diff --git a/zim/download-kiwix/mb-configs.cm.yaml b/zim/download-kiwix/mb-configs.cm.yaml
index 2cba647..af22593 100644
--- a/zim/download-kiwix/mb-configs.cm.yaml
+++ b/zim/download-kiwix/mb-configs.cm.yaml
@@ -160,7 +160,7 @@ data:
#LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
- #LoadModule remoteip_module modules/mod_remoteip.so
+ LoadModule remoteip_module modules/mod_remoteip.so
#LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
@@ -218,7 +218,7 @@ data:
#LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
- LoadModule geoip_module modules/mod_geoip.so
+ LoadModule maxminddb_module modules/mod_maxminddb.so
LoadModule form_module modules/mod_form.so
LoadModule mirrorbrain_module modules/mod_mirrorbrain.so
LoadModule autoindex_mb_module modules/mod_autoindex_mb.so
@@ -324,7 +324,7 @@ data:
# Custom `vhost` log format that we use on nginx as well
# and which is adapted for matomo-log-uploader
# log_format vhost '$host $remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent"';
- LogFormat "%v %{X-Forwarded-For}i - %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost
+ LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost
# You need to enable mod_logio.c to use %I and %O
@@ -388,6 +388,11 @@ data:
#Scriptsock cgisock
+
+ # Use the X-Forwarded-For header as useragent IP
+ RemoteIPHeader X-Forwarded-For
+
+
#
# "/usr/local/apache2/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
@@ -669,6 +674,8 @@ data:
ServerAdmin contact+download@kiwix.org
DocumentRoot /var/www/download.kiwix.org
+ Alias /static/ /var/www/static/
+
MirrorBrainMetalinkPublisher "Kiwix project" https://kiwix.org
MirrorBrainTorrentTrackerURL "http://tracker.openzim.org:6969/announce"
MirrorBrainTorrentTrackerURL "udp://tracker.openzim.org:6969/announce"
@@ -693,10 +700,18 @@ data:
ExpiresByType text/xml "access plus 60 minutes"
-
- GeoIPEnable On
- GeoIPEnableUTF8 On
- GeoIPScanProxyHeaders On
+
+ MaxMindDBEnable On
+ #MaxMindDBFile COUNTRY_DB /usr/share/GeoIP/GeoLite2-Country.mmdb
+ MaxMindDBFile CITY_DB /usr/share/GeoIP/GeoLite2-City.mmdb
+ # we use old DBEnv names to not modify mirrorbrain code
+ MaxMindDBEnv GEOIP_COUNTRY_CODE CITY_DB/country/iso_code
+ MaxMindDBEnv GEOIP_COUNTRY_NAME CITY_DB/country/names/en
+ MaxMindDBEnv GEOIP_CONTINENT_CODE CITY_DB/continent/code
+ MaxMindDBEnv GEOIP_LONGITUDE CITY_DB/location/longitude
+ MaxMindDBEnv GEOIP_LATITUDE CITY_DB/location/latitude
+ MaxMindDBEnv GEOIP_REGION CITY_DB/subdivisions/0/iso_code
+ MaxMindDBEnv GEOIP_REGION_NAME CITY_DB/subdivisions/0/names/en
# This is a hack to avoid counting twice a same
@@ -750,3 +765,23 @@ data:
IndexOrderDefault Descending Date
+ mirrorlist_header.txt: |
+
+
+
+
+
+
+ %(title)s
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/zim/download-kiwix/mirrorbrain-web.yaml b/zim/download-kiwix/mirrorbrain-web.yaml
index 8cf7e1e..6ca26f5 100644
--- a/zim/download-kiwix/mirrorbrain-web.yaml
+++ b/zim/download-kiwix/mirrorbrain-web.yaml
@@ -35,8 +35,8 @@ spec:
mountPath: "/usr/share/mirrorbrain"
readOnly: true
- name: mb-volume
- subPath: geoip
- mountPath: "/usr/local/geoip/share/GeoIP"
+ subPath: geoip2
+ mountPath: "/usr/share/GeoIP"
readOnly: true
- name: configs
subPath: mirrorbrain.conf
@@ -50,6 +50,10 @@ spec:
subPath: httpd-vhosts.conf
mountPath: "/usr/local/apache2/conf/extra/httpd-vhosts.conf"
readOnly: true
+ - name: configs
+ subPath: mirrorlist_header.txt
+ mountPath: "/etc/mirrorlist_header.txt"
+ readOnly: true
- mountPath: "/usr/local/apache2/logs/custom"
subPath: download-kiwix
name: nginx-logs-volume
diff --git a/zim/download-kiwix/tasks/mb-probe-mirrors.cronjob.yaml b/zim/download-kiwix/tasks/mb-probe-mirrors.cronjob.yaml
index 5bc1d0a..3a8beb3 100644
--- a/zim/download-kiwix/tasks/mb-probe-mirrors.cronjob.yaml
+++ b/zim/download-kiwix/tasks/mb-probe-mirrors.cronjob.yaml
@@ -20,8 +20,8 @@ spec:
command: ["mirrorprobe"]
volumeMounts:
- name: mb-volume
- subPath: geoip
- mountPath: "/usr/local/geoip/share/GeoIP"
+ subPath: geoip2
+ mountPath: "/usr/share/GeoIP"
readOnly: true
- name: configs
subPath: mirrorbrain.conf
diff --git a/zim/download-kiwix/tasks/mb-update-geoip.cronjob.yaml b/zim/download-kiwix/tasks/mb-update-geoip.cronjob.yaml
new file mode 100644
index 0000000..168d049
--- /dev/null
+++ b/zim/download-kiwix/tasks/mb-update-geoip.cronjob.yaml
@@ -0,0 +1,43 @@
+apiVersion: batch/v1
+kind: CronJob
+metadata:
+ name: mb-probe-mirrors
+ namespace: zim
+spec:
+ schedule: "0 10 * * *"
+ successfulJobsHistoryLimit: 1
+ failedJobsHistoryLimit: 1
+ concurrencyPolicy: Forbid
+ jobTemplate:
+ spec:
+ backoffLimit: 2
+ template:
+ spec:
+ containers:
+ - image: ghcr.io/kiwix/mirrorbrain:latest
+ imagePullPolicy: IfNotPresent
+ name: mirrorbrain
+ command: ["geoipupdate -v"]
+ volumeMounts:
+ - name: mb-volume
+ subPath: geoip2
+ mountPath: "/usr/share/GeoIP"
+ readOnly: false
+ - name: mb-secrets
+ subPath: GeoIP.conf
+ readOnly: true
+ mountPath: "/etc/GeoIP.conf"
+ resources:
+ requests:
+ memory: "64Mi"
+ cpu: "20m"
+ volumes:
+ - name: mb-volume
+ persistentVolumeClaim:
+ claimName: mirrorbrain-support-pvc
+ - name: mb-secrets
+ secret:
+ secretName: mb-secrets
+ restartPolicy: Never
+ nodeSelector:
+ k8s.kiwix.org/role: "storage"