https://github.com/nscuro/traefik-plugin-geoblock
traefik plugin to whitelist requests based on geolocation
https://github.com/nscuro/traefik-plugin-geoblock
geoblock ip2location traefik-plugin
Last synced: 11 months ago
JSON representation
traefik plugin to whitelist requests based on geolocation
- Host: GitHub
- URL: https://github.com/nscuro/traefik-plugin-geoblock
- Owner: nscuro
- License: apache-2.0
- Created: 2021-10-04T18:44:51.000Z (over 4 years ago)
- Default Branch: main
- Last Pushed: 2024-12-03T02:13:53.000Z (over 1 year ago)
- Last Synced: 2024-12-10T22:51:26.816Z (over 1 year ago)
- Topics: geoblock, ip2location, traefik-plugin
- Language: Go
- Homepage:
- Size: 21.8 MB
- Stars: 44
- Watchers: 2
- Forks: 7
- Open Issues: 10
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# traefik-plugin-geoblock
[](https://github.com/nscuro/traefik-plugin-geoblock/actions/workflows/ci.yml)
[](https://goreportcard.com/report/github.com/nscuro/traefik-plugin-geoblock)
[](https://github.com/nscuro/traefik-plugin-geoblock/releases/latest)
[](LICENSE)
*traefik-plugin-geoblock is a traefik plugin to allow or block requests based on geolocation*
> This projects includes IP2Location LITE data available from [`lite.ip2location.com`](https://lite.ip2location.com/database/ip-country).
## Configuration
### Static
#### Local
```yaml
experimental:
localPlugins:
geoblock:
moduleName: github.com/nscuro/traefik-plugin-geoblock
```
#### Pilot
```yaml
pilot:
token: "xxxxxxxxx"
experimental:
plugins:
geoblock:
moduleName: github.com/nscuro/traefik-plugin-geoblock
version: v0.5.0
```
### Dynamic
```yaml
http:
middlewares:
geoblock:
plugin:
geoblock:
# Enable this plugin?
enabled: true
# Path to ip2location database file
databaseFilePath: /plugins-local/src/github.com/nscuro/traefik-plugin-geoblock/IP2LOCATION-LITE-DB1.IPV6.BIN
# Whitelist of countries to allow (ISO 3166-1 alpha-2)
allowedCountries: [ "AT", "CH", "DE" ]
# Blocklist of countries to block (ISO 3166-1 alpha-2)
blockedCountries: [ "RU" ]
# Default allow indicates that if an IP is in neither block list nor allow lists, it should be allowed.
defaultAllow: false
# Allow requests from private / internal networks?
allowPrivate: true
# HTTP status code to return for disallowed requests (default: 403)
disallowedStatusCode: 204
# Add CIDR to be whitelisted, even if in a non-allowed country
allowedIPBlocks: ["66.249.64.0/19"]
# Add CIDR to be blacklisted, even if in an allowed country or IP block
blockedIPBlocks: ["66.249.64.5/32"]
```