1
0
Fork 0
forked from OpenNeo/impress
Commit graph

424 commits

Author SHA1 Message Date
b756ae023e Use a hardcoded SECRET_TOKEN, in development only
Oh right, we intentionally fail if there's no SECRET_TOKEN provided, but
that's not really useful for development!

Here, we add a SECRET_TOKEN only used in development - which doesn't
need to be secret, because it doesn't guard actual user sessions!

In production, the behavior is unchanged.
2023-10-25 15:54:19 -07:00
22e3f4240a Update most URLs to use HTTPS
I noticed we didn't have the little lock icon in the browser, and yeah
huh there's a lot of `http://` still floating around! Let's fix that!
2023-10-25 15:22:57 -07:00
56ce32b6cb Upgrade to Rails 7.1.1
The usual stuff! Installed the new gem and its new deps, ran
`bin/rails app:update` and did my best to manually merge the dev/prod
config files with the new canonical defaults, deleted some migrations I
don't think are relevant to us, and yeah!

Also, Rails 7.1 seems to need `libyaml-dev` installed, so I added that
to the `deploy/setup.yml` playbook!

One thing to note is that, while I was here, I turned on some settings
relating to our use of SSL that technically weren't on before. This
should be fine and helpful? But if stuff breaks, well, check those!
2023-10-25 15:05:31 -07:00
2f3294b899 [WIP] Build a dev container
Idk why, but unlike my previous experience with Rails devcontainers, this time the setup process is running so wildly slowly?

Might just be a transient issue on my machine, maybe something that would be improved with a restart and trying again another time? Or could be something about the MySQL image that doesn't run great in this context?

In any case, I'm just gonna set this down for now!
2023-10-25 11:46:14 -07:00
f5b45d2dc8 Delete unused roulette feature
It was a cute idea! But it's been broken for a long time now. Goodbye!
2023-10-24 19:05:18 -07:00
5ba711a413 Delete outfits/show page, point to the editor instead
Now, like in DTI 2020, opening an outfit will go straight to the editor.

I'm not 100% on whether this is actually like. the superior behavior?
But I think it's good enough, and it's what the wardrobe-2020 code
expects, so let's just roll with it for now!
2023-10-24 18:02:18 -07:00
2c98c1c636 Remove the now-unused pets#submit action
This was used by the Neopia server to send us the modeling data it requested out-of-band. But now we do all our modeling requests back in-app again, so we don't need this!
2023-10-23 19:05:10 -07:00
2e152735c5 Stop referencing Neopia, just do modeling inline
I hope this doesn't cause problems! But yeah, with Puma doing threading, and maybe switching to Falcon someday to get even better concurrency properties, I feel like this will probably be fine?

And it makes the UX a loootttt better, to be back in the world where all these forms just work, whew.
2023-10-23 19:05:10 -07:00
c85c3f5b8f Add the Pardon Our Dust page 2023-10-23 19:05:09 -07:00
bb20925382 Fix deprecation warning in Rack::Attack
Looking at the docs, I think what changed is that `throttled_responder` gets the request as an argument instead of the `env`? And has the same return type for the lambda as before?

So uhhh I don't remember how to test this, but uhh it's not crashing when the server starts anymore, and I feel like the most likely problem here would be that you get a 500 instead of a useful response in the rate limit case, so like. ehh I'll just leave it be!
2023-10-23 19:05:09 -07:00
9b68e982e7 Precompile assets when deploying new version
I did some refactoring while here too, of pulling the deploy scripts out of `package.json` and into `bin`, to be a bit more canonically Rails-y. (idk how canonical the colon thing is but, probably fine??)
2023-10-23 19:05:09 -07:00
4ddcb005ea Remove memcache from production config
I don't know enough about our caching situation to know where memcache performs meaningfully better than Rails's in-memory cache. Let's delete it for now and see if there's a problem, to simplify the deploy environment!
2023-10-23 19:05:09 -07:00
3dd5d26332 Create setup.yml deploy script
Yay it's working! We set up the box, install Ruby, upload a placeholder app, set it up as a service, and get it hooked up to nginx!

Next, we'll add the script to upload the latest version of the site. We just need to slot it into `/srv/impress/current`, run `bundle install`, and that should basically be that! (Oh, and we need to compile production assets—I wonder if it's useful to do that on the dev machine instead of on the target? That might save us from needing to install Node. Or maybe we'll have to anyway!)
2023-10-23 19:05:09 -07:00
64e3702d6d Fix typography on wardrobe 2020 page
Add the green body color back in, and add the Delicious font!
2023-10-23 19:05:09 -07:00
1398e9e21b Add /outfits/new route that wardrobe-2020 expects
The client-side routing expects this, so we add our support!
2023-10-23 19:05:08 -07:00
3c1fcca986 Remove next/router references
Once again, not really tested, but we don't have the same errors as before so!
2023-10-23 19:05:08 -07:00
e79428fa28 Add Remember Me to login
This requires a migration, our first migration against the openneo_id database from this app! Fun!
2023-10-23 19:05:08 -07:00
d65aafdd4c Signup and settings page for OpenNeo ID accounts
Hey nice!!

