-
Notifications
You must be signed in to change notification settings - Fork 253
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to get IP geolocation working #8
Comments
If it helps, my Plausible instance is public at https://plausible.jfagerberg.me/jfagerberg.me |
Hey, thanks for the report. I maintain a testing instance for the self-hosted configuration over at testing.plausible.io (our prod setup is a bit different). So far I didn't have geoip configured so I thought I would follow the same steps to see what works. After updating the As you can see, countries are being captured now: https://testing.plausible.io/plausible.io Unfortunately without being able to reproduce the issue, it's difficult to debug. My first thought is that maybe you're sitting behind a proxy that doesn't implement Otherwise we can think about adding some logging around the country lookup and you could deploy that image with |
@ukutaht Looks like that was it! Thanks for the pointer; I hadn't even considered my reverse proxy being the problem. Would there be interest in a PR adding documentation for how to setup NGINX in front of Plausible in the self-hosting docs? I see that the docs mention there being instructions "below", but I couldn't find them. Alternatively (or additionally) a pre-made NGINX config could be added to this repo if there is interest. |
Yeah I think we'll get a PR with configuration for Traefik soon: https://plausible.discourse.group/t/self-hosting-https-how-to/87/5 I'd also love to have read-made configs for Nginx and Caddy. Just out of curiosity, how was your nginx configured? What change made it work? |
@ukutaht My NGINX config is super simple. The part that isn't managed by Certbot is: server {
server_name plausible.jfagerberg.me;
location / {
proxy_pass http://127.0.0.1:7654;
# added line below to fix issue
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
} (where 7654 is the port I'm binding Plausible to) I'll hopefully get around to throwing together a PR for the self-hosting docs sometimes tomorrow. I'm assuming a new page under the self-hosting category would be preferable over adding it as a subsection of the Getting started page? |
Looks good! I wish nginx automatically sent X-Forwarded-For when using proxy_pass Would be best to add a new docker-compose override in addition to adding documentation. I think runnable code is the best way to document something. |
If we're adding a docker-compose override, then I'm assuming that the goal is to be as plug-and-play as possible. Since it doesn't really make much sense to offer multiple different reverse proxy images, it'd probably be best to choose between caddy-gen for its simplicity, I'll try to get around to it tomorrow. |
I'd be quite happy to offer all 3 as well and let the user pick depending on which docker-compose override file they include |
It's obviously your decision in the end, but may I ask why? Since running a reverse proxy as a docker container only makes sense if users aren't running a reverse proxy to begin with (otherwise it will clash with the existing instance), there's very little point in letting people choose, assuming all the reverse proxies have feature parity which they do for this case. I can see the point in providing configs for both Caddy, NGINX and Traefik so users can choose the appropriate one if they're already running a reverse proxy - but bundling the reverse proxy as a docker-compose override would only make sense if they aren't running one to begin with. |
@birjolaxew I think you're right, it's best to choose one to bundle in the docker-compose and provide example configs for different servers for when they run separately. |
Hey I'm using plausible with traefik and can't get location working... docker compose logs plausibleplausible-1 | Loading plausible..
plausible-1 | Starting dependencies..
plausible-1 | Starting repos..
plausible-1 | create Plausible.Repo database if it doesn't exist
plausible-1 | create Plausible.IngestRepo database if it doesn't exist
plausible-1 | Creation of Db successful!
plausible-1 | Loading plausible..
plausible-1 | Starting dependencies..
plausible-1 | Starting repos..
plausible-1 | Running migrations for Elixir.Plausible.Repo
plausible-1 | 14:38:56.439 [info] Migrations already up
plausible-1 | Running migrations for Elixir.Plausible.IngestRepo
plausible-1 | Migrations successful!
