diff --git a/.envrc.example b/.envrc.example
index e1ebd403..d3b937f2 100644
--- a/.envrc.example
+++ b/.envrc.example
@@ -1,5 +1,24 @@
+# Exceptions and tracebacks on errors
+# 1: show
+# 0: don't show
export DEBUG=1
+
+# Stop real emails and turn https off
+# 1: stop and off
+# 0: do not stop and on
+export LOCALDEV=1
+
+# Session cookies secret
export SECRET_KEY=some-secret-key
-export DATABASE_URL=postgres://mataroa:db-password@db:5432/mataroa
-export EMAIL_HOST_USER=smtp-user
-export EMAIL_HOST_PASSWORD=smtp-password
+
+# Database connection
+export DATABASE_URL=postgres://mataroa:xxx@localhost:5432/mataroa
+
+# SMTP credentials
+export EMAIL_HOST_USER=
+export EMAIL_HOST_PASSWORD=
+
+# Stripe payments details
+export STRIPE_API_KEY=
+export STRIPE_PUBLIC_KEY=
+export STRIPE_PRICE_ID=
diff --git a/.github/workflows/django-build.yml b/.github/workflows/django-build.yml
index c4adec30..051290f3 100644
--- a/.github/workflows/django-build.yml
+++ b/.github/workflows/django-build.yml
@@ -25,10 +25,10 @@ jobs:
steps:
- uses: actions/checkout@v4
- - name: Set up Python 3.10
+ - name: Set up Python
uses: actions/setup-python@v4
with:
- python-version: '3.10'
+ python-version: '3.11'
- name: Install Dependencies
run: |
python -m pip install --upgrade pip
@@ -43,6 +43,6 @@ jobs:
- name: Lint
run: |
touch .envrc
- pip install -r requirements_dev.txt
+ pip install -r requirements.dev.txt
pip install -r requirements.txt
- make lint
+ ruff check .
diff --git a/.gitignore b/.gitignore
index a53424d4..b700bf26 100644
--- a/.gitignore
+++ b/.gitignore
@@ -13,11 +13,6 @@ postgres-data/
.coverage
htmlcov/
-# uwsgi
-uwsgi.ini
-uwsgi-log.txt
-mataroa.pid
-
# docker
docker-postgres-data/
docker-compose.override.yml
diff --git a/Dockerfile b/Dockerfile
index 7287efaa..d14e3a8a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,8 +12,8 @@ RUN apt-get update && \
&& rm -rf /var/lib/apt/lists/*
COPY requirements.txt /code/
-COPY requirements_dev.txt /code/
-RUN pip install -U pip && pip install -Ur /code/requirements.txt && pip install -Ur /code/requirements_dev.txt
+COPY requirements.dev.txt /code/
+RUN pip install -U pip && pip install -Ur /code/requirements.txt && pip install -Ur /code/requirements.dev.txt
WORKDIR /code
COPY . /code/
diff --git a/Makefile b/Makefile
deleted file mode 100644
index b67d4493..00000000
--- a/Makefile
+++ /dev/null
@@ -1,34 +0,0 @@
-.PHONY: all
-all: format lint cov
-
-.PHONY: format
-format:
- $(info Formating Python code)
- black --exclude '/\.venv/' .
- isort --profile black .
-
-.PHONY: lint
-lint:
- $(info Running Python linters)
- flake8 --exclude=.venv/ --ignore=E203,E501,W503
- isort --check-only --profile black .
- black --check --exclude '/\.venv/' .
- shellcheck -x *.sh
-
-.PHONY: test
-test:
- $(info Running test suite)
- python -Wall manage.py test
-
-.PHONY: cov
-cov:
- $(info Generating coverage report)
- coverage run --source='.' --omit '.venv/*' manage.py test
- coverage report -m
-
-.PHONY: upgrade
-upgrade:
- $(info Running pip-compile -U)
- pip-compile -U requirements.in
- pip install --upgrade pip
- pip install -r requirements.txt
diff --git a/README.md b/README.md
index 0356c9af..ae9008d0 100644
--- a/README.md
+++ b/README.md
@@ -95,7 +95,7 @@ volume, located in the root of the project.
