geoip_country_name returns "-" in nginx

Question

I am trying to install geoip module for nginx though dockerfile by adding to my dockerfile the following:

RUN apk add --no-cache libmaxminddb nginx-mod-http-geoip 

RUN cd /var/lib; \
    mkdir -p nginx; \
    wget -q -O- https://dl.miyuru.lk/geoip/maxmind/country/maxmind.dat.gz | gunzip -c > nginx/maxmind-country.dat; \
    wget -q -O- https://dl.miyuru.lk/geoip/maxmind/city/maxmind.dat.gz | gunzip -c > nginx/maxmind-city.dat; \
    chown -R nginx. nginx

COPY nginx.conf /etc/nginx/nginx.conf

The nginx.config is the following:

load_module "modules/ngx_http_geoip_module.so";

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

events{worker_connections  1024;
}
# See blow link for Creating NGINX Plus and NGINX Configuration Files 
# https://docs.nginx.com/nginx/admin-guide/basic-functionality/managing-configuration-files/
http {

    include /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format kv 'site="$server_name" server="$host" dest_port="$server_port" dest_ip="$server_addr" '
                       'src="$remote_addr" src_ip="$realip_remote_addr" user="$remote_user" '
                       'time_local="$time_local" protocol="$server_protocol" status="$status" '
                       'bytes_out="$bytes_sent" bytes_in="$upstream_bytes_received" '
                       'http_referer="$http_referer" http_user_agent="$http_user_agent" '
                       'nginx_version="$nginx_version" http_x_forwarded_for="$http_x_forwarded_for" '
                       'http_x_header="$http_x_header" uri_query="$query_string" uri_path="$uri" '
                       'http_method="$request_method" response_time="$upstream_response_time" '
                        'cookie="$http_cookie" request_time="$request_time" category="$sent_http_content_type" https="$https"'
                        'geoip_country_name="$geoip_country_name"';

    access_log  /var/log/nginx/access.log kv;

    sendfile        on;
    keepalive_timeout  65;

    geoip_country /var/lib/nginx/maxmind-country.dat;
    geoip_city /var/lib/nginx/maxmind-city.dat;
    include /etc/nginx/conf.d/*.conf;

    # The identifier Backend is internal to nginx, and used to name this specific upstream
    upstream backend {
    # dashboard is the internal DNS name used by the backend Service inside Kubernetes
    server localhost:5005;
    }

    server {
        listen 80;
        root /usr/share/nginx/html;
        index index.html;

        location / {
        try_files $uri $uri/ /index.html;
        }

        location /api/ {
        resolver 127.0.0.11; #nginx will not crash if host is not found    
        # The following statement will proxy traffic to the upstream
        proxy_pass http://backend;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
    }

}

However, when I am inspecting the logs I am getting

geoip_country_name = "-"

Any idea of what is going wrong here? Could it be that I am running this locally?

Answer 1

The "-" is what the logfile uses when the value is empty. GeoIP uses the $remote_addr to calculate the source of the request.

172.17.0.1 is not a public IP address, it is an internal address of one of your proxy servers. Check the $http_x_forwarded_for header value for the real remote address (assuming your reverse proxy servers are configured correctly.

The Geoip module provides the geoip_proxy directive to ignore $remote_addr and use $http_x_forwarded_for instead.

For example (added to your other geoip_ directives):

geoip_proxy 172.17.0.1;

Answer 2

We were experiencing a similar problem.

It essentially came back to the points made by @RichardSmith, however in our case the following configuration resolved the problem:

geoip_proxy 0.0.0.0/0;