Initial

Author: quietsy

.github/workflows/BuildImage.yml

@@ -1,21 +1,12 @@
 name: Build Image
 
-on:
-  push:
-  pull_request_target:
-  workflow_dispatch:
-    inputs:
-      mod_version:
-        type: string
-        required: false
+on: [push, pull_request_target, workflow_dispatch]
 
 env:
   GITHUB_REPO: "linuxserver/docker-mods" #don't modify
   ENDPOINT: "linuxserver/mods" #don't modify
-  BASEIMAGE: "replace_baseimage" #replace
-  MODNAME: "replace_modname" #replace
-  MOD_VERSION: ${{ inputs.mod_version }} #don't modify
-  MULTI_ARCH: "true" #set to false if not needed
+  BASEIMAGE: "swag" #replace
+  MODNAME: "ipinfo" #replace
 
 jobs:
   set-vars:
@@ -28,23 +19,15 @@ jobs:
           echo "ENDPOINT=${{ env.ENDPOINT }}" >> $GITHUB_OUTPUT
           echo "BASEIMAGE=${{ env.BASEIMAGE }}" >> $GITHUB_OUTPUT
           echo "MODNAME=${{ env.MODNAME }}" >> $GITHUB_OUTPUT
-          echo "MULTI_ARCH=${{ env.MULTI_ARCH }}" >> $GITHUB_OUTPUT
-          if [[ -z "${{ env.MOD_VERSION }}" ]]; then
-            # **** If the mod needs to be versioned, set the versioning logic below. Otherwise leave as is. ****
-            MOD_VERSION=""
-          else
-            MOD_VERSION=${{ env.MOD_VERSION }}
-            echo "MOD_VERSION_OVERRIDE=true" >> $GITHUB_OUTPUT
-          fi
+          # **** If the mod needs to be versioned, set the versioning logic below. Otherwise leave as is. ****
+          MOD_VERSION=""
           echo "MOD_VERSION=${MOD_VERSION}" >> $GITHUB_OUTPUT
     outputs:
       GITHUB_REPO: ${{ steps.outputs.outputs.GITHUB_REPO }}
       ENDPOINT: ${{ steps.outputs.outputs.ENDPOINT }}
       BASEIMAGE: ${{ steps.outputs.outputs.BASEIMAGE }}
       MODNAME: ${{ steps.outputs.outputs.MODNAME }}
-      MULTI_ARCH: ${{ steps.outputs.outputs.MULTI_ARCH }}
       MOD_VERSION: ${{ steps.outputs.outputs.MOD_VERSION }}
-      MOD_VERSION_OVERRIDE: ${{ steps.outputs.outputs.MOD_VERSION_OVERRIDE }}
 
   build:
     uses: linuxserver/github-workflows/.github/workflows/docker-mod-builder.yml@v1
@@ -59,6 +42,4 @@ jobs:
       ENDPOINT: ${{ needs.set-vars.outputs.ENDPOINT }}
       BASEIMAGE: ${{ needs.set-vars.outputs.BASEIMAGE }}
       MODNAME: ${{ needs.set-vars.outputs.MODNAME }}
-      MULTI_ARCH: ${{ needs.set-vars.outputs.MULTI_ARCH }}
       MOD_VERSION: ${{ needs.set-vars.outputs.MOD_VERSION }}
-      MOD_VERSION_OVERRIDE: ${{ needs.set-vars.outputs.MOD_VERSION_OVERRIDE }}

Dockerfile

@@ -2,7 +2,7 @@
 
 FROM scratch
 
-LABEL maintainer="username"
+LABEL maintainer="quietsy"
 
 # copy local files
 COPY root/ /

README.md

@@ -1,25 +1,65 @@
-# Rsync - Docker mod for openssh-server
+# IPINFO Docker mod for Nginx based images
 
-This mod adds rsync to openssh-server, to be installed/updated during container start.
+This mod downloads the `ipinfo_lite.mmdb` database under `/config/geoip2db`, the database is updated daily.
 
-In openssh-server docker arguments, set an environment variable `DOCKER_MODS=linuxserver/mods:openssh-server-rsync`
+**This mod should not be enabled together with swag-maxmind or swag-dbip mods.**
 
-If adding multiple mods, enter them in an array separated by `|`, such as `DOCKER_MODS=linuxserver/mods:openssh-server-rsync|linuxserver/mods:openssh-server-mod2`
+Follow these steps to enable the ipinfo mod:
 