```
python3 -m venv .venv
source .venv/bin/activate
-pip install -r requirements_dev.txt
+pip install -r requirements.dev.txt
pip install -r requirements.txt
```
@@ -197,23 +197,35 @@ python manage.py test
For coverage, run:
```sh
-make cov
+coverage run --source='.' --omit '.venv/*' manage.py test
+coverage report -m
```
## Code linting & formatting
-The following tools are used for code linting and formatting:
+We use [ruff](https://github.com/astral-sh/ruff) for Python code formatting and linting.
-* [black](https://github.com/psf/black) for code formatting
-* [isort](https://github.com/pycqa/isort) for imports order consistency
-* [flake8](https://gitlab.com/pycqa/flake8) for code linting
-* [shellcheck](https://github.com/koalaman/shellcheck) for shell scripts
+To format:
-To use:
+```sh
+ruff format
+```
+
+To lint:
```sh
-make format
-make lint
+ruff check
+ruff check --fix
+```
+
+## Python dependencies
+
+We use [pip-tools](https://github.com/jazzband/pip-tools) to manage our Python dependencies:
+
+```sh
+pip-compile -U requirements.in
+pip install --upgrade pip
+pip install -r requirements.txt
```
## Deployment
@@ -221,20 +233,12 @@ make lint
See the [Deployment](./docs/deployment.md) document for an overview on steps
required to deploy a mataroa instance.
-See the [Server Playbook](./docs/server-playbook.md) document for a detailed
-run through of setting up a mataroa instance on an Ubuntu 22.04 LTS system
-using [uWSGI](https://uwsgi.readthedocs.io/en/latest/) and
-[Caddy](https://caddyserver.com/).
-
-See the [Server Migration](./docs/server-migration.md) document for a guide on
-how to migrate servers.
-
### Useful Commands
-To reload the uWSGI process:
+To reload the gunicorn process:
```sh
-sudo systemctl reload mataroa.uwsgi
+sudo systemctl reload mataroa
```
To reload Caddy:
@@ -243,10 +247,10 @@ To reload Caddy:
systemctl restart caddy # root only
```
-uWSGI logs:
+gunicorn logs:
```sh
-journalctl -fb -u mataroa.uwsgi
+journalctl -fb -u mataroa
```
Caddy logs:
@@ -259,7 +263,7 @@ Get an overview with systemd status:
```sh
systemctl status caddy
-systemctl status mataroa.uwsgi
+systemctl status mataroa
```
## Backup
diff --git a/ansible/.envrc.example b/ansible/.envrc.example
new file mode 100644
index 00000000..e4496234
--- /dev/null
+++ b/ansible/.envrc.example
@@ -0,0 +1,39 @@
+# inventory.yaml
+
+# Server IP and user with ssh access
+export ANSIBLE_HOST=
+export ANSIBLE_USER=root
+
+
+# vars.yaml
+
+# Domain name and email for Caddy
+export DOMAIN=mataroa.blog
+export EMAIL=admin@mataroa.blog
+
+# Show exceptions and tracebacks on errors
+# 1: show
+# 0: don't show
+export DEBUG=1
+
+# Stop real emails and turn https off
+# 1: stop and off
+# 0: do not stop and on
+export LOCALDEV=1
+
+# Session cookies secret
+export SECRET_KEY=some-secret-key
+
+# Database connection
+export DATABASE_URL=postgres://mataroa:xxx@localhost:5432/mataroa
+export POSTGRES_USERNAME=mataroa
+export POSTGRES_PASSWORD=xxx
+
+# SMTP credentials
+export EMAIL_HOST_USER=
+export EMAIL_HOST_PASSWORD=
+
+# Stripe payments details
+export STRIPE_API_KEY=
+export STRIPE_PUBLIC_KEY=
+export STRIPE_PRICE_ID=
diff --git a/ansible/Caddyfile.j2 b/ansible/Caddyfile.j2
new file mode 100644
index 00000000..1eb5a109
--- /dev/null
+++ b/ansible/Caddyfile.j2
@@ -0,0 +1,14 @@
+{{ domain }} {
+ route {
+ file_server /static/* {
+ root /var/www/mataroa
+ }
