[Solved] How to have mod_maxminddb / accesslog with unix sockets?
Added by juangacovas 16 days ago
Lighttpd 1.4.70
I configured mod_maxminddb and correctly get GEOIP_COUNTRY_CODE if I use a networked "server.bind", but not if I bind lighttpd to unix socket.
From lighttpd.conf:
server.bind = "/path/to/lighttpd.sock"
server.socket-perms = "0775"
I have lighttpd behind HAProxy and before asking I tested I'm getting the correct IP through mod_extforward when bind is NOT an unix socket.
I can find the real IP in logs through the default accesslog.format config:
accesslog.format = "%h %l %u %t \"%r\" %b %>s \"%{User-Agent}i\" \"%{Referer}i\""
I got the correct IP:
109.232.x.x - - [14/May/2023:08:47:45 +0200] "GET / HTTP/2.0" 89891 200 ...
...but once you bind to unix socket, logs result in the socket path:
/path/to/lighttpd.sock - - [14/May/2023:08:50:58 +0200] " GET / HTTP/2.0" 89891 200 ...
Which I suspect is the reason mod_maxminddb isn't working either (getting a blank env var for GEOIP_CITY_NAME) from the dynamic backend
What I do to have real IPs at logs when binding to unix socket is force the accesslog.format to:
accesslog.format="%{X-Forwarded-For}i %l %u %t \"%r\" %b %>s \"%{User-Agent}i\" \"%{Referer}i\""
That works, but seems obvious that mod_maxminddb is not getting the correct address.
I tried having this order in modules.conf:
"mod_extforward", "mod_maxminddb",
So is there a way to make mod_maxminddb to work with unix sockets / mod_extforward? Thank you.
Replies (3)
RE: How to have mod_maxminddb / accesslog with unix sockets? - Added by gstrauss 16 days ago
I have lighttpd behind HAProxy and before asking I tested I'm getting the correct IP through mod_extforward when bind is NOT an unix socket.
Please share your mod_extforward config. See an example with unix domain sockets in #3198
RE: How to have mod_maxminddb / accesslog with unix sockets? - Added by juangacovas 16 days ago
Thanks a lot, that worked. Didn't know about that feature request being closed.
Now my extforward config is:
extforward.headers = ("X-Forwarded-For") extforward.forwarder = ( "127.0.0.1" => "trust", "/path/to/lighttpd.sock" => "trust" )
And indeed I'm getting the real IP with
accesslog.format = "%h %l %u %t \"%r\" %b %>s \"%{User-Agent}i\" \"%{Referer}i\""
RE: How to have mod_maxminddb / accesslog with unix sockets? - Added by juangacovas 16 days ago
Sorry, I also confirm that now I'm properly getting GEOIP_COUNTRY_CODE from mod_maxminddb too.