From eb6d56c2be506b7d12a15f283bac4a564bcb5cf8 Mon Sep 17 00:00:00 2001
From: Rik Veenboer <rik.veenboer@gmail.com>
Date: Fri, 22 Nov 2024 11:44:38 +0100
Subject: [PATCH] experiment with geoip in caddy

---
 caddy/Caddyfile                   | 34 ++++++++++++++++++++++-
 caddy/Dockerfile                  |  7 ++++-
 docker-compose.openvpn-server.yml |  4 +--
 docker-compose.seafile.yml        |  5 +++-
 seafile/docker/Dockerfile         | 46 ++++++++++++-------------------
 sonarr/config.xml                 |  2 +-
 6 files changed, 63 insertions(+), 35 deletions(-)

diff --git a/caddy/Caddyfile b/caddy/Caddyfile
index 5a03a21..dd19a0c 100644
--- a/caddy/Caddyfile
+++ b/caddy/Caddyfile
@@ -6,6 +6,7 @@
 		}
 		versions ipv4
 	}
+<<<<<<< HEAD
 	#order geoip before respond
 
 
@@ -21,6 +22,9 @@
 		updateUrl "https://updates.maxmind.com"
 		updateFrequency 86400 # in seconds
 	}
+=======
+	order geo_ip first
+>>>>>>> e0b5673 (experiment with geoip in caddy)
 }
 
 rik.veenboer.xyz \
@@ -127,7 +131,6 @@ ha.rik.veenboer.xyz {
 	log {
 		output file /var/log/ha.log
 	}
-
 	route {
 		@app <<CEL
 				header({'X-Requested-With': 'io.homeassistant.companion.android'}) ||
@@ -155,6 +158,7 @@ geo.rik.veenboer.xyz {
 		output file /var/log/geo.log
 	}
 
+<<<<<<< HEAD
 	geoip2_vars strict
 	# strict: Alway ignore 'X-Forwarded-For' header
 	# wild:   Trust 'X-Forwarded-For' header if existed
@@ -176,4 +180,32 @@ geo.rik.veenboer.xyz {
     geoip2.location_latitude:{geoip2.location_latitude}
     geoip2.location_longitude:{geoip2.location_longitude}
     geoip2.location_time_zone:{geoip2.location_time_zone}"
+=======
+	geo_ip {
+		db_path /data/caddy/GeoLite2-Country.mmdb
+	}
+
+	@local {
+		maxmind_geolocation {
+			db_path /data/caddy/GeoLite2-Country.mmdb
+			allow_countries IT FR
+		}
+	}
+
+	route {
+		header X-GeoIP-Country-Code {geoip.country_code}
+		header X-GeoIP-Country-Name {geoip.country_name}
+		header X-GeoIP-Region {geoip.region_name}
+		header X-GeoIP-City {geoip.city_name}
+		header X-GeoIP-Latitude {geoip.latitude}
+		header X-GeoIP-Longitude {geoip.longitude}
+		header X-GeoIP-Postal-Code {geoip.postal_code}
+		header X-GeoIP-Timezone {geoip.time_zone}
+
+		reverse_proxy host:12345 {
+			header_up X-Test "{geoip_country_name}"
+			header_down X-Client-IP "{remote_host}"
+		}
+	}
+>>>>>>> e0b5673 (experiment with geoip in caddy)
 }
diff --git a/caddy/Dockerfile b/caddy/Dockerfile
index da8b612..1351542 100644
--- a/caddy/Dockerfile
+++ b/caddy/Dockerfile
@@ -3,11 +3,16 @@ FROM caddy:2.9-builder AS builder
 RUN xcaddy build \
     --with github.com/caddy-dns/route53 \
     --with github.com/mholt/caddy-dynamicdns \
+<<<<<<< HEAD
     --with github.com/zhangjiayin/caddy-geoip2
     #--with github.com/shift72/caddy-geo-ip \
     #--with github.com/aablinov/caddy-geoip \
     #--with github.com/porech/caddy-maxmind-geolocation
+=======
+    --with github.com/shift72/caddy-geo-ip \
+    --with github.com/porech/caddy-maxmind-geolocation
+
+>>>>>>> e0b5673 (experiment with geoip in caddy)
 FROM caddy:2.9-alpine
 