-# Mod creation instructions
+1. Sign up and aquire an ipinfo token here: https://ipinfo.io/signup
+2. In the container's docker arguments, set the following environment variables:
+    - `IPINFO_TOKEN=<token>` with your token.
+3. In the container's docker arguments, set an environment variable `DOCKER_MODS=linuxserver/mods:swag-ipinfo`
+   
+   If adding multiple mods, enter them in an array separated by `|`, such as `DOCKER_MODS=linuxserver/mods:swag-ipinfo|linuxserver/mods:swag-mod2`
+4. Recreate the container to apply the changes.
+5. Add the following line to `/config/nginx/nginx.conf` under the `http` section:
+   
+   ```nginx
+   include /config/nginx/ipinfo.conf;
+   ```
+6. Edit `/config/nginx/ipinfo.conf` and add countries to the blocklist / whitelist according to the comments, for example:
+   
+    ```nginx
+    map $geoip2_data_country_iso_code $geo-whitelist {
+        default no;
+        UK yes;
+    }
 
-* Fork the repo, create a new branch based on the branch `template`.
-* Edit the `Dockerfile` for the mod. `Dockerfile.complex` is only an example and included for reference; it should be deleted when done.
-* Inspect the `root` folder contents. Edit, add and remove as necessary.
-* After all init scripts and services are created, run `find ./  -path "./.git" -prune -o \( -name "run" -o -name "finish" -o -name "check" \) -not -perm -u=x,g=x,o=x -print -exec chmod +x {} +` to fix permissions.
-* Edit this readme with pertinent info, delete these instructions.
-* Finally edit the `.github/workflows/BuildImage.yml`. Customize the vars for `BASEIMAGE` and `MODNAME`. Set the versioning logic and `MULTI_ARCH` if needed.
-* Ask the team to create a new branch named `<baseimagename>-<modname>`. Baseimage should be the name of the image the mod will be applied to. The new branch will be based on the `template` branch.
-* Submit PR against the branch created by the team.
+    map $geoip2_data_country_iso_code $geo-blacklist {
+        default yes;
+        US no;
+    }
+    ```
+7. Use the definitions in the following way:
+   ```nginx
+    server {
+        listen 443 ssl;
+        listen [::]:443 ssl;
 
+        server_name some-app.*;
+        include /config/nginx/ssl.conf;
+        client_max_body_size 0;
 
-## Tips and tricks
+        if ($lan-ip = yes) { set $geo-whitelist yes; }
+        if ($geo-whitelist = no) { return 404; }
 
-* Some images have helpers built in, these images are currently:
-    * [Openvscode-server](https://github.com/linuxserver/docker-openvscode-server/pull/10/files)
-    * [Code-server](https://github.com/linuxserver/docker-code-server/pull/95)
+        location / {
+    ```
+   Or for blacklist with both some countries and continents: 
+    ```nginx
+    server {
+        listen 443 ssl;
+        listen [::]:443 ssl;
+
+        server_name some-app.*;
+        include /config/nginx/ssl.conf;
+        client_max_body_size 0;
+
+        if ($lan-ip = yes) { set $geo-blacklist yes; }
+        if ($geo-blacklist = no) { return 404; }
+        if ($continent-blacklist = no) { return 404; }
+
+        location / {
+    ```
+8. Restart the container to apply the changes.

root/defaults/ipinfo.conf

@@ -0,0 +1,43 @@
+geoip2 /config/geoip2db/ipinfo_lite.mmdb {
+    auto_reload 1w;
+    $geoip2_data_network          network;
+    $geoip2_data_country          country;
+    $geoip2_data_country_iso_code country_code;
+    $geoip2_data_continent        continent;
+    $geoip2_data_continent_code   continent_code;
+    $geoip2_data_asn              asn;
+    $geoip2_data_as_name          as_name;
+    $geoip2_data_as_domain        as_domain;
+}
+
+# Country Codes: https://en.wikipedia.org/wiki/ISO_3166-2
+
+map $geoip2_data_country_iso_code $geo-whitelist {
+    default yes;
+    # Example for whitelisting a country, comment out 'default yes;' above and uncomment 'default no;' and the whitelisted country below
+    # default no;
+    # GB yes;
+}
+
+map $geoip2_data_country_iso_code $geo-blacklist {
+    default yes;
+    # Example for blacklisting a country, uncomment the blacklisted country below
+    # GB no;
+ }
+
+# Continents:
+# Options: AF, AS, EU, NA, OC, SA, AN
+
+ map $geoip2_data_continent_code $continent-blacklist {
+    default yes;
+    # Example blacklisting a continent, uncomment the blacklisted continent bellow
+    # SA no; # South America
+}
+
+geo $lan-ip {
+    default no;
+    10.0.0.0/8 yes;
+    172.16.0.0/12 yes;
+    192.168.0.0/16 yes;
+    127.0.0.1 yes;
+}

root/etc/periodic/daily/ipinfo

@@ -0,0 +1,12 @@
+#!/usr/bin/with-contenv bash
+
+if [[ ! -n "${IPINFO_TOKEN}" ]]; then
+    echo "IPINFO_TOKEN env var is missing."
+    exit 1
+fi
+
+FILE="https://ipinfo.io/data/ipinfo_lite.mmdb?token=${IPINFO_TOKEN}"
+
+wget -O /tmp/ipinfo_lite.mmdb $FILE
+mv -f /tmp/ipinfo_lite.mmdb /config/geoip2db/ipinfo_lite.mmdb
+exit 0

root/etc/s6-overlay/s6-rc.d/init-mod-swag-ipinfo-setup/dependencies.d/init-mods

@@ -0,0 +1,18 @@
+#!/usr/bin/with-contenv bash
+
+echo "Applying the ipinfo mod..."
+
+chmod +x /etc/periodic/daily/ipinfo
+
+# check GeoIP2 database
+if [ ! -f /config/geoip2db/ipinfo_lite.mmdb ]; then
+    echo "Downloading GeoIP2 City database."
+    mkdir -p "/config/geoip2db"
+    /etc/periodic/daily/ipinfo
+fi
+
+if [ ! -f /config/nginx/ipinfo.conf ]; then
+    cp /defaults/ipinfo.conf /config/nginx/ipinfo.conf
+fi
+
+echo "Applied the ipinfo mod"

root/etc/s6-overlay/s6-rc.d/init-mod-swag-ipinfo-setup/run

@@ -0,0 +1 @@
+oneshot

root/etc/s6-overlay/s6-rc.d/init-mod-swag-ipinfo-setup/type

@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/init-mod-swag-ipinfo-setup/run