From fd5613be8d43d2b594cb9641a9e8ea482053cbfc Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Wed, 27 May 2020 21:14:10 +0200 Subject: [PATCH] enable maxmind geoip --- ipapi/deployment.yaml | 17 +++++++++++++++++ ipapi/job-db-init.yaml | 37 +++++++++++++++++++++++++++++++++++++ ipapi/maxmind-secret.yaml | 16 ++++++++++++++++ ipapi/pvc.yaml | 11 +++++++++++ 4 files changed, 81 insertions(+) create mode 100644 ipapi/job-db-init.yaml create mode 100644 ipapi/maxmind-secret.yaml create mode 100644 ipapi/pvc.yaml diff --git a/ipapi/deployment.yaml b/ipapi/deployment.yaml index 107cb19..b94506c 100644 --- a/ipapi/deployment.yaml +++ b/ipapi/deployment.yaml @@ -30,10 +30,27 @@ spec: args: - -H - X-Forwarded-For + - -f + - /data/geoip/GeoLite2-Country.mmdb + - -c + - /data/geoip/GeoLite2-City.mmdb + - -a + - /data/geoip/GeoLite2-ASN.mmdb + - -r + - -p + - -C + - "1000" ports: - containerPort: 8080 name: http protocol: TCP + volumeMounts: + - name: geoip + mountPath: /data/geoip + volumes: + - name: geoip + persistentVolumeClaim: + claimName: ipapi-geodb dnsPolicy: ClusterFirst restartPolicy: Always securityContext: {} diff --git a/ipapi/job-db-init.yaml b/ipapi/job-db-init.yaml new file mode 100644 index 0000000..870b711 --- /dev/null +++ b/ipapi/job-db-init.yaml @@ -0,0 +1,37 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: geoip-db-init +spec: + template: + metadata: + creationTimestamp: null + spec: + containers: + - command: + - sh + - -c + - | + wget -O geoip.tar.gz "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country&license_key=${API_KEY}&suffix=tar.gz" && \ + tar -C /tmp -xvzf geoip.tar.gz && rm geoip.tar.gz && \ + wget -O geoip.tar.gz "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=${API_KEY}&suffix=tar.gz" && \ + tar -C /tmp -xvzf geoip.tar.gz && rm geoip.tar.gz && \ + wget -O geoip.tar.gz "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-ASN&license_key=${API_KEY}&suffix=tar.gz" && \ + tar -C /tmp -xvzf geoip.tar.gz && rm geoip.tar.gz && \ + find /tmp -name '*.mmdb' -exec cp {} /data/geoip \; + image: busybox + name: geoip-db-init + env: + - name: API_KEY + valueFrom: + secretKeyRef: + name: maxmind-api-key + key: API_KEY + volumeMounts: + - name: geoip + mountPath: /data/geoip + volumes: + - name: geoip + persistentVolumeClaim: + claimName: ipapi-geodb + restartPolicy: Never diff --git a/ipapi/maxmind-secret.yaml b/ipapi/maxmind-secret.yaml new file mode 100644 index 0000000..2d3e49a --- /dev/null +++ b/ipapi/maxmind-secret.yaml @@ -0,0 +1,16 @@ +apiVersion: bitnami.com/v1alpha1 +kind: SealedSecret +metadata: + creationTimestamp: null + name: maxmind-api-key + namespace: ipapi +spec: + encryptedData: + API_KEY: AgCoKMZAkHJhmHYGWA65FLKeZ5a1jAYYBDf6HQlx2MbX7nJOxPbKK9RQfgU35ttmMJWGXerNohmnqGGVBaPOxJ9naQoh8BmdprPbE15a0tjaqfOfZNrirjedDQpEmIoJ4JRUN5FxmtmRd3NOqKQ898km8Zt+g17K4H4BRkMY/f3anD7z/SqDMkfEzh/kTMDXIY8VCjUY/gktdnSCDzJp1k4IAe2DnZXgVlR0vH77adWLXofmbO/XPs8YtD7wbkbf1BZ3uSiYwXZEQpJpgflCHKZnTnseKEyhacxtuuQHX7PiXolw5Z7axitnsvgKnbECA248Fczvz9ZVqQJCVVzZH43g90UvKluCnToA157X1sgufX6cstCyVlgg6YDkYwyQqM9VTXHg2PhTCqj0j4pgV0qfGRv4nQ2BLslHS2aJokTvKSb2WdSzDOTgdi+vfMeqAM3/qs0k63NLWGFKxNt4g0pQsJu3U5tSasRZNySeauL2MqCOwZlmxOjDB2IeLrth+fuk06Bn91iAKEgxigdBYABX77ehUn1StFgccDlhfQi/vg+bvLvPrQKUj4clXTR1Ttm0DfW5qtfVVs0tXW3ANC8q5QIx0CrY8iRRUba2ZYc+aa7BGddTSr8P5bHws1fi9CM113goheRJfVJN2U1UOzUx/qW0xZRLe1rdf+qxTvKy5DksdkkF1XpjLOTNF56AFd6+LJvkLIckCaylhkOUsK2l + template: + metadata: + creationTimestamp: null + name: maxmind-api-key + namespace: ipapi +status: {} + diff --git a/ipapi/pvc.yaml b/ipapi/pvc.yaml new file mode 100644 index 0000000..8367e71 --- /dev/null +++ b/ipapi/pvc.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: ipapi-geodb +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 1Gi + storageClassName: local-path