Note that I removed an account delete button from the settings page. You can still send a DELETE request to the right endpoint to do it, but it's not gonna delete all the associated records, and I wanna think a bit about how to handle that better before exposing that button.
2023-10-23 19:05:07 -07:00
83f80facda Can log into OpenNeo ID accounts directly!
A lot of rough edges here (e.g. no styles on the flash messages), but it's working and that's good!!

I tested this by temporarily switching to the production database and logging in as matchu!

Still missing a lot of big features too, like registration, password resets, settings page, etc.
2023-10-23 19:05:07 -07:00
700e26d7df Remove old OpenNeo ID auth code
This removes login/logout/session logic for integrating with OpenNeo ID, replacing them with stubs that just redirect to `/?TODO` when you click login, and helpers that act as if you're not logged in.

This gives us a clean slate to plug in new Devise logic to integrate with the `openneo_id` database directly!
2023-10-23 19:05:07 -07:00
fbda28e453 Add openneo_id to database.yml
This will enable us to access the auth records, which we store in a separate database for weird legacy reasons!

We don't do anything else yet, just set up the connection to be available.

(NOTE: This commit was a bit of a history rewrite: we started working on this with `database.yml` still gitignored, but then in 8fb6e82 we added it back in to be able to fix a bug in 44c42f9. So previously this branch added back `database.yml` to git *and* added `openneo_id` to it, but since then I've rebased against the other changes, and rewrote history to make this a change to *just* add the database! I also moved it in the timeline, to be before some of the other things that depend on it.)
2023-10-23 19:05:07 -07:00
d8eea93c1c Set SQL mode, fix bug in -fits:blue-acara search
Without this, searches for negative of `fits` or `species` would crash, bc somewhere Rails set the default SQL mode to be stricter than before. This just sets it back!
2023-10-23 19:05:07 -07:00
caef1620be Add database.yml to git again
We gitignored it a long time ago as the way to hide our db secrets, but that's not how we manage them anymore! (Or, well, we haven't done production deployment with this new setup yet, but you get the point.)

This helps clarify what the database config oughta look like!
2023-10-23 19:05:07 -07:00
990d69166e Oops, fix syntax bug in production.rb
Oh dang I messed this up very many commits ago, but yeah uhh the production.rb config just fully wasn't executing, oops! Fixed!
2023-10-23 19:05:07 -07:00
7e922503b5 Upgrade to Rails 7.0.6
Whew! Seems like a pretty clean one? Ran `rails app:upgrade` and stuff, and made some corrections to keyword arguments for `translate` calls. There might be more such problems elsewhere? But that's hard to search for, and we'll have to see.
2023-10-23 19:05:07 -07:00
59efb49419 Upgrade to Rails 6.1.7.4
This one was pretty straightforward yaay! Main thing was the change from `render file` to `render template` in a couple places, oh and a thing with complex `order()` clauses.
2023-10-23 19:05:07 -07:00
7d582be79a Invalidate old session cookies
The session format changed, so we change the session cookie name rather than have things crash about it! (I hope the actual prod behavior is to ignore bad cookies rather than crash? But I figure this is more reliable anyway.)
2023-10-23 19:05:06 -07:00
eaf43128ba Add web console support for Vagrant users 2023-10-23 19:05:06 -07:00
be7e11a0d0 Upgrade to Rails 6.0.6.1
Another pretty easy one! We have the `rails app:update` changes in here too.
2023-10-23 19:05:06 -07:00
86edc8584f Run rails app:update
We accepted some changes as-is, but for development.rb and production.rb we read the diff and manually edited them!
2023-10-23 19:05:05 -07:00
d97c32b5da Upgrade to Rails 5.2.8.1
Some important little upgrades but mostly straightforward!

Note that there's still a known issue where item searches crash, I was hoping that this was a bug in Rails 4.2 that would be fixed on upgading to 5, but nope, oh well!

