fix(mitmproxy): Use container-relative path for GeoIP database

The mitmproxy container mounts /srv/mitmproxy as /data, so the GeoIP
database path must use /data/GeoLite2-Country.mmdb for the addon to
find it. This enables proper country detection for external IPs in
threat logs, allowing CrowdSec SSRF scenarios to correctly identify
and ban foreign attackers.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

package/secubox/secubox-app-mitmproxy/root/srv/mitmproxy/addons/secubox_analytics.py

@@ -17,7 +17,7 @@ from mitmproxy import http, ctx
 from pathlib import Path
 
 # GeoIP database path (MaxMind GeoLite2)
-GEOIP_DB = "/srv/mitmproxy/GeoLite2-Country.mmdb"
+GEOIP_DB = "/data/GeoLite2-Country.mmdb"
 LOG_FILE = "/var/log/secubox-access.log"
 # CrowdSec log - uses /data which is bind-mounted to /srv/mitmproxy on host
 # This allows CrowdSec on the host to read threat logs from the container