+ reverse_proxy 127.0.0.1:5000
+ }
+
+ tls {{ email }} {
+ on_demand
+ }
+
+ encode zstd gzip
+}
diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg
new file mode 100644
index 00000000..f9e6eec0
--- /dev/null
+++ b/ansible/ansible.cfg
@@ -0,0 +1,3 @@
+[defaults]
+inventory = inventory.yaml
+pipelining = True
diff --git a/ansible/inventory.yaml b/ansible/inventory.yaml
new file mode 100644
index 00000000..17a3ccc3
--- /dev/null
+++ b/ansible/inventory.yaml
@@ -0,0 +1,5 @@
+virtualmachines:
+ hosts:
+ main:
+ ansible_host: "{{ lookup('env', 'ANSIBLE_HOST') }}"
+ ansible_user: "{{ lookup('env', 'ANSIBLE_USER') }}"
diff --git a/ansible/mataroa.service.j2 b/ansible/mataroa.service.j2
new file mode 100644
index 00000000..993aee4f
--- /dev/null
+++ b/ansible/mataroa.service.j2
@@ -0,0 +1,27 @@
+[Unit]
+Description=mataroa
+After=network.target
+
+[Service]
+Type=simple
+User=deploy
+Group=www-data
+WorkingDirectory=/var/www/mataroa
+ExecStart=/var/www/mataroa/.venv/bin/gunicorn -b 127.0.0.1:5000 -w 4 mataroa.wsgi
+ExecReload=/bin/kill -HUP $MAINPID
+Environment="DOMAIN={{ domain }}"
+Environment="EMAIL={{ email }}"
+Environment="DEBUG={{ debug }}"
+Environment="LOCALDEV={{ localdev }}"
+Environment="SECRET_KEY={{ secret_key }}"
+Environment="DATABASE_URL={{ database_url }}"
+Environment="EMAIL_HOST_USER={{ email_host_user }}"
+Environment="EMAIL_HOST_PASSWORD={{ email_host_password }}"
+Environment="STRIPE_API_KEY={{ stripe_api_key }}"
+Environment="STRIPE_PUBLIC_KEY={{ stripe_public_key }}"
+Environment="STRIPE_PRICE_ID={{ stripe_price_id }}"
+TimeoutSec=15
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
diff --git a/ansible/playbook.yaml b/ansible/playbook.yaml
new file mode 100644
index 00000000..a604dead
--- /dev/null
+++ b/ansible/playbook.yaml
@@ -0,0 +1,160 @@
+---
+- hosts: virtualmachines
+ vars_files:
+ - vars.yaml
+ become: yes
+ tasks:
+ # smoke test and essential dependencies
+ - name: ping
+ ansible.builtin.ping:
+ - name: essentials
+ ansible.builtin.apt:
+ update_cache: yes
+ name:
+ - gcc
+ - git
+ - libpq-dev
+ - postgresql
+ - python3-psycopg2
+ - python3.11
+ - python3.11-dev
+ - python3.11-venv
+ - vim
+ state: present
+
+ # caddy
+ - name: add caddy key
+ ansible.builtin.apt_key:
+ id: 65760C51EDEA2017CEA2CA15155B6D79CA56EA34
+ url: https://dl.cloudsmith.io/public/caddy/stable/gpg.key
+ keyring: /etc/apt/trusted.gpg.d/caddy-stable.gpg
+ state: present
+ - name: add caddy deb repository
+ ansible.builtin.apt_repository:
+ repo: deb [signed-by=/etc/apt/trusted.gpg.d/caddy-stable.gpg] https://dl.cloudsmith.io/public/caddy/stable/deb/debian any-version main
+ - name: add caddy deb-src repository
+ ansible.builtin.apt_repository:
+ repo: deb [signed-by=/etc/apt/trusted.gpg.d/caddy-stable.gpg] https://dl.cloudsmith.io/public/caddy/stable/deb/debian any-version main
+ - name: install caddy
+ ansible.builtin.apt:
+ update_cache: yes
+ name: caddy
+ - name: caddyfile
+ ansible.builtin.template:
+ src: Caddyfile.j2
+ dest: /etc/caddy/Caddyfile
+ owner: root
+ group: root
+ mode: '0644'
+
+ # deploy user and directory
+ - name: www directory
+ ansible.builtin.file:
+ path: /var/www
+ state: directory
+ mode: '0755'
+ - name: create user
+ ansible.builtin.user:
+ name: deploy
+ password: ""
+ shell: /bin/bash
+ groups:
+ - sudo
+ - www-data
+ append: yes
+ createhome: yes
+ skeleton: '/etc/skel'
+ generate_ssh_key: yes
+ ssh_key_type: 'ed25519'
+ - name: www ownership
+ ansible.builtin.file:
+ path: /var/www
+ owner: deploy
+ group: www-data
+ recurse: yes
+
+ # postgresql setup
+ - name: pg user
+ community.general.postgresql_user:
+ name: "{{ postgres_username }}"
+ password: "{{ postgres_password }}"
+ expires: infinity
+ state: present
+ become_user: postgres
+ - name: pg database
+ community.general.postgresql_db:
+ name: mataroa
+ owner: "{{ postgres_username }}"
+ state: present
+ become_user: postgres
+ - name: pg permissions
+ community.postgresql.postgresql_privs:
+ db: mataroa
+ privs: ALL
+ objs: ALL_IN_SCHEMA
+ role: "{{ postgres_username }}"
+ grant_option: true
+ become_user: postgres
+
+ # repository
+ - name: clone
+ ansible.builtin.git:
+ repo: https://github.com/mataroa-blog/mataroa
+ dest: /var/www/mataroa
+ version: ansible
+ accept_hostkey: true
+ become_user: deploy
+ - name: dependencies
+ ansible.builtin.pip:
+ virtualenv_command: python3 -m venv .venv
+ virtualenv: /var/www/mataroa/.venv
+ requirements: /var/www/mataroa/requirements.txt
+ become_user: deploy
+
+ # systemd
+ - name: systemd template
+ ansible.builtin.template:
+ src: mataroa.service.j2
+ dest: /etc/systemd/system/mataroa.service
+ owner: root
+ group: root
+ mode: '0644'
+ - name: systemd reload
+ ansible.builtin.systemd:
+ daemon_reload: true
+ - name: systemd enable
+ ansible.builtin.systemd:
+ name: mataroa
+ enabled: yes
+ - name: systemd start
+ ansible.builtin.systemd:
+ name: mataroa
+ state: restarted
+
+ # deployment specific
+ - name: collectstatic
+ ansible.builtin.shell:
+ cmd: |
+ source .venv/bin/activate
+ python3 manage.py collectstatic --no-input
+ chdir: /var/www/mataroa
+ args:
+ executable: /bin/bash
+ become_user: deploy
+ - name: migrations
+ ansible.builtin.shell:
+ cmd: |
+ source .venv/bin/activate
+ DATABASE_URL='{{ database_url }}' python3 manage.py migrate --no-input
+ chdir: /var/www/mataroa
+ args:
+ executable: /bin/bash
+ become_user: deploy
+ - name: gunicorn restart
+ ansible.builtin.systemd:
+ name: mataroa
+ state: restarted
+ - name: caddy restart
+ ansible.builtin.systemd:
+ name: caddy
+ state: restarted
diff --git a/ansible/vars.yaml b/ansible/vars.yaml
new file mode 100644
index 00000000..efaad82a
--- /dev/null
+++ b/ansible/vars.yaml
@@ -0,0 +1,19 @@
+---
+domain: "{{ lookup('env', 'DOMAIN') }}"
+email: "{{ lookup('env', 'EMAIL') }}"
+
+debug: "{{ lookup('env', 'DEBUG') }}"
+localdev: "{{ lookup('env', 'LOCALDEV') }}"
+
+secret_key: "{{ lookup('env', 'SECRET_KEY') }}"
+
+database_url: "{{ lookup('env', 'DATABASE_URL') }}"
+postgres_username: "{{ lookup('env', 'POSTGRES_USERNAME') }}"
+postgres_password: "{{ lookup('env', 'POSTGRES_PASSWORD') }}"
+
+email_host_user: "{{ lookup('env', 'EMAIL_HOST_USER') }}"
+email_host_password: "{{ lookup('env', 'EMAIL_HOST_PASSWORD') }}"
+
+stripe_api_key: "{{ lookup('env', 'STRIPE_API_KEY') }}"
+stripe_public_key: "{{ lookup('env', 'STRIPE_PUBLIC_KEY') }}"
+stripe_price_id: "{{ lookup('env', 'STRIPE_PRICE_ID') }}"
diff --git a/deploy.sh b/deploy.sh
deleted file mode 100755
index 9487d796..00000000
--- a/deploy.sh
+++ /dev/null
@@ -1,55 +0,0 @@
-#!/usr/bin/env bash
-
-set -o errexit
-set -o nounset
-set -o pipefail
-if [[ "${TRACE-0}" == "1" ]]; then
- set -o xtrace
-fi
-
-if [[ "${1-}" =~ ^-*h(elp)?$ ]]; then
- echo 'Usage: ./deploy.sh
-
-This script deploys the service in the production server.'