Also uhh I just got a bit silly and didn't actually mean to go all the way to 5.2 in one go, I had meant to start at 5.0… but tbh the 5.1 and 5.2 changes seem small, and this seems to be working, so. Yeah ok let's roll!
2023-10-23 19:05:05 -07:00
685ac2b4ad Make 4.1 -> 4.2 changes
Just following the recommended stuff in the upgrade guide!
2023-10-23 19:05:05 -07:00
c9a7f0c4d4 Delete ~empty initializer files
Idk I guess these are the default place to put certain settings, but idk if they're still canonical, and I'd rather just not have files that don't mean anything rn!
2023-10-23 19:05:05 -07:00
a8ee091f98 Delete unused Pledgie files
This was back when we used a third-party campaign tool! Haven't run this code in ages!
2023-10-23 19:05:05 -07:00
f159091f0e Delete unused bullet.rb config file 2023-10-23 19:05:05 -07:00
ef4b4bf520 Remove unused species/color/zone config files
This is all in the database now! Has been for a long time!
2023-10-23 19:05:05 -07:00
078e81990f Delete empty file item_zone_sets.yml
Huh.
2023-10-23 19:05:05 -07:00
4091ce2a5b Remove dotenv-deployment, upgrade dotenv-rails
Idk exactly what's going on with dotenv-deployment, if it turns out it was critical to our deploy process then we'll change the deploy process! It's deprecated and conflicts with gem deps for `dotenv-rails`.
2023-10-23 19:05:05 -07:00
c4f3a472ff Remove RightAWS gem
We're not connecting to AWS directly anymore, now that we deleted the SWF conversion stuff, so we can finally clear this out!
2023-10-23 19:05:05 -07:00
Matchu
d0616b6dfd Delete Camo references & Addressable gem
At one point we piloted a "Camo" service to proxy HTTPS image urls for us, but it doesn't exist anymore.

We already have proxies and stuff for this, so I left `Image` as a placeholder for this, but it's not working yet!

This also deletes our final reference to the Addressable gem, so we can remove it!
2023-10-23 19:05:05 -07:00
Matchu
fd263ea82f Remove mall spider cron jobs
I don't think these work anymore, and our volunteers get new items into the db fast anyway, Impress 2020 is doing better spidering these days. And then we get to remove the cron job `whenever` gem!
2023-10-23 19:05:05 -07:00
Matchu
b0cceb8ce7 Uninstall Airbrake
Haven't checked it in forever, if we want an error reporting solution we'll create it fresh!
2023-10-23 19:05:05 -07:00
Matchu
31ebf7d4eb Remove OutfitImageUploader and Carrierwave
Ok right, missed this in the outfit image stuff deletion, get rid of the code and library we were using to push those images up to S3!
2023-10-23 19:05:05 -07:00
Matchu
1195a6190b Uninstall resque
Yay, we've deleted all our background tasks!

We'll probably want to replace some of the basic functionality like certain caching? But we can deal with that as we run into it.

The direct motivation here was a seeming version conflict between Rails 4.2's rack dependency and latest Resque's rack dependency... but this is just nice complexity elimination regardless, we want this anyway :3
2023-10-23 19:05:04 -07:00
Matchu
e121d8bba2 Remove SWF conversion
We've already swapped out the backend for this stuff to Impress 2020, so the resque task and the broken image report UI aren't actually relevant anymore. Delete them!

This helps us delete Resque soon too.
2023-10-23 19:05:04 -07:00
Matchu
a4a0188b1b Stop caching trade users on item page
Idk this one might actually be a bit of a pain to load? But I'd want to optimize it differently anyway, and there's overhauls we're already planning to do here.
2023-10-23 19:05:04 -07:00
Matchu
44341ba731 Stop caching pet type images on item page
That's easy queries and easy templates!
2023-10-23 19:05:04 -07:00
Matchu
b87492d4ee Stop caching item page contributors
This lets us remove the contribution observer too!
2023-10-23 19:05:04 -07:00
Matchu
0eea2c9652 Oops, remove item_observer from config 2023-10-23 19:05:04 -07:00
Matchu
209c9d7ffd Fix file reloading in a Vagrant environment
During this upgrade process, `rails server` hasn't been updating its logic when files changed, so every change had to be accompanied by a restart.

This turned out to be because Vagrant's networked filesystem to share between the host and guest systems doesn't support the filesystem update events Rails is listening for. So, we switch to a simpler file watcher that does more work but doesn't depend on the filesystem events!
2023-10-23 19:05:04 -07:00
Matchu
75602b949c Remove the development_async environment
It's unused, and I'm just double-checking that it's not somehow causing the issues with the rails dev server not reloading classes. (The `threadsafe!` option would do that, but I don't thiiiink this is the env we're running? But I'm wondering if the loader is getting confused by the prefixiness of the name or something. Unlikely!)
2023-10-23 19:05:04 -07:00
Matchu
740645a38b Update the cache namespace
This is recommended by the Rails 4.0 upgrade guide:

> The caching method changed between Rails 3.x and 4.0. You should change the cache namespace and roll out with a cold cache.

