diff --git a/README.md b/README.md
index ac6bbdc..b7f97df 100644
--- a/README.md
+++ b/README.md
@@ -46,3 +46,8 @@ In the future, the static inventory file may be replaced with a dynamic inventor
One important aspect of the `hosts` file is that it defines the groups which a host or hosts are a part of.
Currently, there is one prod host called `regluit-prod` which is a member of the `production` group, and another called `regluit-ondeck` in the `ondeck` group intended to be a build target that can be swapped in to production.
These designations are important, as the `setup-prod` playbook specifically targets the `regluit-prod` host, and only that host will inherit the variables in `group_vars/production/`.
+
+## Notes
+
+`sudo apt-get install mysql-client-8.0=8.0.19-0ubuntu5`
+`sudo apt-get install mysql-client-core-8.0=8.0.19-0ubuntu5'
diff --git a/group_vars/dev/vars.yml b/group_vars/dev/vars.yml
index debffb6..3255ba7 100644
--- a/group_vars/dev/vars.yml
+++ b/group_vars/dev/vars.yml
@@ -11,7 +11,7 @@ server_name: "m.unglue.it"
wsgi_home: "/opt/regluit/venv"
wsgi_python_path: "/opt/regluit/venv/bin/python3"
git_repo: "https://github.com/Gluejar/regluit.git"
-git_branch: "maintenance2022"
+git_branch: "maintenance-2024"
le_endpoint: https://acme-v02.api.letsencrypt.org/directory
#le_endpoint: https://acme-staging-v02.api.letsencrypt.org/directory
alt_server_name: ""
diff --git a/group_vars/production/vars.yml b/group_vars/production/vars.yml
index ddca91e..1bf8633 100644
--- a/group_vars/production/vars.yml
+++ b/group_vars/production/vars.yml
@@ -25,7 +25,7 @@ mysql_db_host: "{{ vault_mysql_db_host }}"
mysql_db_port: ""
email_host: "{{ vault_email_host }}"
email_port: 587
-default_from_email: "notices@gluejar.com"
+default_from_email: "unglueit@ebookfoundation.org"
### Variables in common.py ###
common_keys:
@@ -42,6 +42,7 @@ common_keys:
ku_password: "{{ vault_ku_password }}"
stripe_pk: "{{ vault_stripe_pk }}"
stripe_sk: "{{ vault_stripe_sk }}"
+ librarything_key: "{{ vault_librarything_key }}"
### Variables in host.py ###
host_keys:
diff --git a/roles/regluit_common/templates/common.py.j2 b/roles/regluit_common/templates/common.py.j2
index 796e6b2..04c62fd 100644
--- a/roles/regluit_common/templates/common.py.j2
+++ b/roles/regluit_common/templates/common.py.j2
@@ -13,3 +13,4 @@ MOBIGEN_URL = os.environ.get('MOBIGEN_URL', '') # https://host/mobigen
MOBIGEN_USER_ID = os.environ.get('MOBIGEN_USER_ID', 'user')
KU_EMAIL = os.environ.get('KU_EMAIL', 'user@example.com')
KU_PASSWORD = os.environ.get('KU_PASSWORD', 'abc123XYX')
+LIBRARYTHING_KEY = os.environ.get('LIBRARYTHING_KEY', 'abcdef1234567890abcdef1234567890')
diff --git a/roles/regluit_prod/templates/apache.conf.j2 b/roles/regluit_prod/templates/apache.conf.j2
index 3819824..8117ca0 100644
--- a/roles/regluit_prod/templates/apache.conf.j2
+++ b/roles/regluit_prod/templates/apache.conf.j2
@@ -27,7 +27,7 @@ SSLCertificateFile /etc/ssl/certs/{{ server_name }}.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
SSLCertificateChainFile /etc/ssl/certs/{{ server_name }}.ca-bundle
