habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1fc91b004b0f965b229e89de5501850953711cdd
authentik/website/docs/sys-mgmt/ops/geoip.mdx
Teffen Ellis bfdb827ff9 website/docs: Update Docusaurus config. Prep for version picker. (#14401) 
* website/docs: Clean up config. Add types.

* website/docs: Format MDX.

* website: Fix build warnings. Lint badges frontmatter.
2025-05-06 10:04:39 -04:00

108 lines
3.0 KiB
Plaintext
Raw Blame History

# GeoIP
authentik supports GeoIP to add additional information to login/authorization/enrollment requests. Additionally, a [GeoIP policy](../../customize/policies/index.md#geoip-policy) can be used to make policy decisions based on the lookup result.
### Configuration
:::info
Starting with authentik 2022.12, GeoIP is bundled and does not require any additional setup.
:::
By default, the GeoIP database is loaded from `/geoip/GeoLite2-City.mmdb`. If more frequent database updates are desired, a volume can be mounted to `/geoip` to update this file externally. authentik will automatically re-load the file when it changes.
### Deactivating GeoIP
If you want to disable GeoIP, you can set the path to a non-existent path and authentik will skip the GeoIP.
import TabItem from "@theme/TabItem";
import Tabs from "@theme/Tabs";
<Tabs
defaultValue="docker-compose"
values={[
{label: 'docker-compose', value: 'docker-compose'},
{label: 'Kubernetes', value: 'kubernetes'},
]}>
<TabItem value="docker-compose">
Add the following block to your `.env` file:
```shell
AUTHENTIK_EVENTS__CONTEXT_PROCESSORS__GEOIP=/tmp/non-existent-file
AUTHENTIK_EVENTS__CONTEXT_PROCESSORS__ASN=/tmp/non-existent-file
```
Afterwards, run the upgrade commands from the latest release notes.
</TabItem>
<TabItem value="kubernetes">
Add the following block to your `values.yml` file:
```yaml
authentik:
events:
context_processors:
geoip: "/tmp/non-existent-file"
asn: "/tmp/non-existent-file"
```
Afterwards, run the upgrade commands from the latest release notes.
</TabItem>
</Tabs>
### External updates
Sign up for a free MaxMind account [here](https://www.maxmind.com/en/geolite2/signup).
<Tabs
defaultValue="docker-compose"
values={[
{label: 'docker-compose', value: 'docker-compose'},
{label: 'Kubernetes', value: 'kubernetes'},
]}>
<TabItem value="docker-compose">
Add the following block to a `docker-compose.override.yml` file in the same folder as the authentik docker-compose file:
```yaml
services:
server:
volumes:
- geoip:/geoip
worker:
volumes:
- geoip:/geoip
geoipupdate:
image: "maxmindinc/geoipupdate:latest"
volumes:
- "geoip:/usr/share/GeoIP"
environment:
GEOIPUPDATE_EDITION_IDS: "GeoLite2-City GeoLite2-ASN"
GEOIPUPDATE_FREQUENCY: "8"
GEOIPUPDATE_ACCOUNT_ID: "*your account ID*"
GEOIPUPDATE_LICENSE_KEY: "*your license key*"
volumes:
geoip:
driver: local
```
Afterwards, run the upgrade commands from the latest release notes.
</TabItem>
<TabItem value="kubernetes">
Add the following block to your `values.yml` file:
```yaml
geoip:
enabled: true
accountId: "*your account ID*"
licenseKey: "*your license key*"
editionIds: "GeoLite2-City GeoLite2-ASN"
image: maxmindinc/geoipupdate:v4.8
updateInterval: 8
```
Afterwards, run the upgrade commands from the latest release notes.
</TabItem>
</Tabs>
Reference in New Issue View Git Blame Copy Permalink