Created
February 17, 2022 02:24
-
-
Save johnhpatton/4203e616c0599f73c49630c5ff7bb480 to your computer and use it in GitHub Desktop.
Nginx Plus KeyVal to hold whitelisted IP address blocks
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
stream { | |
# Set resolver to a name server that can resolve the domain | |
# for the zone_sync_server DNS to all webtier IPs. | |
resolver 10.0.0.1; | |
server { | |
listen 9443 reuseport; | |
zone_sync; | |
zone_sync_server api.prod.int.example.com:9443 resolve; | |
} | |
} | |
# KeyVal Memory Zone Configuration for Googlebot CIDRs | |
keyval_zone zone=googlebot_cidrs:128m timeout=3650d state=googlebot_cidrs.state sync; | |
# KeyVal Lookup is an IP type | |
# * Update $remote_addr used in the keyval to a variable that holds the | |
# real client IP address. See the realip documentation for guidance. | |
keyval $remote_addr $is_google zone=googlebot_cidrs type=ip; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment