From 7af1bc526a92c0fd4b3043369d75acc6f4690294 Mon Sep 17 00:00:00 2001 From: rgarcia Date: Tue, 1 Sep 2015 19:54:21 +0200 Subject: [PATCH 1/6] adds preproduction environment --- config/environments/preproduction.rb | 81 ++++++++++++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100644 config/environments/preproduction.rb diff --git a/config/environments/preproduction.rb b/config/environments/preproduction.rb new file mode 100644 index 000000000..692b90c51 --- /dev/null +++ b/config/environments/preproduction.rb @@ -0,0 +1,81 @@ +Rails.application.configure do + # Settings specified here will take precedence over those in config/application.rb. + + # Code is not reloaded between requests. + config.cache_classes = true + + # Eager load code on boot. This eager loads most of Rails and + # your application in memory, allowing both threaded web servers + # and those relying on copy on write to perform better. + # Rake tasks automatically ignore this option for performance. + config.eager_load = true + + # Full error reports are disabled and caching is turned on. + config.consider_all_requests_local = false + config.action_controller.perform_caching = true + + # Enable Rack::Cache to put a simple HTTP cache in front of your application + # Add `rack-cache` to your Gemfile before enabling this. + # For large-scale production use, consider using a caching reverse proxy like + # NGINX, varnish or squid. + # config.action_dispatch.rack_cache = true + + # Disable serving static files from the `/public` folder by default since + # Apache or NGINX already handles this. + config.serve_static_files = ENV['RAILS_SERVE_STATIC_FILES'].present? + + # Compress JavaScripts and CSS. + config.assets.js_compressor = :uglifier + # config.assets.css_compressor = :sass + + # Do not fallback to assets pipeline if a precompiled asset is missed. + config.assets.compile = false + + # Asset digests allow you to set far-future HTTP expiration dates on all assets, + # yet still be able to expire them through the digest params. + config.assets.digest = true + + # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb + + # Specifies the header that your server uses for sending files. + # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache + # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX + + # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. + config.force_ssl = true + + # Use the lowest log level to ensure availability of diagnostic information + # when problems arise. + config.log_level = :debug + + # Prepend all log lines with the following tags. + # config.log_tags = [ :subdomain, :uuid ] + + # Use a different logger for distributed setups. + # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new) + + # Use a different cache store in production. + config.cache_store = :dalli_store + + # Enable serving of images, stylesheets, and JavaScripts from an asset server. + # config.action_controller.asset_host = 'http://assets.example.com' + + # Ignore bad email addresses and do not raise email delivery errors. + # Set this to true and configure the email server for immediate delivery to raise delivery errors. + config.action_mailer.raise_delivery_errors = true + config.action_mailer.default_url_options = { host: Rails.application.secrets.server_name } + config.action_mailer.asset_host = "https://#{Rails.application.secrets.server_name}" + + # Enable locale fallbacks for I18n (makes lookups for any locale fall back to + # the I18n.default_locale when a translation cannot be found). + config.i18n.fallbacks = true + + # Send deprecation notices to registered listeners. + config.active_support.deprecation = :notify + + # Use default logging formatter so that PID and timestamp are not suppressed. + config.log_formatter = ::Logger::Formatter.new + + # Do not dump schema after migrations. + config.active_record.dump_schema_after_migration = false +end \ No newline at end of file From 0df72b92607e651ca79aaf3192eb4702bed1ae0d Mon Sep 17 00:00:00 2001 From: rgarcia Date: Tue, 1 Sep 2015 20:05:35 +0200 Subject: [PATCH 2/6] updates census api keys --- lib/census_api.rb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/census_api.rb b/lib/census_api.rb index ac5a88d08..9b6f200ef 100644 --- a/lib/census_api.rb +++ b/lib/census_api.rb @@ -6,7 +6,7 @@ class CensusApi end def client - @client = Savon.client(wsdl: Rails.application.secrets.padron_end_point) + @client = Savon.client(wsdl: Rails.application.secrets.census_api_end_point) end def response @@ -16,9 +16,9 @@ class CensusApi def request { request: - { codigo_institucion: Rails.application.secrets.institution_code, - codigo_portal: Rails.application.secrets.portal_name, - codigo_usuario: Rails.application.secrets.user_code, + { codigo_institucion: Rails.application.secrets.census_api_institution_code, + codigo_portal: Rails.application.secrets.census_api_portal_name, + codigo_usuario: Rails.application.secrets.census_api_user_code, documento: citizen.document_number, tipo_documento: citizen.document_type, codigo_idioma: 102, From c1e85d7894705afd2fb55e1c424be65d304892b4 Mon Sep 17 00:00:00 2001 From: rgarcia