I noticed too that old cache entries with old character encodings were a real problem, so yeah making sure we're working with a cold cache is smart!!
2023-10-23 19:05:04 -07:00
Matchu
c5b87d992e match router syntax -> get/post
I hope I got these right lol!!
2023-10-23 19:05:02 -07:00
Matchu
b35c773be3 Remove flex from the app (breaks search!)
We'll need to replace the item search query stuff with direct MySQL queries, but that's not ready yet bc the app still isn't booting, so we're committing this in a known broken state for now!
2023-10-23 19:05:02 -07:00
Matchu
1ed973f319 Remove newrelic gem
I haven't logged into newrelic in a billion years, let's just stop sending them stuff

(This is a precursor to an attempt to delete flex stuff too and replace our elasticsearch stuff with direct mysql queries like Impress 2020 does, but that'll be more work!)
2023-10-23 19:05:02 -07:00
Matchu
ca858f1350 Remove unused Devise initializer settings
I guess the APIs changed here, but these were placeholder settings we weren't actually using anyway (cuz we use the OpenNeo ID integration), so I just commented them out and it seems fine for now!
2023-10-23 19:05:02 -07:00
Matchu
72a08901c8 Upgrade to Ruby 2.2.4, Rails 4.0.13
NOTE: This doesn't boot yet! There's something changed in the `devise` API that we'll need to fix!

```
/vagrant/config/initializers/devise.rb:46:in `block in <top (required)>': undefined method `encryptor=' for Devise:Module (NoMethodError)
```

But yeah, we navigated the gem upgrades, and also I ran `rake rails:update` and hand-processed the suggestions it had for our config files.
2023-10-23 19:05:02 -07:00
Matchu
7f8f7e624d Remove references to the Stripe gem
Rather than figure out how to upgrade the Stripe gem to be compatible with future Rails, I'd rather just delete the references, since it's currently unused.

I'm not so bold as to go in and fully trash all our donation code; I just want to ensure we're not sending people down broken codepaths, and that if they reach them, the error messages are clear enough.
2023-07-21 18:54:15 -07:00
Emi Dunn-Rankin
515b089b3b
Update terms link to point to DTI 2020
There's a new terms page over there! Use that instead, and update the lil footer to change the date it was last modified (8 years wow!)
2022-09-25 06:11:34 -07:00
3ae8a265b2
Use Fastly to cache our PNG assets from S3
We've been serving images directly from `impress-asset-images.s3.amazonaws.com` for a long time. While they serve with long-lasting HTTP cache headers, and the app requests them with the `updated_at` timestamp in the query string; each GET request still executes a full S3 ReadObject operation to get the latest version.

In the past, this was only relevant to users on Image Mode, not Flash Mode. But now that everyone's on Image Mode, this matters a lot more!

Now, we've configured a Fastly host at `impress-asset-images.openneo.net`, to sit in front of our S3 bucket. This should dramatically reduce the GET requests to S3 itself, as our cache warms up and gains copies of the most common asset PNGs.

That said, I'm not sure how much actual cost impact this change will have. Our AWS console isn't configured to differentiate cost by bucket yet—I've started this process, but it might take a few days to propagate. All I know is that our current costs are $35/mo data transfer + $20/mo storage, and that outfit images are responsible for most of the storage cost. I hypothesize that `impress-asset-images` is responsible for most of the reads and data transfers, but I'm not sure!

In the future, I think we'll be able to bring our AWS costs to near-zero, by:
- Obsolete `impress-asset-images`, by using the official Neopets PNGs instead, after the HTML5 conversion completes.
- Obsolete `impress-outfit-images`, by using a Node endpoint to generate the images, fronted by a CDN cache. (Transfer the actual data to a long-term storage backup, and replace the S3 objects with redirects, so that old S3 URLs will still work.)

