diff --git a/Gemfile b/Gemfile index 2e77d0e3..72aaf145 100644 --- a/Gemfile +++ b/Gemfile @@ -8,13 +8,13 @@ git_source(:github) do |repo_name| end # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem 'rails', '~> 5.0.7' +gem 'rails', '~> 5.2.3' # Use Puma as the app server gem 'puma', '~> 3.0' # Use SCSS for stylesheets -gem 'sass-rails', '~> 5.0' +gem 'sassc-rails' # Use Uglifier as compressor for JavaScript assets gem 'uglifier', '>= 1.3.0' @@ -40,6 +40,9 @@ gem 'redis', '~> 3.0' # Use ActiveModel has_secure_password gem 'bcrypt', '~> 3.1.7' +# Reduces boot times through caching; required in config/boot.rb +gem 'bootsnap', '>= 1.1.0', require: false + # Authentication. gem 'omniauth' gem 'omniauth-twitter' @@ -54,7 +57,7 @@ gem 'bigbluebutton-api-ruby' # Front-end. gem 'bootstrap', '~> 4.3.1' -gem 'tabler-rubygem' +gem 'tabler-rubygem', git: 'https://github.com/vbalazs/tabler-rubygem.git', branch: 'fix-sass' gem 'pagy' # For detecting the users preferred language. diff --git a/Gemfile.lock b/Gemfile.lock index 9bc6b0b0..bb53ab03 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -23,58 +23,73 @@ GIT omniauth (>= 1.3.2) omniauth-oauth2 (>= 1.5.0) +GIT + remote: https://github.com/vbalazs/tabler-rubygem.git + revision: 1360795a174f6e6317eb6c81461597ddc965c2ce + branch: fix-sass + specs: + tabler-rubygem (0.1.4) + autoprefixer-rails (>= 6.0.3) + bootstrap (~> 4.3.1) + GEM remote: https://rubygems.org/ specs: action-cable-testing (0.5.0) actioncable (>= 5.0) - actioncable (5.0.7.2) - actionpack (= 5.0.7.2) - nio4r (>= 1.2, < 3.0) - websocket-driver (~> 0.6.1) - actionmailer (5.0.7.2) - actionpack (= 5.0.7.2) - actionview (= 5.0.7.2) - activejob (= 5.0.7.2) + actioncable (5.2.3) + actionpack (= 5.2.3) + nio4r (~> 2.0) + websocket-driver (>= 0.6.1) + actionmailer (5.2.3) + actionpack (= 5.2.3) + actionview (= 5.2.3) + activejob (= 5.2.3) mail (~> 2.5, >= 2.5.4) rails-dom-testing (~> 2.0) - actionpack (5.0.7.2) - actionview (= 5.0.7.2) - activesupport (= 5.0.7.2) + actionpack (5.2.3) + actionview (= 5.2.3) + activesupport (= 5.2.3) rack (~> 2.0) - rack-test (~> 0.6.3) + rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.0.2) - actionview (5.0.7.2) - activesupport (= 5.0.7.2) + actionview (5.2.3) + activesupport (= 5.2.3) builder (~> 3.1) - erubis (~> 2.7.0) + erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.0.3) - activejob (5.0.7.2) - activesupport (= 5.0.7.2) + activejob (5.2.3) + activesupport (= 5.2.3) globalid (>= 0.3.6) - activemodel (5.0.7.2) - activesupport (= 5.0.7.2) - activerecord (5.0.7.2) - activemodel (= 5.0.7.2) - activesupport (= 5.0.7.2) - arel (~> 7.0) - activesupport (5.0.7.2) + activemodel (5.2.3) + activesupport (= 5.2.3) + activerecord (5.2.3) + activemodel (= 5.2.3) + activesupport (= 5.2.3) + arel (>= 9.0) + activestorage (5.2.3) + actionpack (= 5.2.3) + activerecord (= 5.2.3) + marcel (~> 0.3.1) + activesupport (5.2.3) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 0.7, < 2) minitest (~> 5.1) tzinfo (~> 1.1) addressable (2.6.0) public_suffix (>= 2.0.2, < 4.0) - arel (7.1.4) + arel (9.0.0) ast (2.4.0) - autoprefixer-rails (9.5.1.1) + autoprefixer-rails (9.6.1) execjs - bcrypt (3.1.12) + bcrypt (3.1.13) bigbluebutton-api-ruby (1.7.0) xml-simple (~> 1.1) - bindex (0.7.0) + bindex (0.8.1) + bootsnap (1.4.4) + msgpack (~> 1.0) bootstrap (4.3.1) autoprefixer-rails (>= 9.1.0) popper_js (>= 1.14.3, < 2) @@ -100,26 +115,26 @@ GEM safe_yaml (~> 1.0.0) crass (1.0.4) diff-lcs (1.3) - docile (1.3.1) - dotenv (2.7.2) - dotenv-rails (2.7.2) - dotenv (= 