OpenNeo/impress
OpenNeo/impress
1
0
Fork 1
Code Pull requests Activity
impress/config/environments/production.rb

120 lines
4.7 KiB
Ruby
Raw Normal View History

Upgrade to Rails 6.1.7.4 This one was pretty straightforward yaay! Main thing was the change from `render file` to `render template` in a couple places, oh and a thing with complex `order()` clauses.
2023-08-02 17:55:32 -07:00
require "active_support/core_ext/integer/time"
Upgrade to Rails 6.0.6.1 Another pretty easy one! We have the `rails app:update` changes in here too.
2023-08-02 17:27:11 -07:00
Rails.application.configure do
Run `rails app:update` We accepted some changes as-is, but for development.rb and production.rb we read the diff and manually edited them!
2023-08-02 16:17:07 -07:00
# Settings specified here will take precedence over those in config/application.rb.
rails 3
2010-05-14 15:12:31 -07:00
Run `rails app:update` We accepted some changes as-is, but for development.rb and production.rb we read the diff and manually edited them!
2023-08-02 16:17:07 -07:00
# Code is not reloaded between requests.
Upgrade to Rails 7.1.1 The usual stuff! Installed the new gem and its new deps, ran `bin/rails app:update` and did my best to manually merge the dev/prod config files with the new canonical defaults, deleted some migrations I don't think are relevant to us, and yeah! Also, Rails 7.1 seems to need `libyaml-dev` installed, so I added that to the `deploy/setup.yml` playbook! One thing to note is that, while I was here, I turned on some settings relating to our use of SSL that technically weren't on before. This should be fine and helpful? But if stuff breaks, well, check those!
2023-10-25 15:05:31 -07:00
config.enable_reloading = false
rails 3
2010-05-14 15:12:31 -07:00
Run `rails app:update` to update config files
2025-01-12 12:36:18 -08:00
# Eager load code on boot for better performance and memory savings (ignored by Rake tasks).
Run `rails app:update` We accepted some changes as-is, but for development.rb and production.rb we read the diff and manually edited them!
2023-08-02 16:17:07 -07:00
config.eager_load = true
Run `rails app:update` to update config files
2025-01-12 12:36:18 -08:00
# Full error reports are disabled.
config.consider_all_requests_local = false
# Turn on fragment caching in view templates.
rails 3
2010-05-14 15:12:31 -07:00
config.action_controller.perform_caching = true
Run `rails app:update` to update config files
2025-01-12 12:36:18 -08:00
# Cache assets for far-future expiry since they are all digest stamped.
config.public_file_server.headers = { "cache-control" => "public, max-age=#{1.year.to_i}" }
rails 3
2010-05-14 15:12:31 -07:00
Upgrade to Rails 7.1.1 The usual stuff! Installed the new gem and its new deps, ran `bin/rails app:update` and did my best to manually merge the dev/prod config files with the new canonical defaults, deleted some migrations I don't think are relevant to us, and yeah! Also, Rails 7.1 seems to need `libyaml-dev` installed, so I added that to the `deploy/setup.yml` playbook! One thing to note is that, while I was here, I turned on some settings relating to our use of SSL that technically weren't on before. This should be fine and helpful? But if stuff breaks, well, check those!
2023-10-25 15:05:31 -07:00
# Enable static file serving from the `/public` folder (turn off if using NGINX/Apache for it).
config.public_file_server.enabled = false
rails 3
2010-05-14 15:12:31 -07:00
Upgrade to Rails 7.1.1 The usual stuff! Installed the new gem and its new deps, ran `bin/rails app:update` and did my best to manually merge the dev/prod config files with the new canonical defaults, deleted some migrations I don't think are relevant to us, and yeah! Also, Rails 7.1 seems to need `libyaml-dev` installed, so I added that to the `deploy/setup.yml` playbook! One thing to note is that, while I was here, I turned on some settings relating to our use of SSL that technically weren't on before. This should be fine and helpful? But if stuff breaks, well, check those!