- exit
-fi
-
-cd "$(dirname "$0")"
-
-main() {
- # check venv is enabled
- if [[ -z "${VIRTUAL_ENV}" ]]; then
- exit
- fi
-
- # make sure linting checks pass
- make lint
-
- # static
- python manage.py collectstatic --noinput
-
- # make sure latest requirements are installed
- pip install -U pip
- pip install -r requirements.txt
-
- # make sure tests pass
- make test
-
- # push origin srht
- git push -v srht main
-
- # push on github
- git push -v github main
-
- # pull on server and reload
- ssh deploy@95.217.30.133 'cd /var/www/mataroa ' \
- '&& git pull ' \
- '&& source .venv/bin/activate ' \
- '&& pip install -U pip ' \
- '&& pip install -r requirements.txt ' \
- '&& python manage.py collectstatic --noinput ' \
- '&& source .envrc && python manage.py migrate ' \
- '&& sudo systemctl reload mataroa.uwsgi'
-}
-
-main "$@"
diff --git a/docs/src/SUMMARY.md b/docs/src/SUMMARY.md
index bba16644..f56cd948 100644
--- a/docs/src/SUMMARY.md
+++ b/docs/src/SUMMARY.md
@@ -7,7 +7,6 @@
- [File Structure Walkthrough](./file-structure-walkthrough.md)
- [Dependencies](./dependencies.md)
- [Deployment](./deployment.md)
-- [Server Playbook](./server-playbook.md)
-- [Admin and Moderation](./admin-moderation.md)
+- [Cronjobs](./cronjobs.md)
- [Database Backup](./database-backup.md)
- [Server Migration](./server-migration.md)
diff --git a/docs/src/admin-moderation.md b/docs/src/admin-moderation.md
deleted file mode 100644
index 7debcf84..00000000
--- a/docs/src/admin-moderation.md
+++ /dev/null
@@ -1,20 +0,0 @@
-# Admin and Moderation
-
-There are two kinds of dashboards on mataroa.
-
-## Django Admin Dashboard
-
-One is the built-in Django admin, visitable at `/dja/`.
-
-## Moderation Dashboard
-
-Second is the custom-built Moderation dashboard, visitable at:
-
-* `/mod/users/new/`
-* `/mod/users/active/`
-* `/mod/users/active-nonnew/`
-* `/mod/posts/new/`
-* `/mod/pages/new/`
-* `/mod/comments/`
-
-et al, see "moderation pages" on [main/urls.py](main/urls.py).