2.7.2) + docile (1.3.2) + dotenv (2.7.4) + dotenv-rails (2.7.4) + dotenv (= 2.7.4) railties (>= 3.2, < 6.1) - erubis (2.7.0) + erubi (1.8.0) execjs (2.7.0) factory_bot (5.0.2) activesupport (>= 4.2.0) factory_bot_rails (5.0.2) factory_bot (~> 5.0.2) railties (>= 4.2.0) - faker (1.9.3) + faker (1.9.6) i18n (>= 0.7) faraday (0.15.4) multipart-post (>= 1.2, < 3) ffi (1.11.1) globalid (0.4.2) activesupport (>= 4.2.0) - hashdiff (0.3.9) + hashdiff (0.4.0) hashie (3.6.0) health_check (3.0.0) railties (>= 5.0) @@ -127,15 +142,15 @@ GEM i18n (1.6.0) concurrent-ruby (~> 1.0) i18n-language-mapping (0.1.0) - jaro_winkler (1.5.2) + jaro_winkler (1.5.3) jbuilder (2.9.1) activesupport (>= 4.2.0) - jquery-rails (4.3.3) + jquery-rails (4.3.5) rails-dom-testing (>= 1, < 3) railties (>= 4.2.0) thor (>= 0.14, < 2.0) json (2.2.0) - jwt (2.1.0) + jwt (2.2.1) libv8 (7.3.492.27.1) listen (3.0.8) rb-fsevent (~> 0.9, >= 0.9.4) @@ -145,17 +160,21 @@ GEM nokogiri (>= 1.5.9) mail (2.7.1) mini_mime (>= 0.1.1) + marcel (0.3.3) + mimemagic (~> 0.3.2) method_source (0.9.2) - mini_mime (1.0.1) + mimemagic (0.3.3) + mini_mime (1.0.2) mini_portile2 (2.4.0) mini_racer (0.2.6) libv8 (>= 6.9.411) minitest (5.11.3) + msgpack (1.3.0) multi_json (1.13.1) multi_xml (0.6.0) multipart-post (2.1.1) net-ldap (0.16.1) - nio4r (2.3.1) + nio4r (2.4.0) nokogiri (1.10.3) mini_portile2 (~> 2.4.0) oauth (0.5.4) @@ -168,7 +187,7 @@ GEM omniauth (1.9.0) hashie (>= 3.4.6, < 3.7.0) rack (>= 1.6.2, < 3) - omniauth-google-oauth2 (0.6.1) + omniauth-google-oauth2 (0.7.0) jwt (>= 2.0) omniauth (>= 1.1.1) omniauth-oauth2 (>= 1.5) @@ -181,28 +200,29 @@ GEM omniauth-twitter (1.4.0) omniauth-oauth (~> 1.1) rack - pagy (3.2.0) + pagy (3.3.2) parallel (1.17.0) parser (2.6.3.0) ast (~> 2.4.0) pg (0.21.0) popper_js (1.14.5) - public_suffix (3.0.3) + public_suffix (3.1.1) puma (3.12.1) rack (2.0.7) - rack-test (0.6.3) - rack (>= 1.0) - rails (5.0.7.2) - actioncable (= 5.0.7.2) - actionmailer (= 5.0.7.2) - actionpack (= 5.0.7.2) - actionview (= 5.0.7.2) - activejob (= 5.0.7.2) - activemodel (= 5.0.7.2) - activerecord (= 5.0.7.2) - activesupport (= 5.0.7.2) + rack-test (1.1.0) + rack (>= 1.0, < 3) + rails (5.2.3) + actioncable (= 5.2.3) + actionmailer (= 5.2.3) + actionpack (= 5.2.3) + actionview (= 5.2.3) + activejob (= 5.2.3) + activemodel (= 5.2.3) + activerecord (= 5.2.3) + activestorage (= 5.2.3) + activesupport (= 5.2.3) bundler (>= 1.3.0) - railties (= 5.0.7.2) + railties (= 5.2.3) sprockets-rails (>= 2.0.0) rails-controller-testing (1.0.4) actionpack (>= 5.0.1.x) @@ -213,31 +233,31 @@ GEM nokogiri (>= 1.6) rails-html-sanitizer (1.0.4) loofah (~> 2.2, >= 2.2.2) - railties (5.0.7.2) - actionpack (= 5.0.7.2) - activesupport (= 5.0.7.2) + railties (5.2.3) + actionpack (= 5.2.3) + activesupport (= 5.2.3) method_source rake (>= 0.8.7) - thor (>= 0.18.1, < 2.0) + thor (>= 0.19.0, < 2.0) rainbow (3.0.0) rake (12.3.2) random_password (0.1.1) rb-fsevent (0.10.3) rb-inotify (0.10.0) ffi (~> 1.0) - recaptcha (4.14.0) + recaptcha (5.0.0) json redcarpet (3.4.0) redis (3.3.5) remote_syslog_logger (1.0.4) syslog_protocol rolify (5.2.0) - rspec-core (3.8.0) + rspec-core (3.8.2) rspec-support (~> 3.8.0) - rspec-expectations (3.8.3) + rspec-expectations (3.8.4) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.8.0) - rspec-mocks (3.8.0) + rspec-mocks (3.8.1) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.8.0) rspec-rails (3.8.2) @@ -248,31 +268,20 @@ GEM rspec-expectations (~> 3.8.0) rspec-mocks (~> 3.8.0) rspec-support (~> 3.8.0) - rspec-support (3.8.0) - rubocop (0.70.0) + rspec-support (3.8.2) + rubocop (0.72.0) jaro_winkler (~> 1.5.1) parallel (~> 1.10) parser (>= 2.6) rainbow (>= 2.2.2, < 4.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 1.7) - ruby-progressbar (1.10.0) + ruby-progressbar (1.10.1) safe_yaml (1.0.5) - sass (3.7.4) - sass-listen (~> 4.0.0) - sass-listen (4.0.0) - rb-fsevent (~> 0.9, >= 0.9.4) - rb-inotify (~> 0.9, >= 0.9.7) - sass-rails (5.0.7) - railties (>= 4.0.0, < 6) - sass (~> 3.1) - sprockets (>= 2.8, < 4.0) - sprockets-rails (>= 2.0, < 4.0) - tilt (>= 1.1, < 3) sassc (2.0.1) ffi (~> 1.9) rake - sassc-rails (2.1.1) + sassc-rails (2.1.2) railties (>= 4.0.0) sassc (>= 2.0) sprockets (> 3.0) @@ -285,8 +294,7 @@ GEM json (>= 1.8, < 3) simplecov-html (~> 0.10.0) simplecov-html (0.10.2) - spring (2.0.2) - activesupport (>= 4.2) + spring (2.1.0) spring-watcher-listen (2.0.1) listen (>= 2.7, < 4.0) spring (>= 1.2, < 3.0) @@ -299,14 +307,12 @@ GEM sprockets (>= 3.0.0) sqlite3 (1.3.13) syslog_protocol (0.9.2) - tabler-rubygem (0.1.4) - autoprefixer-rails (>= 6.0.3) term-ansicolor (1.7.1) tins (~> 1.0) thor (0.20.3) thread_safe (0.3.6) tilt (2.0.9) - tins (1.20.2) + tins (1.21.0) turbolinks (5.2.0) turbolinks-source (~> 5.2) turbolinks-source (5.2.0) @@ -320,13 +326,13 @@ GEM activemodel (>= 5.0) bindex (>= 0.4.0) railties (>= 5.0) - webmock (3.5.1) + webmock (3.6.0) addressable (>= 2.3.6) crack (>= 0.3.2) - hashdiff - websocket-driver (0.6.5) + hashdiff (>= 0.4.0, < 2.0.0) + websocket-driver (0.7.1) websocket-extensions (>= 0.1.0) - websocket-extensions (0.1.3) + websocket-extensions (0.1.4) xml-simple (1.1.5) PLATFORMS @@ -337,6 +343,7 @@ DEPENDENCIES bcrypt (~> 3.1.7) bigbluebutton-api-ruby bn-ldap-authentication! + bootsnap (>= 1.1.0) bootstrap (~> 4.3.1) byebug cancancan (~> 2.0) @@ -361,7 +368,7 @@ DEPENDENCIES pagy pg (~> 0.18) puma (~> 3.0) - rails (~> 5.0.7) + rails (~> 5.2.3) rails-controller-testing random_password recaptcha @@ -371,14 +378,15 @@ DEPENDENCIES rolify rspec-rails (~> 3.7) rubocop - sass-rails (~> 5.0) + sassc-rails shoulda-matchers (~> 3.1) spring spring-watcher-listen (~> 2.0.0) sqlite3 (~> 1.3.6) - tabler-rubygem + tabler-rubygem! turbolinks (~> 5) tzinfo-data uglifier (>= 1.3.0) web-console (>= 3.3.0) webmock + diff --git a/app/controllers/concerns/themer.rb b/app/controllers/concerns/themer.rb index 97eb6b80..2893ea27 100644 --- a/app/controllers/concerns/themer.rb +++ b/app/controllers/concerns/themer.rb @@ -24,7 +24,7 @@ module Themer # Uses the built in Sass Engine to lighten the color dummy_scss = "h1 { color: $lighten; }" - compiled = Sass::Engine.new("$lighten:lighten(#{color}, 40%);" + dummy_scss, syntax: :scss).render + compiled = SassC::Engine.new("$lighten:lighten(#{color}, 40%);" + dummy_scss, syntax: :scss).render string_locater = 'color: ' color_start = compiled.index(string_locater) + string_locater.length @@ -37,7 +37,7 @@ module Themer # Uses the built in Sass Engine to darken the color dummy_scss = "h1 { color: $darken; }" - compiled = Sass::Engine.new("$darken:darken(#{color}, 10%);" + dummy_scss, syntax: :scss).render + compiled = SassC::Engine.new("$darken:darken(#{color}, 10%);" + dummy_scss, syntax: :scss).render string_locater = 'color: ' color_start = compiled.index(string_locater) + string_locater.length diff --git a/app/controllers/themes_controller.rb b/app/controllers/themes_controller.rb index 2f26c7f3..d5fe8b06 100644 --- a/app/controllers/themes_controller.rb +++ b/app/controllers/themes_controller.rb @@ -29,7 +29,7 @@ class ThemesController < ApplicationController @file_contents = File.read(file_name) # Include the variables and covert scss file to css - @compiled = Sass::Engine.new("$primary-color:#{color};" \ + @compiled = SassC::Engine.new("$primary-color:#{color};" \ "$primary-color-lighten:#{lighten_color};" \ "$primary-color-darken:#{darken_color};" + @file_contents, syntax: :scss).render diff --git a/bin/bundle b/bin/bundle index 58115ecf..2dbb7176 100755 --- a/bin/bundle +++ b/bin/bundle @@ -1,5 +1,5 @@ #!/usr/bin/env ruby # frozen_string_literal: true -ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__) +ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) load Gem.bin_path('bundler', 'bundle') diff --git a/bin/setup b/bin/setup index 629e3584..c2e43ceb 100755 --- a/bin/setup +++ b/bin/setup @@ -1,12 +1,11 @@ #!/usr/bin/env ruby # frozen_string_literal: true -require 'pathname' require 'fileutils' include FileUtils # path to your application root. -APP_ROOT = Pathname.new File.expand_path('../../', __FILE__) +APP_ROOT = File.expand_path('..', __dir__) def system!(*args) system(*args) || abort("\n== Command #{args} failed ==") @@ -20,6 +19,9 @@ chdir APP_ROOT do system! 'gem install bundler --conservative' system('bundle check') || system!('bundle install') + # Install JavaScript dependencies if using Yarn + # system('bin/yarn') + # puts "\n== Copying sample files ==" # unless File.exist?('config/database.yml') # cp 'config/database.yml.sample', 'config/database.yml' diff --git a/bin/update b/bin/update index fdac831b..313c74b3 100755 --- a/bin/update +++ b/bin/update @@ -1,12 +1,11 @@ #!/usr/bin/env ruby # frozen_string_literal: true -require 'pathname' require 'fileutils' include FileUtils # path to your application root. -APP_ROOT = Pathname.new File.expand_path('../../', __FILE__) +APP_ROOT = File.expand_path('..', __dir__) def system!(*args) system(*args) || abort("\n== Command #{args} failed ==") @@ -20,6 +19,9 @@ chdir APP_ROOT do system! 'gem install bundler --conservative' system('bundle check') || system!('bundle install') + # Install JavaScript dependencies if using Yarn + # system('bin/yarn') + puts "\n== Updating database ==" system! 'bin/rails db:migrate' diff --git a/bin/yarn b/bin/yarn new file mode 100755 index 00000000..5f754ba9 --- /dev/null +++ b/bin/yarn @@ -0,0 +1,13 @@ +#!/usr/bin/env ruby +# frozen_string_literal: true + +APP_ROOT = File.expand_path('..', __dir__) +Dir.chdir(APP_ROOT) do + begin + exec "yarnpkg", *ARGV + rescue Errno::ENOENT + warn "Yarn executable was not detected in the system." + warn "Download Yarn at https://yarnpkg.com/en/docs/install" + exit 1 + end +end diff --git a/config/application.rb b/config/application.rb index 7e6f8915..839f8dda 100644 --- a/config/application.rb +++ b/config/application.rb @@ -26,6 +26,9 @@ Bundler.require(*Rails.groups) module Greenlight class Application < Rails::Application + # Initialize configuration defaults for originally generated Rails version. + config.load_defaults 5.2 + # Settings in config/environments/* take precedence over those specified here. # Application configuration should go into files in config/initializers # -- all .rb files in that directory are automatically loaded. diff --git a/config/boot.rb b/config/boot.rb index 30e594e2..c04863fa 100644 --- a/config/boot.rb +++ b/config/boot.rb @@ -3,3 +3,4 @@ ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) require 'bundler/setup' # Set up gems listed in the Gemfile. +require 'bootsnap/setup' # Speed up boot time by caching expensive operations. diff --git a/config/environments/development.rb b/config/environments/development.rb index 0eeb0fb0..25309d5a 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -15,12 +15,13 @@ Rails.application.configure do config.consider_all_requests_local = false # Enable/disable caching. By default caching is disabled. - if Rails.root.join('tmp/caching-dev.txt').exist? + # Run rails dev:cache to toggle caching. + if Rails.root.join('tmp', 'caching-dev.txt').exist? config.action_controller.perform_caching = true config.cache_store = :memory_store config.public_file_server.headers = { - 'Cache-Control' => 'public, max-age=172800', + 'Cache-Control' => "public, max-age=#{2.days.to_i}" } else config.action_controller.perform_caching = false @@ -28,6 +29,9 @@ Rails.application.configure do config.cache_store = :null_store end + # Store uploaded files on the local file system (see config/storage.yml for options) + config.active_storage.service = :local + # Don't wrap form components in field_with_error divs ActionView::Base.field_error_proc = proc do |html_tag| html_tag.html_safe @@ -57,6 +61,9 @@ Rails.application.configure do # Raise an error on page load if there are pending migrations. config.active_record.migration_error = :page_load + # Highlight code that triggered database queries in logs. + config.active_record.verbose_query_logs = true + # Debug mode disables concatenation and preprocessing of assets. # This option may cause significant delays in view rendering with a large # number of complex assets. diff --git a/config/environments/production.rb b/config/environments/production.rb index a34cc596..eed2b5da 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -16,6 +16,10 @@ Rails.application.configure do config.consider_all_requests_local = false config.action_controller.perform_caching = true + # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"] + # or in config/master.key. This key is used to decrypt credentials (and other encrypted files). + # config.require_master_key = true + # Disable serving static files from the `/public` folder by default since # Apache or NGINX already handles this. config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].blank? @@ -36,6 +40,9 @@ Rails.application.configure do # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX + # Store uploaded files on the local file system (see config/storage.yml for options) + config.active_storage.service = :local + # Mount Action Cable outside main process or domain # config.action_cable.mount_path = nil # config.action_cable.url = 'wss://example.com/cable' diff --git a/config/environments/test.rb b/config/environments/test.rb index f4dd5186..42285acc 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -17,7 +17,7 @@ Rails.application.configure do # Configure public file server for tests with Cache-Control for performance. config.public_file_server.enabled = true config.public_file_server.headers = { - 'Cache-Control' => 'public, max-age=3600', + 'Cache-Control' => "public, max-age=#{1.hour.to_i}" } # Show full error reports and disable caching. @@ -29,6 +29,10 @@ Rails.application.configure do # Disable request forgery protection in test environment. config.action_controller.allow_forgery_protection = false + + # Store uploaded files on the local file system in a temporary directory + config.active_storage.service = :test + config.action_mailer.perform_caching = false # Tell Action Mailer not to deliver emails to the real world. diff --git a/config/initializers/assets.rb b/config/initializers/assets.rb index 3d3fd61d..a9b0d0f1 