rcfa
commented
6 months ago Nevermind :(
Here's the problem: the man page for geoiplookup refers in the SEE ALSO section to geoipupdate(1) So the implication is of course, that one updates the database for the other.
Maybe that was the case in the past, but it seems that geoipupdate maintains a new format database in /var/lib/GeoIP/ while geoiplookup still uses an old format database in /usr/share/GeoIP/
Both are copyrights MaxMind, but geoiplookup is from 2016 while geoipupdate is 2018-2023.
So if geoiplookup were actually compatible with the new style database format, things would be as I was tricked into believing they were.
Unfortunately things aren't that way, so I close this issue. It remains to hope that they will eventually update these cli tools to make use of the new database. What made me aware of this discrepancys is, that even after I updated the database, the lookups were still from a november rather than december database. So there's some lag, although for most cases likely not critical, since country assignments of IP blocks shouldn't be too volatile.
There's of course also the option of just updating the legacy databases from here:
https://mailfud.org/geoip-legacy/
they also have a script to do so
https://mailfud.org/geoip-legacy/geoip_update.sh
which also could be run from cron. So, it would require one extra installation step (the script), but then would still yield pretty much current MaxMind GeoLite data, and all the other convenience of the solution.
Until the code is updated to use mmdblookup (from the mmdb-bin package) in conjunction with geoipupdate, this is the most easily workable solution
Alternatively, one could rely on geopipupdate for the database updates, and then simply have a script running that converts them to the legacy format, as it is found here:
https://github.com/sherpya/geolite2legacy
It is rather strange, though, that MaxMind never bothered to update their geoiplookup binaries...
In the readme you mention about Geoiplookup: "Seems to have pretty old database"
But in fact, that's just a starter database. geoiplookup (apt install geoipupdate) is designed to work with MaxMind GeoIP databases. The way it works is with the geoipupdate command, which is has the necessary config file in /etc/GeoIP.conf geoipupdate is designed to run once or twice weekly from cron (the debain package already installs one), thus there's always a current GeoIP database on the system. See also: https://dev.maxmind.com/geoip/updating-databases?lang=en
Since this method uses both MaxMind database, and uses standard debian packages to install, has only minimal additional one time effort (crontab entry, provided the geoipupdate package didn't already install one), and provides system wide geoiplookup functionality (rather than just something buried within Nextcloud/PHP, it would seem by far the preferable option option over the PHP variant.
Given the speed at which these updates occur vs. the fragility and duration of the downloads from the RIRs, it would seem that should be the recommended path, even if there might be fringe cases, where some of the other options are preferable.
Downloading the packages with apt, filling in the information in /etc/GeoIP.conf, and creating a new cron job, and if needed, fixing the php.ini, is less than 15m work. (In my case exec() wasn't disabled to begin with) And as a result a system wide facility and fast, accurate database updates are available. Seems to me the winner to the rest of the alternatives.
Suggested changes along the lines:
Geoiplookup
Using the geoiplookup programm available on some linux distributions:
Precondition
Installation
For up to date database add a crontab entry according to https://dev.maxmind.com/geoip/updating-databases?lang=en#3-run-geoip-update
Advantages
Disadvantages