I hope this will be a big slice of the costs though! 🤞

(Note: I'll be deploying this on a bit of a delay, because I want to see the DNS propagate across the globe before flipping to a new domain!)
2021-05-12 22:50:05 -07:00
Matt Dunn-Rankin
822efede84 undo accidental commit
These credentials were never used, and are now revoked. Awkward!
2017-01-06 19:54:17 -08:00
Matchu
e6a2b978f1 oh huh. looks like remove/move are ready. 2015-09-26 19:55:09 -07:00
Matchu
621c768921 Select All + visual feedback 2015-09-26 14:22:11 -07:00
Matchu
4ae43f61ea good-enough zeroclipboard implementation 2015-09-24 20:50:27 -07:00
Matchu
4a539f32db hope I did this swfimages fix right xD 2015-08-05 20:22:23 -04:00
Matchu
4a18f22571 camo the emotes on the campaign show page 2015-08-05 19:41:42 -04:00
Matchu
5d2c226357 yum, new campaigns 2015-08-05 19:26:12 -04:00
Matchu
b9a9ce3890 import from gallery
some of the stuff to support single-pageiness feels a bit hacky. ah, well :P
2015-07-28 15:05:40 -04:00
Matchu
deb0aa90f0 refactor importing 2015-07-27 13:25:24 -04:00
Matchu
dcf254a78d finally let people remove all items from the list at once.
I've been doing this manually via email for a long time,
since building new stuff in the logged-in world was a pain in the old env.

But now here we are! Finally, finally :)
2015-07-19 12:35:49 -04:00
Matchu
625f1ee8b4 mount the resque app regardless of admin status if in development 2015-07-18 01:05:10 -04:00
Matchu
f6a95ddac5 oooops, carrierwave wants s3 config in prod, too 2015-07-17 18:26:43 -04:00
Matchu
a29fbbbd40 move some deploy stuff from files into env 2015-07-17 17:47:58 -04:00
Matchu
7c2600af9f the dev version of neopia has a hostname now :D 2015-07-16 22:37:32 -04:00
Matchu
647c767c31 latest i18n gem cares is stricter about locales, so configure better. this works, right? :x 2015-07-16 18:59:45 -04:00
Matchu
0d6caceb24 improve app infrastructure to make a dev environment easier to reproduce
This commit will require a few changes to the deployment process:
* store AWS credentials in AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY env vars
* store OpenNeo Auth credentials in OPENNEO_AUTH_APP, OPENNEO_AUTH_SERVER, and OPENNEO_AUTH_SECRET env vars

STRIPE_SECRET_KEY and STRIPE_PUBLISHABLE_KEY are now required, too; better have a good .env.
You can always put in dummy values if you have no credentials, though; they only get called up if there's a transaction.

SECRET_TOKEN is now an env var, too, but the production deploy process currently replaces config/initializers/secret_token.rb anyway; this might be the way to go later, though.
2015-07-16 17:44:52 -04:00
093ae27ae8 get upset when we neopets.com bans us :P 2015-07-15 00:09:17 -04:00
b0cc4c2396 swf links 2015-05-03 16:57:42 -05:00
bf9f9ed82e download links for each image size 2015-05-03 16:37:24 -05:00
caaf524060 download link in left sidebar 2015-05-03 16:01:08 -05:00
026bdbbc0c warn users with trading lists but no neomail address 2014-12-02 10:05:11 -06:00
0e301db987 vandagyre basic colors (ugh, should be in database) 2014-11-14 19:33:30 -06:00
04a328e6ee homepage outfit features 2014-09-10 15:38:26 -05:00
f11f6374da donation mailer 2014-09-10 14:32:54 -05:00
59d5e99312 donation show form and basic name updating 2014-09-09 22:04:17 -05:00
595b1c2fc5 charge and record donations 2014-09-09 21:11:55 -05:00
05841d091b update terms 2014-08-25 20:57:07 -05:00
79a96b7670 lookup link alongside neomail 2014-05-15 22:34:00 -07:00
eda80a8dc7 double whoops; the actual problem was that i hadnt restarted the background workers :P 2014-04-05 23:52:24 -05:00
9fe19e00c7 whoops; now that we index by item fit, update item after asset save 2014-04-05 23:48:36 -05:00
44ff466a64 advanced search by pet type fit :) 2014-04-05 18:48:20 -05:00
0fe31ee79a basic fits functionality in search 2014-04-05 17:43:54 -05:00
acbec2ad5e design mockup for autofilter; no new behavior yet 2014-04-05 17:16:35 -05:00
a375707e40 handle errors from neopia, finally! 2014-04-04 15:53:53 -05:00
d25d2b3398 big picture mode 2014-04-04 14:36:35 -05:00
6086243e37 on second thought, no dots after owns/wants filter labels 2014-04-02 23:51:54 -05:00
ad1aa8e42c advanced search i18n 2014-04-02 22:06:45 -05:00
369ea7d1bd oops, removed wrong examples 2014-04-02 21:38:56 -05:00
250af4487c remove search.examples i18n 2014-04-02 21:35:08 -05:00
3c36cd6aef assign biology assets to restricts and item assets to occupies 2014-04-02 20:56:42 -05:00