plausible-1 | 14:38:56.455 [info] Migrations already up
plausible-1 | 14:38:59.541 [info] Loading 147 CA(s) from :otp store
plausible-1 | 14:38:59.702 [info] No tzdata release files found in custom data dir. Copying release file from tzdata priv dir. According to https://doc.traefik.io/traefik/getting-started/faq/#what-are-the-forwarded-headers-when-proxying-http-requests I think Any suggestions? I'm recording events, but no locations (db-ip & MaxMind). |
You can use this snippet to log headers and check if Plausible receives a correct IP address in x-forwarded-for from Traefik iex> headers = fn {:trace, _pid, :call, {_mod, _fun, [%Plug.Conn{req_headers: headers}]}} -> inspect(headers) end
iex> mod_fun_args = {PlausibleWeb.RemoteIP, :get, 1}
iex> how_many_times = 5
iex> :recon_trace.calls(mod_fun_args, how_many_times, formatter: headers) More info: plausible/analytics#2767 (reply in thread) plausible/analytics#3248 (comment) |
hmm I get curl http event
[{"accept", "*/*"}, {"accept-encoding", "gzip"}, {"content-length", "111"},
{"content-type", "application/json"}, {"host", "$BASE_URL"}, {"user-agent", "curl/7.81.0"},
{"x-forwarded-for", "192.168.96.1"}, {"x-forwarded-host", "$BASE_URL"},
{"x-forwarded-port", "80"}, {"x-forwarded-proto", "http"},
{"x-forwarded-server", "17cb132c672d"}, {"x-real-ip", "192.168.96.1"}] real https event[{"accept", "*/*"}, {"accept-encoding", "gzip, deflate, br, zstd"},
{"accept-language", "en-GB,en;q=0.5"}, {"content-length", "72"},
{"content-type", "text/plain"}, {"dnt", "1"},
{"forwarded", "for=192.168.96.1;host=$BASE_URL;proto=https"},
{"host", "$BASE_URL"}, {"origin", "$DATA_DOMAIN"}, {"referer", "$DATA_DOMAIN"},
{"sec-fetch-dest", "empty"}, {"sec-fetch-mode", "cors"}, {"sec-fetch-site", "cross-site"},
{"sec-gpc", "1"}, {"te", "trailers"}, {"user-agent", "$UA"}, {"x-forwarded-for", "192.168.96.1"},
{"x-forwarded-host", "$BASE_URL"}, {"x-forwarded-port", "443"}, {"x-forwarded-proto", "https"},
{"x-forwarded-server", "86b72bba7a44"}, {"x-real-ip", "192.168.96.1"}] |
You seem to be accessing Plausible from the same host as its running on (curl localhost), so it makes sense that the client IP address would be local. I suggest trying routing the request via the public internet and maybe sharing more information about your setup. In previous cases (I linked them above) the problem was always at the reverse-proxy(ies) level. |
The "real https event" was via public internet (browser pointed at My setup is quite minimal (I just cloned the repo, set Of course I had to add an actual traefik service in services:
plausible:
labels:
traefik.http.routers.plausible.rule: Host(`$BASE_URL`)
traefik.http.services.plausible.loadbalancer.server.port: 8000
traefik.http.routers.plausible.tls: true
traefik.http.routers.plausible.tls.certresolver: myresolver
traefik:
image: traefik:3.0
command:
- --providers.docker
- --entryPoints.web.address=:80
- --entryPoints.websecure.address=:443
- --certificatesresolvers.myresolver.acme.tlschallenge=true
- --certificatesresolvers.myresolver.acme.email=me@cdcl.ml
- --certificatesresolvers.myresolver.acme.storage=/etc/traefik/acme/acme.json
ports: ["80:80", "443:443"]
volumes: [/var/run/docker.sock:/var/run/docker.sock, ./data/.traefik:/etc/traefik/acme] |
I just switched to caddy and still have the same problem. Perhaps it's because I'm using a jump server? $BASE_URL:~$ ssh -fNTL 4443:localhost:443 private-machine
$BASE_URL:~$ sudo socat TCP-LISTEN:443,fork TCP:localhost:4443 I wonder if forwarding |
I'm having trouble getting IP geolocation to work. I've done a bit of debugging, and found that the geoip volume isn't mounted to the plausible container by default (as has someone else, it seems #7). After fixing this however, it still doesn't appear to work - no data is shown on the map, nor is there a tooltip when hovering.
So far I've tried:
Update
geoip/docker-compose.geoip.yml
so the geoip volume is mounted at/geoip
for the plausible service.Then reload using
docker-compose -f docker-compose.yml -f geoip/docker-compose.geoip.yml up -d
.Check that the file actually exists within the plausible container.
Try completely from fresh
Check logs
At this point I feel like more in-depth debugging is needed. I've verified that the file exists where Plausible is told it is, yet no data is returned from the
/api/stats/:domain/countries
endpoint.Other than that, Plausible is amazing so far; major props for putting a self-hosted version out there.
The text was updated successfully, but these errors were encountered: