

 ip.mvl.sh {
    reverse_proxy echoip:8080 {
-        header_up X-Real-IP {remote}
-        header_up X-Forwarded-For {remote}
+        header_up X-Real-IP {http.request.remote.host}
+        header_up X-Forwarded-For {http.request.remote.host}
        header_up X-Forwarded-Proto {scheme}
+        header_up X-Forwarded-Host {host}
    }
    tls {{ caddy_email }}
 }
--- a/config/ansible/tasks/servers/services/echoip/docker-compose.yml.j2
+++ b/config/ansible/tasks/servers/services/echoip/docker-compose.yml.j2
@ -3,4 +3,23 @@ services:
    container_name: 'echoip'
    image: 'mpolden/echoip:latest'
    restart: unless-stopped
-    network_mode: 'host'
+    ports:
+      - "8080:8080"
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+    networks:
+      - caddy_network
+    volumes:
+      - {{echoip_data_dir}}/GeoLite2-ASN.mmdb:/opt/echoip/GeoLite2-ASN.mmdb:ro
+      - {{echoip_data_dir}}/GeoLite2-City.mmdb:/opt/echoip/GeoLite2-City.mmdb:ro
+      - {{echoip_data_dir}}/GeoLite2-Country.mmdb:/opt/echoip/GeoLite2-Country.mmdb:ro
+    command: >
+      -p -r -H "X-Forwarded-For" -l ":8080"
+      -a /opt/echoip/GeoLite2-ASN.mmdb
+      -c /opt/echoip/GeoLite2-City.mmdb
+      -f /opt/echoip/GeoLite2-Country.mmdb
+
+networks:
+  caddy_network:
+    external: true
+    name: caddy_default
--- a/config/ansible/tasks/servers/services/echoip/echoip.yml
+++ b/config/ansible/tasks/servers/services/echoip/echoip.yml
@ -4,6 +4,9 @@
    - name: Set EchoIP directories
      ansible.builtin.set_fact:
        echoip_service_dir: "{{ ansible_env.HOME }}/services/echoip"
+        echoip_data_dir: "/mnt/object_storage/services/echoip"
+        maxmind_account_id: {{ lookup('community.general.onepassword', 'finpwvqp6evflzjcsnwge74n34', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='account_id') }}
+        maxmind_license_key: {{ lookup('community.general.onepassword', 'finpwvqp6evflzjcsnwge74n34', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='license_key') }}

    - name: Create EchoIP directory
      ansible.builtin.file:
@ -11,6 +14,66 @@
        state: directory
        mode: "0755"

+    - name: Create EchoIP data directory
+      ansible.builtin.file:
+        path: "{{ echoip_data_dir }}"
+        state: directory
+        mode: "0755"
+
+    - name: Download GeoLite2 ASN database
+      ansible.builtin.get_url:
+        url: "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-ASN&license_key={{ maxmind_license_key }}&suffix=tar.gz"
+        dest: "{{ echoip_data_dir }}/GeoLite2-ASN.tar.gz"
+        mode: "0644"
+
+    - name: Extract GeoLite2 ASN database
+      ansible.builtin.unarchive:
+        src: "{{ echoip_data_dir }}/GeoLite2-ASN.tar.gz"
+        dest: "{{ echoip_data_dir }}"
+        remote_src: true
+      register: asn_extracted
+
+    - name: Move ASN database to correct location
+      ansible.builtin.command:
+        cmd: "mv {{ echoip_data_dir }}/GeoLite2-ASN_*/GeoLite2-ASN.mmdb {{ echoip_data_dir }}/GeoLite2-ASN.mmdb"
+      when: asn_extracted.changed
+
+    - name: Download GeoLite2 City database
+      ansible.builtin.get_url:
+        url: "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key={{ maxmind_license_key }}&suffix=tar.gz"
+        dest: "{{ echoip_data_dir }}/GeoLite2-City.tar.gz"
+        mode: "0644"
+
+    - name: Extract GeoLite2 City database
+      ansible.builtin.unarchive:
+        src: "{{ echoip_data_dir }}/GeoLite2-City.tar.gz"
+        dest: "{{ echoip_data_dir }}"
+        remote_src: true
+      register: city_extracted
+
+    - name: Move City database to correct location
+      ansible.builtin.command:
+        cmd: "mv {{ echoip_data_dir }}/GeoLite2-City_*/GeoLite2-City.mmdb {{ echoip_data_dir }}/GeoLite2-City.mmdb"
+      when: city_extracted.changed
+
+    - name: Download GeoLite2 Country database
+      ansible.builtin.get_url:
+        url: "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country&license_key={{ maxmind_license_key }}&suffix=tar.gz"
+        dest: "{{ echoip_data_dir }}/GeoLite2-Country.tar.gz"
+        mode: "0644"
+
+    - name: Extract GeoLite2 Country database
+      ansible.builtin.unarchive:
+        src: "{{ echoip_data_dir }}/GeoLite2-Country.tar.gz"
+        dest: "{{ echoip_data_dir }}"
+        remote_src: true
+      register: country_extracted
+
+    - name: Move Country database to correct location
+      ansible.builtin.command:
+        cmd: "mv {{ echoip_data_dir }}/GeoLite2-Country_*/GeoLite2-Country.mmdb {{ echoip_data_dir }}/GeoLite2-Country.mmdb"
+      when: country_extracted.changed
+
    - name: Deploy EchoIP docker-compose.yml
      ansible.builtin.template:
        src: docker-compose.yml.j2