MaxMind Geolocation provider (#28490)
Signed-off-by: Kateryna Nezdolii <nezdolik@spotify.com> Mirrored from https://github.com/envoyproxy/envoy @ 05370061cbf911e9411acfd099c8943e96d57982main
update-envoy[bot]
1 year ago
parent
e9057976fc
commit
3ddee22bb4
7 changed files with 141 additions and 50 deletions
@ -0,0 +1,9 @@ |
||||
# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. |
||||
|
||||
load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") |
||||
|
||||
licenses(["notice"]) # Apache 2 |
||||
|
||||
api_proto_package( |
||||
deps = ["@com_github_cncf_udpa//udpa/annotations:pkg"], |
||||
) |
||||
@ -0,0 +1,68 @@ |
||||
syntax = "proto3"; |
||||
|
||||
package envoy.extensions.geoip_providers.common.v3; |
||||
|
||||
import "udpa/annotations/status.proto"; |
||||
import "validate/validate.proto"; |
||||
|
||||
option java_package = "io.envoyproxy.envoy.extensions.geoip_providers.common.v3"; |
||||
option java_outer_classname = "CommonProto"; |
||||
option java_multiple_files = true; |
||||
option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/geoip_providers/common/v3;commonv3"; |
||||
option (udpa.annotations.file_status).package_version_status = ACTIVE; |
||||
|
||||
// [#protodoc-title: Common Geolocation Provider Configuration] |
||||
// Common geolocation provider :ref:`configuration overview <config_geoip_providers_common>`. |
||||
// Common configuration shared across geolocation providers. |
||||
|
||||
message CommonGeoipProviderConfig { |
||||
// The set of geolocation headers to add to request. If any of the configured headers is present |
||||
// in the incoming request, it will be overridden by the :ref:`Geoip filter <config_http_filters_geoip>`. |
||||
// [#next-free-field: 10] |
||||
message GeolocationHeadersToAdd { |
||||
// If set, the header will be used to populate the country ISO code associated with the IP address. |
||||
string country = 1 |
||||
[(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME ignore_empty: true}]; |
||||
|
||||
// If set, the header will be used to populate the city associated with the IP address. |
||||
string city = 2 |
||||
[(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME ignore_empty: true}]; |
||||
|
||||
// If set, the header will be used to populate the region ISO code associated with the IP address. |
||||
// The least specific subdivision will be selected as region value. |
||||
string region = 3 |
||||
[(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME ignore_empty: true}]; |
||||
|
||||
// If set, the header will be used to populate the ASN associated with the IP address. |
||||
string asn = 4 |
||||
[(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME ignore_empty: true}]; |
||||
|
||||
// If set, the IP address will be checked if it belongs to any type of anonymization network (e.g. VPN, public proxy etc) |
||||
// and header will be populated with the check result. Header value will be set to either "true" or "false" depending on the check result. |
||||
string is_anon = 5 |
||||
[(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME ignore_empty: true}]; |
||||
|
||||
// If set, the IP address will be checked if it belongs to a VPN and header will be populated with the check result. |
||||
// Header value will be set to either "true" or "false" depending on the check result. |
||||
string anon_vpn = 6 |
||||
[(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME ignore_empty: true}]; |
||||
|
||||
// If set, the IP address will be checked if it belongs to a hosting provider and header will be populated with the check result. |
||||
// Header value will be set to either "true" or "false" depending on the check result. |
||||
string anon_hosting = 7 |
||||
[(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME ignore_empty: true}]; |
||||
|
||||
// If set, the IP address will be checked if it belongs to a TOR exit node and header will be populated with the check result. |
||||
// Header value will be set to either "true" or "false" depending on the check result. |
||||
string anon_tor = 8 |
||||
[(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME ignore_empty: true}]; |
||||
|
||||
// If set, the IP address will be checked if it belongs to a public proxy and header will be populated with the check result. |
||||
// Header value will be set to either "true" or "false" depending on the check result. |
||||
string anon_proxy = 9 |
||||
[(validate.rules).string = {well_known_regex: HTTP_HEADER_NAME ignore_empty: true}]; |
||||
} |
||||
|
||||
// Configuration for geolocation headers to add to request. |
||||
GeolocationHeadersToAdd geo_headers_to_add = 1 [(validate.rules).message = {required: true}]; |
||||
} |
||||
@ -0,0 +1,13 @@ |
||||
# DO NOT EDIT. This file is generated by tools/proto_format/proto_sync.py. |
||||
|
||||
load("@envoy_api//bazel:api_build_system.bzl", "api_proto_package") |
||||
|
||||
licenses(["notice"]) # Apache 2 |
||||
|
||||
api_proto_package( |
||||
deps = [ |
||||
"//envoy/extensions/geoip_providers/common/v3:pkg", |
||||
"@com_github_cncf_udpa//udpa/annotations:pkg", |
||||
"@com_github_cncf_udpa//xds/annotations/v3:pkg", |
||||
], |
||||
) |
||||
@ -0,0 +1,42 @@ |
||||
syntax = "proto3"; |
||||
|
||||
package envoy.extensions.geoip_providers.maxmind.v3; |
||||
|
||||
import "envoy/extensions/geoip_providers/common/v3/common.proto"; |
||||
|
||||
import "xds/annotations/v3/status.proto"; |
||||
|
||||
import "udpa/annotations/status.proto"; |
||||
import "validate/validate.proto"; |
||||
|
||||
option java_package = "io.envoyproxy.envoy.extensions.geoip_providers.maxmind.v3"; |
||||
option java_outer_classname = "MaxmindProto"; |
||||
option java_multiple_files = true; |
||||
option go_package = "github.com/envoyproxy/go-control-plane/envoy/extensions/geoip_providers/maxmind/v3;maxmindv3"; |
||||
option (udpa.annotations.file_status).package_version_status = ACTIVE; |
||||
option (xds.annotations.v3.file_status).work_in_progress = true; |
||||
|
||||
// [#protodoc-title: MaxMind Geolocation Provider] |
||||
// MaxMind geolocation provider :ref:`configuration overview <config_geoip_providers_maxmind>`. |
||||
// At least one geolocation database path :ref:`city_db_path <envoy_v3_api_field_extensions.geoip_providers.maxmind.v3.MaxMindConfig.city_db_path>`, |
||||
// :ref:`isp_db_path <envoy_v3_api_field_extensions.geoip_providers.maxmind.v3.MaxMindConfig.isp_db_path>` or |
||||
// :ref:`anon_db_path <envoy_v3_api_field_extensions.geoip_providers.maxmind.v3.MaxMindConfig.anon_db_path>` must be configured. |
||||
// [#extension: envoy.geoip_providers.maxmind] |
||||
|
||||
message MaxMindConfig { |
||||
// Full file path to the Maxmind city database, e.g. /etc/GeoLite2-City.mmdb. |
||||
// Database file is expected to have .mmdb extension. |
||||
string city_db_path = 1 [(validate.rules).string = {pattern: "^$|^.*\\.mmdb$"}]; |
||||
|
||||
// Full file path to the Maxmind ASN database, e.g. /etc/GeoLite2-ASN.mmdb. |
||||
// Database file is expected to have .mmdb extension. |
||||
string isp_db_path = 2 [(validate.rules).string = {pattern: "^$|^.*\\.mmdb$"}]; |
||||
|
||||
// Full file path to the Maxmind anonymous IP database, e.g. /etc/GeoIP2-Anonymous-IP.mmdb. |
||||
// Database file is expected to have .mmdb extension. |
||||
string anon_db_path = 3 [(validate.rules).string = {pattern: "^$|^.*\\.mmdb$"}]; |
||||
|
||||
// Common provider configuration that specifies which geolocation headers will be populated with geolocation data. |
||||
common.v3.CommonGeoipProviderConfig common_provider_config = 4 |
||||
[(validate.rules).message = {required: true}]; |
||||
} |
||||
Loading…
Reference in new issue