2023-10-25 15:05:31 -07:00
# Enable serving of images, stylesheets, and JavaScripts from an asset server.
# config.asset_host = "http://assets.example.com"
rails 3
2010-05-14 15:12:31 -07:00
Upgrade to Rails 7.1.1 The usual stuff! Installed the new gem and its new deps, ran `bin/rails app:update` and did my best to manually merge the dev/prod config files with the new canonical defaults, deleted some migrations I don't think are relevant to us, and yeah! Also, Rails 7.1 seems to need `libyaml-dev` installed, so I added that to the `deploy/setup.yml` playbook! One thing to note is that, while I was here, I turned on some settings relating to our use of SSL that technically weren't on before. This should be fine and helpful? But if stuff breaks, well, check those!
2023-10-25 15:05:31 -07:00
# Assume all access to the app is happening through a SSL-terminating reverse proxy.
config.assume_ssl = true
phew. rails 3.2.12, including some asset pipeline. still buggy.
2013-03-05 18:08:57 -08:00
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
Upgrade to Rails 7.1.1 The usual stuff! Installed the new gem and its new deps, ran `bin/rails app:update` and did my best to manually merge the dev/prod config files with the new canonical defaults, deleted some migrations I don't think are relevant to us, and yeah! Also, Rails 7.1 seems to need `libyaml-dev` installed, so I added that to the `deploy/setup.yml` playbook! One thing to note is that, while I was here, I turned on some settings relating to our use of SSL that technically weren't on before. This should be fine and helpful? But if stuff breaks, well, check those!
2023-10-25 15:05:31 -07:00
config.force_ssl = true
basic modeling buttons no behavior yet, nor are they filtered
2014-01-03 13:11:02 -08:00
Run `rails app:update` to update config files
2025-01-12 12:36:18 -08:00
# Skip http-to-https redirect for the default health check endpoint.
# config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } }
Run `rails app:update` We accepted some changes as-is, but for development.rb and production.rb we read the diff and manually edited them!
2023-08-02 16:17:07 -07:00
Run `rails app:update` to update config files
2025-01-12 12:36:18 -08:00
# Log to STDOUT with the current request id as a default log tag.
Run `rails app:update` We accepted some changes as-is, but for development.rb and production.rb we read the diff and manually edited them!
2023-08-02 16:17:07 -07:00
config.log_tags = [ :request_id ]
Run `rails app:update` to update config files
2025-01-12 12:36:18 -08:00
config.logger = ActiveSupport::TaggedLogging.logger(STDOUT)
Run `rails app:update` We accepted some changes as-is, but for development.rb and production.rb we read the diff and manually edited them!
2023-08-02 16:17:07 -07:00
basic modeling buttons no behavior yet, nor are they filtered
2014-01-03 13:11:02 -08:00
config.react.variant = :production
donation mailer
2014-09-10 12:32:54 -07:00
Run `rails app:update` to update config files
2025-01-12 12:36:18 -08:00
# Change to "debug" to log everything (including potentially personally-identifiable information!)
Upgrade to Rails 7.1.1 The usual stuff! Installed the new gem and its new deps, ran `bin/rails app:update` and did my best to manually merge the dev/prod config files with the new canonical defaults, deleted some migrations I don't think are relevant to us, and yeah! Also, Rails 7.1 seems to need `libyaml-dev` installed, so I added that to the `deploy/setup.yml` playbook! One thing to note is that, while I was here, I turned on some settings relating to our use of SSL that technically weren't on before. This should be fine and helpful? But if stuff breaks, well, check those!