diff --git a/docs/src/cronjobs.md b/docs/src/cronjobs.md
new file mode 100644
index 00000000..89f99584
--- /dev/null
+++ b/docs/src/cronjobs.md
@@ -0,0 +1,14 @@
+# Cronjobs
+
+Two every 5/10 minutes for notifications:
+
+```
+*/5 * * * * bash -c 'cd /var/www/mataroa && source .venv/bin/activate && source .envrc && python manage.py enqueue_notifications'
+*/10 * * * * bash -c 'cd /var/www/mataroa && source .venv/bin/activate && source .envrc && python manage.py process_notifications'
+```
+
+One monthly for mail exports
+
+```
+0 0 * * * bash -c 'cd /var/www/mataroa && source .venv/bin/activate && source .envrc && python manage.py mail_exports'
+```
diff --git a/docs/src/dependencies.md b/docs/src/dependencies.md
index 1e76d167..966f6053 100644
--- a/docs/src/dependencies.md
+++ b/docs/src/dependencies.md
@@ -17,7 +17,7 @@ Current list of top-level PyPI dependencies (source at [requirements.in](/requir
* [Django](https://pypi.org/project/Django/)
* [psycopg2-binary](https://pypi.org/project/psycopg2-binary/)
-* [uWSGI](https://pypi.org/project/uWSGI/)
+* [gunicorn](https://pypi.org/project/gunicorn/)
* [Markdown](https://pypi.org/project/Markdown/)
* [Pygments](https://pypi.org/project/Pygments/)
* [bleach](https://pypi.org/project/bleach/)
@@ -27,7 +27,7 @@ Current list of top-level PyPI dependencies (source at [requirements.in](/requir
After approving a dependency, the process to add it is:
-1. Assuming a venv is activated and `requirements_dev.txt` are installed.
+1. Assuming a venv is activated and `requirements.dev.txt` are installed.
1. Add new dependency in [`requirements.in`](/requirements.in).
1. Run `pip-compile` to generate [`requirements.txt`](/requirements.txt)
1. Run `pip install -r requirements.txt`
@@ -38,7 +38,7 @@ When a new Django version is out it’s a good idea to upgrade everything.
Steps:
-1. Assuming a venv is activated and `requirements_dev.txt` are installed.
+1. Assuming a venv is activated and `requirements.dev.txt` are installed.
1. Run `pip-compile -U` to generate an upgraded `requirements.txt`.
1. Run `git diff requirements.txt` and spot non-patch level vesion bumps.
1. Examine release notes of each one.
diff --git a/docs/src/deployment.md b/docs/src/deployment.md
index a5f3286b..0190b64d 100644
--- a/docs/src/deployment.md
+++ b/docs/src/deployment.md
@@ -1,41 +1,56 @@
# Deployment
-How to deploy a new mataroa instance?
+## Step 1: Ansible
-1. Get a linux server
-1. Follow the [server playbook](./server-playbook.md)
-1. Update [mataroa/settings](../mataroa/settings.py)
- * `ADMINS`
- * `CANONICAL_HOST`
- * `EMAIL_HOST` and `EMAIL_HOST_BROADCAST`
-1. Adjust the [deploy.sh](../deploy.sh) script
- * Change IP
-1. Enable `deploy` user to reload the uwsgi systemd service. To do this...
+We use ansible to provision a Debian 12 Linux server.
-...add `deploy` user to sudo/wheel group:
+(1a) First, set up configuration files:
```sh
-adduser deploy sudo
-```
+cd ansible/
+# Make a copy of the example file
+cp .envrc.example .envrc
-Then, edit sudoers with:
+# Edit parameters as required
+vim .envrc
-```sh
-visudo
+# Load variables into environment
+source .envrc
```
-and add the following:
+(1b) Then, provision:
+```sh
+ansible-playbook playbook.yaml -v
```
-# Allow deploy user to restart apps
-%deploy ALL=NOPASSWD: /usr/bin/systemctl reload mataroa.uwsgi
-```
-Rumours are the only way to see the results is to reboot :/
+## Step 2: Wildcard certificates
+
+We use Automatic DNS API integration with DNSimple:
-But once you do (!) — then:
+https://github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_dnsimple
```sh
-sudo -i -u deploy
-sudo systemctl reload mataroa.uwsgi
+curl https://get.acme.sh | sh -s email=person@example.com
+# Note: Installation inserts a cronjob for auto-renewal
+
+# Setup DNSimple API
+echo 'export DNSimple_OAUTH_TOKEN="token-here"' >> /root/.acme.sh/acme.sh.env
+
+# Issue cert
+acme.sh --issue --dns dns_dnsimple -d mataroa.blog -d *.mataroa.blog
+
+# We "install" (copy) the cert because we should not use the cert from acme.sh's internal store
+acme.sh --install-cert -d mataroa.blog -d *.mataroa.blog --key-file /etc/caddy/mataroa-blog-key.pem --fullchain-file /etc/caddy/mataroa-blog-cert.pem --reloadcmd "chown caddy:www-data /etc/caddy/mataroa-blog-{cert,key}.pem && systemctl restart caddy"
```
+
+Note: acme.sh's default SSL provider is ZeroSSL which does not accept email with
+plus-subaddressing. It will not error gracefully, just fail with a cryptic
+message (tested with acmesh v3.0.7).