Date: Tue, 1 Sep 2015 20:05:47 +0200 Subject: [PATCH 3/6] updates http_basic keys --- app/controllers/application_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 9a84e9abd..6428b504a 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -29,7 +29,7 @@ class ApplicationController < ActionController::Base def authenticate_http_basic if Rails.env.staging? || Rails.env.production? authenticate_or_request_with_http_basic do |username, password| - username == Rails.application.secrets.username && password == Rails.application.secrets.password + username == Rails.application.secrets.http_basic_username && password == Rails.application.secrets.http_basic_password end end end From 362c9b9e336e88ad7702544e1247232432cda002 Mon Sep 17 00:00:00 2001 From: rgarcia Date: Tue, 1 Sep 2015 20:06:09 +0200 Subject: [PATCH 4/6] updates secrets.yml.example --- config/secrets.yml.example | 63 ++++++++++++++++++-------------------- 1 file changed, 29 insertions(+), 34 deletions(-) diff --git a/config/secrets.yml.example b/config/secrets.yml.example index 1d1312ea6..fc65136d1 100644 --- a/config/secrets.yml.example +++ b/config/secrets.yml.example @@ -1,43 +1,38 @@ -# Be sure to restart your server when you modify this file. - -# Your secret key is used for verifying the integrity of signed cookies. -# If you change this key, all old signed cookies will become invalid! - -# Make sure the secret is at least 30 characters and all random, -# no regular words or you'll be exposed to dictionary attacks. -# You can use `rake secret` to generate a secure secret key. - -# Make sure the secrets in this file are kept private -# if you're sharing your code publicly. - default: &default + secret_key_base: "56792feef405a59b18ea7db57b4777e855103882b926413d4afdfb8c0ea8aa86ea6649da4e729c5f5ae324c0ab9338f789174cf48c544173bc18fdc3b14262e4" development: - secret_key_base: 56792feef405a59b18ea7db57b4777e855103882b926413d4afdfb8c0ea8aa86ea6649da4e729c5f5ae324c0ab9338f789174cf48c544173bc18fdc3b14262e4 - twitter_key: AAAA - twitter_secret: BBBB - facebook_key: AAAA - facebook_secret: BBBB - google_oauth2_key: AAAA - google_oauth2_secret: BBBB <<: *default test: - secret_key_base: 4d5adf961ddd27aef19622d6c0b3234d555f9ee003f022b1f829c92bbe33aaee907be7feb67bd54c14a1a32512fa968565ad405971fbc41bd0797af73c26a796 - twitter_key: AAAA - twitter_secret: BBBB - facebook_key: AAAA - facebook_secret: BBBB - google_oauth2_key: AAAA - google_oauth2_secret: BBBB <<: *default -production: - secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> - twitter_key: <%= ENV["TWITTER_KEY"] %> - twitter_secret: <%= ENV["TWITTER_SECRET"] %> - facebook_key: <%= ENV["FACEBOOK_KEY"] %> - facebook_secret: <%= ENV["FACEBOOK_SECRET"] %> - google_oauth2_key: <%= ENV["GOOGLE_KEY"] %> - google_oauth2_secret: <%= ENV["GOOGLE_SECRET"] %> +staging: <<: *default + +production: &production + secret_key_base: "817232feef405a59b18ea7db57b4777e855103882b926413d4afdfb8c0ea8aa86ea6649da4e729c5f5ae324c0ab9338f789174cf48c544173bc18fdc3b14262e4" + + census_api_end_point: "" + census_api_institution_code: "" + census_api_portal_name: "" + census_api_user_code: "" + + sms_end_point: "" + sms_username: "" + sms_password: "" + + http_basic_username: "" + http_basic_password: "" + + twitter_key: "" + twitter_secret: "" + facebook_key: "" + facebook_secret: "" + google_oauth2_key: "" + google_oauth2_secret: "" + + rollbar_server_token: "" + +preproduction: + <<: *production \ No newline at end of file From a82eac8e16294f702a95b28179d8481f7cd51ebd Mon Sep 17 00:00:00 2001 From: rgarcia Date: Tue, 1 Sep 2015 20:12:44 +0200 Subject: [PATCH 5/6] adds capistrano task to upload secrets.yml --- lib/capistrano/tasks/upload_secrets.cap | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 lib/capistrano/tasks/upload_secrets.cap diff --git a/lib/capistrano/tasks/upload_secrets.cap b/lib/capistrano/tasks/upload_secrets.cap new file mode 100644 index 000000000..525bcc85d --- /dev/null +++ b/lib/capistrano/tasks/upload_secrets.cap @@ -0,0 +1,12 @@ +namespace :deploy do + desc "compiles assets locally then rsyncs" + task :upload_secrets do + on roles(:app) do |role| + run_locally do + execute"rsync -av ./config/secrets.yml #{role.user}@#{role.hostname}:#{shared_path}/config/secrets.yml;" + end + "chmod -R 755 #{shared_path}/config/secrets.yml" + execute "ln -nfs #{shared_path}/config/secrets.yml #{current_path}/config/secrets.yml" + end + end +end From 41dc30f41af7c7b24a34a48f4de56c9627dc21db Mon Sep 17 00:00:00 2001 From: rgarcia Date: Tue, 1 Sep 2015 21:22:45 +0200 Subject: [PATCH 6/6] adds server_name to secrets.yml.example --- config/secrets.yml.example | 3 +++ 1 file changed, 3 insertions(+) diff --git a/config/secrets.yml.example b/config/secrets.yml.example index fc65136d1..450f0b09f 100644 --- a/config/secrets.yml.example +++ b/config/secrets.yml.example @@ -8,6 +8,7 @@ test: <<: *default staging: + server_name: "" <<: *default production: &production @@ -33,6 +34,8 @@ production: &production google_oauth2_secret: "" rollbar_server_token: "" + server_name: "" preproduction: + server_name: "" <<: *production \ No newline at end of file