-WSGIDaemonProcess regluit processes=2 threads=20 python-eggs=/tmp/regluit-python-eggs
+WSGIDaemonProcess regluit processes=2 threads=10 python-eggs=/tmp/regluit-python-eggs
WSGIScriptAlias / /opt/regluit/deploy/prod.wsgi
# generated using https://mozilla.github.io/server-side-tls/ssl-config-generator/
@@ -40,11 +40,14 @@ SSLHonorCipherOrder on
# HSTS (mod_headers is required) (15768000 seconds = 6 months)
Header always add Strict-Transport-Security "max-age=15768000"
+
+ Redirect permanent / https://{{ server_name }}/404.html
+
Require all granted
- Require expr tolower ( %{HTTP_HOST} ) in { "{{ server_name }}", "{{ alt_server_name }}" }
+ Require expr -n %{HTTP_HOST} && tolower ( %{HTTP_HOST} ) in { "{{ server_name }}", "{{ alt_server_name }}" }
diff --git a/roles/regluit_prod/templates/celery/celerybeat.j2 b/roles/regluit_prod/templates/celery/celerybeat.j2
index 689170d..f68ba43 100644
--- a/roles/regluit_prod/templates/celery/celerybeat.j2
+++ b/roles/regluit_prod/templates/celery/celerybeat.j2
@@ -24,4 +24,4 @@ CELERYBEAT_LOG_LEVEL="INFO"
CELERY_APP="regluit"
-CELERYBEAT_OPTS="--schedule=/var/run/celery/celerybeat-schedule"
\ No newline at end of file
+CELERYBEAT_OPTS="--schedule=/var/run/celery/celerybeat-schedule --concurrency=2"
\ No newline at end of file
diff --git a/roles/regluit_prod/templates/celery/celeryd.j2 b/roles/regluit_prod/templates/celery/celeryd.j2
index 8323987..37ece01 100644
--- a/roles/regluit_prod/templates/celery/celeryd.j2
+++ b/roles/regluit_prod/templates/celery/celeryd.j2
@@ -7,6 +7,7 @@ CELERY_BIN="{{ project_path }}/{{ virtualenv_name }}/bin/celery"
CELERYD_USER="celery"
CELERYD_GROUP="celery"
CELERYD_LOG_LEVEL="INFO"
+CELERYD_OPTS="--concurrency=8"
VIRTUALENV_ACTIVATE="{{ project_path }}/{{ virtualenv_name }}/bin/activate"
DJANGO_SETTINGS_MODULE="{{ django_settings_module }}"
diff --git a/roles/regluit_prod/templates/prod.py.j2 b/roles/regluit_prod/templates/prod.py.j2
index 27868d5..273bf7c 100644
--- a/roles/regluit_prod/templates/prod.py.j2
+++ b/roles/regluit_prod/templates/prod.py.j2
@@ -57,6 +57,9 @@ LOGGING = {
'brief': {
'format': '%(asctime)s %(levelname)s %(name)s[%(funcName)s]: %(message)s',
},
+ 'dl': {
+ 'format': '%(asctime)s : %(message)s',
+ },
},
'handlers': {
'mail_admins': {
@@ -75,6 +78,14 @@ LOGGING = {
'backupCount': 5,
'formatter': 'brief',
},
+ 'downloads': {
+ 'level': 'INFO',
+ 'class': 'logging.handlers.GroupWriteRotatingFileHandler',
+ 'filename': join('/var/log/regluit', 'downloads.log'),
+ 'maxBytes': 1024*1024*10, # 10 MB
+ 'backupCount': 5,
+ 'formatter': 'dl',
+ },
},
'loggers': {
'django.request': {
@@ -86,6 +97,11 @@ LOGGING = {
'handlers': ['null'],
'propagate': False,
},
+ 'regluit.downloads': {
+ 'handlers': ['downloads'],
+ 'level': 'INFO',
+ 'propagate': False,
+ },
'': {
'handlers': ['file'],
'level': 'WARNING',
@@ -143,4 +159,6 @@ try:
except ImportError:
pass
-NOTIFICATION_LOCK_FILE = '/opt/regluit/.lock/send_notices'
\ No newline at end of file
+NOTIFICATION_LOCK_FILE = '/opt/regluit/.lock/send_notices'
+
+SERVER_LOG_DIR = '/var/log/apache2/'
\ No newline at end of file