+
+## Step 3: Cronjobs and Automated backups
+
+There are a few cronjobs that need setting up and, of course, backups are essential:
+
+* (3a) [Cronjobs](./cronjobs.md)
+* (3b) [Database Backup](./database-backup.md)
diff --git a/docs/src/file-structure-walkthrough.md b/docs/src/file-structure-walkthrough.md
index 92e88173..154cacc0 100644
--- a/docs/src/file-structure-walkthrough.md
+++ b/docs/src/file-structure-walkthrough.md
@@ -77,8 +77,7 @@ Condensed and commented sources file tree:
│ └── wsgi.py
├── requirements.in # user-editable requirements file
├── requirements.txt # pip-compile generated version-locked dependencies
-├── requirements_dev.txt # user-editable development requirements
-└── uwsgi.example.ini # example configuration for uWSGI
+└── requirements.dev.txt # user-editable development requirements
```
## [`main/urls.py`](/main/urls.py)
diff --git a/docs/src/server-playbook.md b/docs/src/server-playbook.md
deleted file mode 100644
index 43cfcd2e..00000000
--- a/docs/src/server-playbook.md
+++ /dev/null
@@ -1,158 +0,0 @@
-# Server Playbook
-
-This is a basic playbook on how to setup a new mataroa instance.
-
-Based and tested on Ubuntu 22.04.
-
-## Set editor
-
-Optional.
-
-```sh
-select-editor
-update-alternatives --config editor
-echo 'export EDITOR=vim;' >> ~/.bashrc
-source ~/.bashrc
-```
-
-## Set timezone
-
-```sh
-timedatectl set-timezone UTC
-```
-
-## Update system
-
-```sh
-apt update
-unattended-upgrade
-```
-
-## Install Python and Git
-
-```sh
-apt install -y python3 python3-dev python3-venv build-essential git
-```
-
-## Install Caddy
-
-From: https://caddyserver.com/docs/install#debian-ubuntu-raspbian
-
-```sh
-apt install -y debian-keyring debian-archive-keyring apt-transport-https
-curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/gpg.key' | gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
-curl -1sLf 'https://dl.cloudsmith.io/public/caddy/stable/debian.deb.txt' | tee /etc/apt/sources.list.d/caddy-stable.list
-apt update
-apt install caddy
-```
-
-## Setup deploy user
-
-```sh
-adduser deploy # leave password empty three times
-adduser deploy caddy
-adduser deploy www-data
-cd /var/
-mkdir www
-chown -R deploy:www-data www
-```
-
-## Install and setup PostgreSQL
-
-```sh
-apt install postgresql
-sudo -i -u postgres
-createdb mataroa
-createuser mataroa
-psql
-ALTER USER mataroa WITH PASSWORD 'xxx';
-exit
-exit
-```
-
-Note: Change 'xxx' with whatever password you choose.
-
-## Install acme.sh and get certificates
-
-We use Automatic DNS API integration with DNSimple in this case, because
-wildcard domain auto-renew is much harder otherwise.
-
-https://github.com/acmesh-official/acme.sh/wiki/dnsapi#dns_dnsimple
-
-```sh
-curl https://get.acme.sh | sh -s email=person@example.com
-# installation also inserts a cronjob for auto-renewal
-
-# setup DNSimple API
-echo 'export DNSimple_OAUTH_TOKEN="token-here"' >> /root/.acme.sh/acme.sh.env
-
-# issue cert
-acme.sh --issue --dns dns_dnsimple -d mataroa.blog -d *.mataroa.blog
-
-# we "install" (copy) the cert because we should not use the cert from acme.sh's internal store
-acme.sh --install-cert -d mataroa.blog -d *.mataroa.blog --key-file /etc/caddy/mataroa-blog-key.pem --fullchain-file /etc/caddy/mataroa-blog-cert.pem --reloadcmd "chown caddy:www-data /etc/caddy/mataroa-blog-{cert,key}.pem && systemctl restart caddy"
-```
-
-Note: acme.sh's default SSL provider is ZeroSSL which does not accept email with
-plus-subaddressing. It will not error gracefully, just fail with a cryptic
-message (tested with acmesh v3.0.7).