2023-10-25 15:05:31 -07:00
config.log_level = ENV.fetch("RAILS_LOG_LEVEL", "info")
Run `rails app:update` to update config files
2025-01-12 12:36:18 -08:00
# Prevent health checks from clogging up the logs.
config.silence_healthcheck_path = "/up"
# Don't log any deprecations.
config.active_support.report_deprecations = false
# Replace the default in-process memory cache store with a durable alternative.
Upgrade to Rails 7.1.1 The usual stuff! Installed the new gem and its new deps, ran `bin/rails app:update` and did my best to manually merge the dev/prod config files with the new canonical defaults, deleted some migrations I don't think are relevant to us, and yeah! Also, Rails 7.1 seems to need `libyaml-dev` installed, so I added that to the `deploy/setup.yml` playbook! One thing to note is that, while I was here, I turned on some settings relating to our use of SSL that technically weren't on before. This should be fine and helpful? But if stuff breaks, well, check those!
2023-10-25 15:05:31 -07:00
# config.cache_store = :mem_cache_store
Run `rails app:update` to update config files
2025-01-12 12:36:18 -08:00
# Replace the default in-process and non-durable queuing backend for Active Job.
# config.active_job.queue_adapter = :resque
config.action_mailer.raise_delivery_errors = true
config.action_mailer.perform_deliveries = true
config.action_mailer.perform_caching = false
# Set host to be used by links generated in mailer templates.
donation mailer
2014-09-10 12:32:54 -07:00
config.action_mailer.default_url_options = {host: "impress.openneo.net"}
Run `rails app:update` to update config files
2025-01-12 12:36:18 -08:00
# Specify outgoing SMTP server. Remember to add smtp/* credentials via rails credentials:edit.
donation mailer
2014-09-10 12:32:54 -07:00
config.action_mailer.delivery_method = :smtp
config.action_mailer.smtp_settings = {
Update SMTP settings I moved `@openneo.net` mail to Fastmail instead of Dreamhost, so this setting needs to change to match!
2024-02-18 14:15:23 -08:00
:address => "smtp.fastmail.com",
:port => 465,
:tls => true,
donation mailer
2014-09-10 12:32:54 -07:00
:domain => "openneo.net",
:authentication => :login,
:user_name => "matchu@openneo.net",
Move matchu_email_password secret to encrypted credentials file
2024-02-22 12:51:04 -08:00
:password => Rails.application.credentials.matchu_email_password,
donation mailer
2014-09-10 12:32:54 -07:00
:enable_starttls_auto => false
}
Run `rails app:update` We accepted some changes as-is, but for development.rb and production.rb we read the diff and manually edited them!
2023-08-02 16:17:07 -07:00
# Enable locale fallbacks for I18n (makes lookups for any locale fall back to
# the I18n.default_locale when a translation cannot be found).
config.i18n.fallbacks = true
# Do not dump schema after migrations.
config.active_record.dump_schema_after_migration = false
Upgrade to Rails 7.1.1 The usual stuff! Installed the new gem and its new deps, ran `bin/rails app:update` and did my best to manually merge the dev/prod config files with the new canonical defaults, deleted some migrations I don't think are relevant to us, and yeah! Also, Rails 7.1 seems to need `libyaml-dev` installed, so I added that to the `deploy/setup.yml` playbook! One thing to note is that, while I was here, I turned on some settings relating to our use of SSL that technically weren't on before. This should be fine and helpful? But if stuff breaks, well, check those!
2023-10-25 15:05:31 -07:00
Run `rails app:update` to update config files
2025-01-12 12:36:18 -08:00
# Only use :id for inspections in production.
config.active_record.attributes_for_inspect = [ :id ]
Upgrade to Rails 7.1.1 The usual stuff! Installed the new gem and its new deps, ran `bin/rails app:update` and did my best to manually merge the dev/prod config files with the new canonical defaults, deleted some migrations I don't think are relevant to us, and yeah! Also, Rails 7.1 seems to need `libyaml-dev` installed, so I added that to the `deploy/setup.yml` playbook! One thing to note is that, while I was here, I turned on some settings relating to our use of SSL that technically weren't on before. This should be fine and helpful? But if stuff breaks, well, check those!