 COPY --from=builder /usr/bin/caddy /usr/bin/caddy
-
diff --git a/docker-compose.openvpn-server.yml b/docker-compose.openvpn-server.yml
index a10a56c..ec82b62 100644
--- a/docker-compose.openvpn-server.yml
+++ b/docker-compose.openvpn-server.yml
@@ -6,9 +6,7 @@ services:
         extra_hosts:
         - host:192.168.2.200
         image: kylemanna/openvpn:2.4
-        network_mode: bridge
-        ports:
-        - 443:443
+        network_mode: host
         privileged: true
         restart: unless-stopped
         volumes:
diff --git a/docker-compose.seafile.yml b/docker-compose.seafile.yml
index 1b22619..e3b4077 100644
--- a/docker-compose.seafile.yml
+++ b/docker-compose.seafile.yml
@@ -1,9 +1,12 @@
 services:
     seafile:
+        build:
+            context: /opt/seafile/docker/
         container_name: seafile
         environment:
         - MODE=autorun
-        image: gronis/seafile:10.0.1
+        # image: gronis/seafile:10.0.1
+        image: seafile
         ports:
         - 8100:8000
         - 8180:8080
diff --git a/seafile/docker/Dockerfile b/seafile/docker/Dockerfile
index e56cb07..44dfe8a 100644
--- a/seafile/docker/Dockerfile
+++ b/seafile/docker/Dockerfile
@@ -1,48 +1,38 @@
-# https://github.com/Gronis/docker-seafile/blob/master/Dockerfile
-
-FROM --platform=linux/amd64 debian:bookworm-slim
+FROM --platform=linux/amd64 debian:bullseye-slim
 MAINTAINER Robin Grönerg <robingronberg@gmail.com>
 
-ENV VERSION=11.0.8
+ENV VERSION=11.0.13
 ENV DOCKERIZE_VERSION v0.6.1
 
 RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get install -y --no-install-recommends \
     procps python3 python3-dev python3-setuptools python3-pip \
     python3-wheel curl sqlite3 default-libmysqlclient-dev \
     build-essential autoconf libtool pkg-config \
-    libffi-dev libjpeg-dev zlib1g-dev
-
-RUN pip3 install --break-system-packages --timeout=3600 \
+    libffi-dev libjpeg-dev zlib1g-dev && \
+  pip3 install --timeout=3600 \
     pylibmc jinja2 "sqlalchemy<2" python3-ldap \
     django-pylibmc lxml \
-    future mysqlclient \
-    Pillow captcha \
-    django_simple_captcha \
-    djangosaml2 pysaml2 \
-    pycryptodome cffi
-
-RUN apt-get purge -y \
+    future==0.18.* mysqlclient==2.1.* \
+    Pillow==9.5.0 captcha==0.5.* \
+    django_simple_captcha==0.5.20 \
+    djangosaml2==1.5.* pysaml2==7.2.* \
+    pycryptodome==3.16.* cffi==1.15.1 && \
+  apt-get purge -y \
     python3-dev python3-setuptools python3-pip python3-wheel \
-    build-essential autoconf libtool pkg-config
-
-RUN apt-get autoremove -y && \
-	rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /usr/share/doc/* && \
-	find / -type f -name '*.py[co]' -delete -or -type d -name '__pycache__' -delete
-
-RUN curl -L https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz | tar -xz -C /usr/local/bin
-
-RUN useradd -d /seafile -M -s /bin/bash -c "Seafile User" seafile
-
-RUN mkdir -p /opt/haiwen /seafile/
+    build-essential autoconf libtool pkg-config && \
+  apt-get autoremove -y && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache /usr/share/doc/* && \
+  find / -type f -name '*.py[co]' -delete -or -type d -name '__pycache__' -delete && \
+  curl -L https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz | tar -xz -C /usr/local/bin && \
+  useradd -d /seafile -M -s /bin/bash -c "Seafile User" seafile && \
+  mkdir -p /opt/haiwen /seafile/
 
 RUN curl -sL $(curl -sL https://www.seafile.com/en/download/ \
     | grep -oE 'https://.*seafile-server.*x86-64.tar.gz' \
     | sed -e "s/[0-9]+\.[0-9]+\.[0-9]+/$VERSION/g" | grep $VERSION \
     | sort -r | head -1) \
-    | tar -C /opt/haiwen/ -xz
+    | tar -C /opt/haiwen/ -xz \
+  && chown -R seafile:seafile /seafile /opt/haiwen
 
-RUN chown -R seafile:seafile /seafile /opt/haiwen
-RUN ln -s /usr/bin/python3 /usr/bin/python
 COPY ["seafile-entrypoint.sh", "/usr/local/bin/"]
 
 EXPOSE 8000 8082
diff --git a/sonarr/config.xml b/sonarr/config.xml
index 98bc0cf..aa3c41d 100644
--- a/sonarr/config.xml
+++ b/sonarr/config.xml
@@ -1,7 +1,7 @@
 <Config>
   <LogLevel>Info</LogLevel>
   <Port>8989</Port>
-  <UrlBase>sonarr</UrlBase>
+  <UrlBase></UrlBase>
   <BindAddress>*</BindAddress>
   <SslPort>9898</SslPort>
   <EnableSsl>False</EnableSsl>