-
-## Clone repository and configure
-
-```sh
-sudo -i -u deploy
-cd /var/www/
-git clone https://git.sr.ht/~sirodoht/mataroa
-
-cd mataroa/
-python3 -m venv .venv
-source .venv/bin/activate
-pip install -r requirements.txt
-python manage.py collectstatic
-
-# setup uwsgi
-cp uwsgi.example.ini uwsgi.ini
-vim uwsgi.ini # edit env variables
-exit
-
-# setup caddy
-cp Caddyfile /etc/caddy/
-sudo vim /etc/caddy/Caddyfile # edit caddyfile as required
-```
-
-Note: We could install uWSGI from Ubuntu's repositories (it's written in C
-after all) but uWSGI has multiple extensions and compile options which change
-depending on the distribution. For this reason, we install from PyPI, which is
-consistent.
-
-## Add systemd entry
-
-```sh
-cp /var/www/mataroa/mataroa.uwsgi.service /lib/systemd/system/mataroa.uwsgi.service
-
-# edit and add env variables as required
-vim /lib/systemd/system/mataroa.uwsgi.service
-
-ln -s /lib/systemd/system/mataroa.uwsgi.service /etc/systemd/system/multi-user.target.wants/
-systemctl daemon-reload
-systemctl enable mataroa.uwsgi
-systemctl start mataroa.uwsgi
-systemctl status mataroa.uwsgi
-```
-
-At this point DNS should also be set and just rebooting should result in the
-instance showing the landing.
-
-## Setup Cronjobs
-
-One at 10am for email notifications (newsletters):
-
-```
-0 10 * * * * bash -c 'cd /var/www/mataroa && source .venv/bin/activate && source .envrc && python manage.py processnotifications'
-```
-
-One monthly for mail exports
-
-```
-0 0 * * * bash -c 'cd /var/www/mataroa && source .venv/bin/activate && source .envrc && python manage.py mail_exports'
-```
diff --git a/main/models.py b/main/models.py
index b8607bec..ffe379fd 100644
--- a/main/models.py
+++ b/main/models.py
@@ -224,17 +224,15 @@ def body_as_text(self):
@property
def is_draft(self):
- if self.published_at:
- return False
- return True
+ return not self.published_at
@property
def is_published(self):
+ # draft case
if not self.published_at:
- # draft case
return False
- if self.published_at > timezone.now().date():
- # future publishing date case
+ # future publishing date case
+ if self.published_at > timezone.now().date(): # noqa: SIM103
return False
return True
diff --git a/main/templates/main/guides_pricing.html b/main/templates/main/guides_pricing.html
new file mode 100644
index 00000000..328c7959
--- /dev/null
+++ b/main/templates/main/guides_pricing.html
@@ -0,0 +1,71 @@
+{% extends 'main/layout.html' %}
+
+{% load static %}
+
+{% block title %}Pricing — Mataroa{% endblock %}
+
+{% block content %}
+
+ Pricing
+
+ In the interest of business transparency, in this page we explain the rationale
+ for our pricing.
+
+
+
+
+
+
+ |
+ Apple Plan |
+ Watermelon Plan |
+ Kiwi Plan |
+
+
+
+
+
+ | Price |
+ $1 one-off |
+ $19/year |
+ $49/year |
+
+
+ | Core functionality |
+ ✓ |
+ ✓ |
+ ✓ |
+
+
+ | Email subcribers |
+ 100 |
+ 1,000 |
+ 10,000 |
+
+
+ | Image hosting |
+ 100MB |
+ 250MB |
+ 1000MB |
+
+
+ | Custom domain |
+ |
+ ✓ |
+ ✓ |
+
+
+ | Auto-exports |
+ |
+ ✓ |
+ ✓ |
+
+
+
+