2023-10-25 15:05:31 -07:00
# Enable DNS rebinding protection and other `Host` header attacks.
# config.hosts = [
# "example.com", # Allow requests from example.com
# /.*\.example\.com/ # Allow requests from subdomains like `www.example.com`
# ]
Run `rails app:update` to update config files
2025-01-12 12:36:18 -08:00
#
Upgrade to Rails 7.1.1 The usual stuff! Installed the new gem and its new deps, ran `bin/rails app:update` and did my best to manually merge the dev/prod config files with the new canonical defaults, deleted some migrations I don't think are relevant to us, and yeah! Also, Rails 7.1 seems to need `libyaml-dev` installed, so I added that to the `deploy/setup.yml` playbook! One thing to note is that, while I was here, I turned on some settings relating to our use of SSL that technically weren't on before. This should be fine and helpful? But if stuff breaks, well, check those!
2023-10-25 15:05:31 -07:00
# Skip DNS rebinding protection for the default health check endpoint.
# config.host_authorization = { exclude: ->(request) { request.path == "/up" } }
Refactor Impress 2020 config I've moved the support secret into the encrypted credentials file, and moved the origin into a top-level custom config value in the environment files, with different defaults per environment but still the ability to override it. (I don't use this, but it feels polite to not actually *demand* that people use port 4000, y'know?)
2024-02-22 13:07:43 -08:00
Reapply changes to how disabling modeling works ```shell git cherry-pick d82c7f817ae43f95db473b6d3c66bae53b16ae00 --no-commit ```
2024-11-10 11:39:51 -08:00
# Allow pets to model new data. (If modeling is ever broken, disable this
# here while we fix it!)
Oops, turn modeling back on Huh, I guess when I reapplied my refactors to modeling disabling the other day, I didn't notice that I turned it off in production. And I guess I didn't deploy this at the time cuz it's just refactors, but when I deployed other changes yesterday this came with it. Whoops!
2024-11-15 17:37:54 -08:00
config.modeling_enabled = true
Reapply changes to how disabling modeling works ```shell git cherry-pick d82c7f817ae43f95db473b6d3c66bae53b16ae00 --no-commit ```
2024-11-10 11:39:51 -08:00
Refactor Impress 2020 config I've moved the support secret into the encrypted credentials file, and moved the origin into a top-level custom config value in the environment files, with different defaults per environment but still the ability to override it. (I don't use this, but it feels polite to not actually *demand* that people use port 4000, y'know?)
2024-02-22 13:07:43 -08:00
# Use the live copy of Impress 2020. (Can override this with the
# IMPRESS_2020_ORIGIN environment variable!)
config.impress_2020_origin = ENV.fetch("IMPRESS_2020_ORIGIN",
"https://impress-2020.openneo.net")
Create NeopetsMediaArchive, read the actual manifests for Alt Styles The Neopets Media Archive is a service that mirrors `images.neopets.com` over time! Right now we're starting by just loading manifests, and using them to replace the hacks we used for determining the Alt Style PNG and SVG URLs; but with time, I want to load *all* customization media files, to have our own secondary file source that isn't dependent on Neopets to always be up. Impress 2020 already caches manifest files, but this strategy is different in two ways: 1. We're using the filesystem rather than a database column. (That is, manifest data is kinda duplicated in the system right now!) This is because I intend to go in a more file-y way long-term anyway, to load more than just the manifests. 2. Impress 2020 guesses at the manifest URLs by pattern, and reloads them on a regular basis. Instead, we use the modeling system: when TNT changes the URL of a manifest by appending a new `?v=` query string to it, this system will consider it a new URL, and will load the new copy accordingly. Fun fact, I actually have been prototyping some of this stuff in a side project I'd named `impress-media-server`! It's a little Sinatra app that indeed *does* save all the files needed for customization, and can generate lightweight lil preview iframes and images pretty easily. I had initially been planning this as a separate service, but after thinking over the arch a bit, I think it'll go smoother to just give the main app all the same access and awareness—and I wrote it all in Ruby and plain HTML/JS/CSS, so it should be pretty easy to port over bit-by-bit! Anyway, only Alt Styles use this for now, but my motivation is to be able to use more-correct asset URL logic to be able to finally swap over wardrobe-2020's item search to impress.openneo.net's item search API endpoint—which will get "Items You Own" searches working again, and whittle down one of the last big things Impress 2020 can do that the main app can't. Let's see how it goes!