100644 --- a/config/initializers/assets.rb +++ b/config/initializers/assets.rb @@ -5,9 +5,12 @@ # Version of your assets, change this if you want to expire all your assets. Rails.application.config.assets.version = '1.0' -# Add additional assets to the asset load path +# Add additional assets to the asset load path. # Rails.application.config.assets.paths << Emoji.images_path +# Add Yarn node_modules folder to the asset load path. +Rails.application.config.assets.paths << Rails.root.join('node_modules') # Precompile additional assets. -# application.js, application.css, and all non-JS/CSS in app/assets folder are already added. -# Rails.application.config.assets.precompile += %w() +# application.js, application.css, and all non-JS/CSS in the app/assets +# folder are already added. +# Rails.application.config.assets.precompile += %w( admin.js admin.css ) diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb new file mode 100644 index 00000000..e3c96496 --- /dev/null +++ b/config/initializers/content_security_policy.rb @@ -0,0 +1,27 @@ +# frozen_string_literal: true + +# Be sure to restart your server when you modify this file. + +# Define an application-wide content security policy +# For further information see the following documentation +# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy + +# Rails.application.config.content_security_policy do |policy| +# policy.default_src :self, :https +# policy.font_src :self, :https, :data +# policy.img_src :self, :https, :data +# policy.object_src :none +# policy.script_src :self, :https +# policy.style_src :self, :https + +# # Specify URI for violation reports +# # policy.report_uri "/csp-violation-report-endpoint" +# end + +# If you are using UJS then enable automatic nonce generation +# Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) } + +# Report CSP violations to a specified URI +# For further information see the following documentation: +# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only +# Rails.application.config.content_security_policy_report_only = true diff --git a/config/initializers/new_framework_defaults.rb b/config/initializers/new_framework_defaults.rb deleted file mode 100644 index 377b6532..00000000 --- a/config/initializers/new_framework_defaults.rb +++ /dev/null @@ -1,28 +0,0 @@ -# frozen_string_literal: true - -# Be sure to restart your server when you modify this file. -# -# This file contains migration options to ease your Rails 5.0 upgrade. -# -# Read the Guide for Upgrading Ruby on Rails for more info on each option. - -Rails.application.config.action_controller.raise_on_unfiltered_parameters = true - -# Enable per-form CSRF tokens. Previous versions had false. -Rails.application.config.action_controller.per_form_csrf_tokens = true - -# Enable origin-checking CSRF mitigation. Previous versions had false. -Rails.application.config.action_controller.forgery_protection_origin_check = true - -# Make Ruby 2.4 preserve the timezone of the receiver when calling `to_time`. -# Previous versions had false. -ActiveSupport.to_time_preserves_timezone = true - -# Require `belongs_to` associations by default. Previous versions had false. -Rails.application.config.active_record.belongs_to_required_by_default = true - -# Do not halt callback chains when a callback returns false. Previous versions had true. -ActiveSupport.halt_callback_chains_on_return_false = false - -# Configure SSL options to enable HSTS with subdomains. Previous versions had false. -Rails.application.config.ssl_options = { hsts: { subdomains: true } } diff --git a/config/puma.rb b/config/puma.rb index 2ef031d5..fda772af 100644 --- a/config/puma.rb +++ b/config/puma.rb @@ -1,15 +1,15 @@ # frozen_string_literal: true # Puma can serve each request in a thread from an internal thread pool. -# The `threads` method setting takes two numbers a minimum and maximum. +# The `threads` method setting takes two numbers: a minimum and maximum. # Any libraries that use thread pools should be configured to match # the maximum value specified for Puma. Default is set to 5 threads for minimum -# and maximum, this matches the default thread size of Active Record. +# and maximum; this matches the default thread size of Active Record. # -threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }.to_i +threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 } threads threads_count, threads_count -# Specifies the `port` that Puma will listen on to receive requests, default is 3000. +# Specifies the `port` that Puma will listen on to receive requests; default is 3000. # port ENV.fetch("PORT") { 80 } @@ -28,22 +28,9 @@ environment ENV.fetch("RAILS_ENV") { "development" } # Use the `preload_app!` method when specifying a `workers` number. # This directive tells Puma to first boot the application and load code # before forking the application. This takes advantage of Copy On Write -# process behavior so workers use less memory. If you use this option -# you need to make sure to reconnect any threads in the `on_worker_boot` -# block. +# process behavior so workers use less memory. # # preload_app! -# The code in the `on_worker_boot` will be called if you are using -# clustered mode by specifying a number of `workers`. After each worker -# process is booted this block will be run, if you are using `preload_app!` -# option you will want to use this block to reconnect to any threads -# or connections that may have been created at application boot, Ruby -# cannot share connections between processes. -# -# on_worker_boot do -# ActiveRecord::Base.establish_connection if defined?(ActiveRecord) -# end - # Allow puma to be restarted by `rails restart` command. plugin :tmp_restart diff --git a/config/spring.rb b/config/spring.rb index ff5ba06b..c5933e49 100644 --- a/config/spring.rb +++ b/config/spring.rb @@ -1,8 +1,8 @@ # frozen_string_literal: true -%w( +%w[ .ruby-version .rbenv-vars tmp/restart.txt tmp/caching-dev.txt -).each { |path| Spring.watch(path) } +].each { |path| Spring.watch(path) } diff --git a/config/storage.yml b/config/storage.yml new file mode 100644 index 00000000..d32f76e8 --- /dev/null +++ b/config/storage.yml @@ -0,0 +1,34 @@ +test: + service: Disk + root: <%= Rails.root.join("tmp/storage") %> + +local: + service: Disk + root: <%= Rails.root.join("storage") %> + +# Use rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key) +# amazon: +# service: S3 +# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %> +# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %> +# region: us-east-1 +# bucket: your_own_bucket + +# Remember not to checkin your GCS keyfile to a repository +# google: +# service: GCS +# project: your_project +# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %> +# bucket: your_own_bucket + +# Use rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key) +# microsoft: +# service: AzureStorage +# storage_account_name: your_account_name +# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %> +# container: your_container_name + +# mirror: +# service: Mirror +# primary: local +# mirrors: [ amazon, google, microsoft ]