2024-02-23 12:02:39 -08:00
# Save the Neopets Media Archive in `/var/lib/neopets-media-archive`, a
# long-term storage location.
config.neopets_media_archive_root = "/var/lib/neopets-media-archive"
Create `rails public_data:commit` task, to share public data dumps I'm starting to port over the functionality that was previously just, me running `yarn db:export:public-data` in `impress-2020` and committing it to Git LFS every time. My immediate motivation is that the `impress-2020` git repository is getting weirdly large?? Idk how these 40MB files have blown up to a solid 16GB of Git LFS data (we don't have THAT many!!!), but I guess there's something about Git LFS's architecture and disk usage that I'm not understanding. So, let's move to a simpler system in which we don't bind the public data to the codebase, but instead just regularly dump it in production and make it available for download. This change adds the `rails public_data:commit` task, which when run in production will make the latest available at `https://impress.openneo.net/public-data/latest.sql.gz`, and will also store a running log of previous dumps, viewable at `https://impress.openneo.net/public-data/`. Things left to do: 1. Create a `rails public_data:pull` task, to download `latest.sql.gz` and import it into the local development database. 2. Set up a cron job to dump this out regularly, idk maybe weekly? That will grow, but not very fast (about 2GB per year), and we can add logic to rotate out old ones if it starts to grow too far. (If we wanted to get really intricate, we could do like, daily for the past week, then weekly for the past 3 months, then monthly for the past year, idk. There must be tools that do this!)
2024-02-29 14:30:33 -08:00
# Save our public data exports in `public/public-data`. (This should be
# symlinked to a shared folder persisted across all versions.)
config.public_data_root = Rails.root / "public" / "public-data"
Add hidden "Log in with NeoPass" button, to placeholder login strategy If you pass `?neopass=1` (or a secret value in production), you can see the "Log in with NeoPass" button, which currently takes you to OmniAuth's "developer" login page, where you can specify a name and email and be redirected back. (All placeholder UI!) We're gonna strip the whole developer strategy out pretty fast and replace it with one that uses our NeoPass test server. This is just me checking my understanding of the wiring!
2024-03-14 15:34:24 -07:00
NeoPass strategy interacts with dev NeoPass server, which is still WIP In this change, we wire up a new NeoPass OAuth2 strategy for OmniAuth, and hook up the "Log in with NeoPass" button to use it! The authentication currently fails with `invalid_credentials`, and shows the `owo` response we hardcoded into the NeoPass server's token response. We need to finally follow up on the little `TODO` written in there!
2024-03-14 16:13:31 -07:00
# Use the live NeoPass production server.
config.neopass_origin = "https://oidc.neopets.com"
Refactor to use OpenID Connect OmniAuth gem instead of plain OAuth2 Right, I didn't totally connect the dots that there's some OpenID features in the mix here for how we expect to identify the user once they authenticate. It requires looking up the provider's public key, and validating the JWT they sent us. This gem does all that for us! I don't actually know what a real NeoPass `id_token` looks like yet? But I'll fill in some placeholder stuff for now, and use that for initializing the account!
2024-03-14 18:11:40 -07:00
# Set the NeoPass redirect callback URL.
config.neopass_redirect_uri =
Update Devise paths to be at /users instead of /auth_users Been bothering me for a bit, and now I'm about to submit my official redirect URL to the Neopets eng team so, let's polish this up!
2024-03-14 20:34:05 -07:00
"https://impress.openneo.net/users/auth/neopass/callback"
rails 3
2010-05-14 15:12:31 -07:00
end
Copy permalink