about summary refs log tree commit diff stats
path: root/config
diff options
context:
space:
mode:
Diffstat (limited to 'config')
-rw-r--r--config/application.rb2
-rw-r--r--config/boot.rb4
-rw-r--r--config/deploy.rb2
-rw-r--r--config/environment.rb2
-rw-r--r--config/environments/development.rb42
-rw-r--r--config/environments/test.rb40
-rw-r--r--config/initializers/content_security_policy.rb25
-rw-r--r--config/initializers/filter_parameter_logging.rb8
-rw-r--r--config/initializers/inflections.rb8
-rw-r--r--config/initializers/lingo.rb1
-rw-r--r--config/initializers/new_framework_defaults_7_0.rb135
-rw-r--r--config/initializers/permissions_policy.rb11
-rw-r--r--config/lingo.yml4
-rw-r--r--config/routes.rb1
-rw-r--r--config/storage.yml34
15 files changed, 283 insertions, 36 deletions
diff --git a/config/application.rb b/config/application.rb index f909eaa..e855cbf 100644 --- a/config/application.rb +++ b/config/application.rb
@@ -9,7 +9,7 @@ Bundler.require(*Rails.groups)
9module Thoughts 9module Thoughts
10 class Application < Rails::Application 10 class Application < Rails::Application
11 # Initialize configuration defaults for originally generated Rails version. 11 # Initialize configuration defaults for originally generated Rails version.
12 config.load_defaults 5.1 12 config.load_defaults Rails::VERSION::STRING.to_f
13 13
14 # Settings in config/environments/* take precedence over those specified here. 14 # Settings in config/environments/* take precedence over those specified here.
15 # Application configuration should go into files in config/initializers 15 # Application configuration should go into files in config/initializers
diff --git a/config/boot.rb b/config/boot.rb index 30f5120..2820116 100644 --- a/config/boot.rb +++ b/config/boot.rb
@@ -1,3 +1,3 @@
1ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) 1ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
2 2
3require 'bundler/setup' # Set up gems listed in the Gemfile. 3require "bundler/setup" # Set up gems listed in the Gemfile.
diff --git a/config/deploy.rb b/config/deploy.rb index 3843db6..db44532 100644 --- a/config/deploy.rb +++ b/config/deploy.rb
@@ -21,7 +21,7 @@ set :deploy_to, "/srv/www/thoughts"
21# set :pty, true 21# set :pty, true
22 22
23# Default value for :linked_files is [] 23# Default value for :linked_files is []
24append :linked_files, "config/database.yml", "config/secrets.yml" 24append :linked_files, "config/database.yml", "config/secrets.yml", "config/lingo.yml"
25 25
26# Default value for linked_dirs is [] 26# Default value for linked_dirs is []
27append :linked_dirs, "log", "tmp/pids", "tmp/cache", "tmp/sockets", "public/uploads" 27append :linked_dirs, "log", "tmp/pids", "tmp/cache", "tmp/sockets", "public/uploads"
diff --git a/config/environment.rb b/config/environment.rb index 426333b..cac5315 100644 --- a/config/environment.rb +++ b/config/environment.rb
@@ -1,5 +1,5 @@
1# Load the Rails application. 1# Load the Rails application.
2require_relative 'application' 2require_relative "application"
3 3
4# Initialize the Rails application. 4# Initialize the Rails application.
5Rails.application.initialize! 5Rails.application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb index 1b0c4b3..8500f45 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb
@@ -1,8 +1,10 @@
1require "active_support/core_ext/integer/time"
2
1Rails.application.configure do 3Rails.application.configure do
2 # Settings specified here will take precedence over those in config/application.rb. 4 # Settings specified here will take precedence over those in config/application.rb.
3 5
4 # In the development environment your application's code is reloaded on 6 # In the development environment your application's code is reloaded any time
5 # every request. This slows down response time but is perfect for development 7 # it changes. This slows down response time but is perfect for development
6 # since you don't have to restart the web server when you make code changes. 8 # since you don't have to restart the web server when you make code changes.
7 config.cache_classes = false 9 config.cache_classes = false
8 10
@@ -12,13 +14,18 @@ Rails.application.configure do
12 # Show full error reports. 14 # Show full error reports.
13 config.consider_all_requests_local = true 15 config.consider_all_requests_local = true
14 16
17 # Enable server timing
18 config.server_timing = true
19
15 # Enable/disable caching. By default caching is disabled. 20 # Enable/disable caching. By default caching is disabled.
16 if Rails.root.join('tmp/caching-dev.txt').exist? 21 # Run rails dev:cache to toggle caching.
22 if Rails.root.join("tmp/caching-dev.txt").exist?
17 config.action_controller.perform_caching = true 23 config.action_controller.perform_caching = true
24 config.action_controller.enable_fragment_cache_logging = true
18 25
19 config.cache_store = :memory_store 26 config.cache_store = :memory_store
20 config.public_file_server.headers = { 27 config.public_file_server.headers = {
21 'Cache-Control' => "public, max-age=#{2.days.seconds.to_i}" 28 "Cache-Control" => "public, max-age=#{2.days.to_i}"
22 } 29 }
23 else 30 else
24 config.action_controller.perform_caching = false 31 config.action_controller.perform_caching = false
@@ -26,6 +33,9 @@ Rails.application.configure do
26 config.cache_store = :null_store 33 config.cache_store = :null_store
27 end 34 end
28 35
36 # Store uploaded files on the local file system (see config/storage.yml for options).
37 config.active_storage.service = :local
38
29 # Don't care if the mailer can't send. 39 # Don't care if the mailer can't send.
30 config.action_mailer.raise_delivery_errors = false 40 config.action_mailer.raise_delivery_errors = false
31 41
@@ -34,23 +44,27 @@ Rails.application.configure do
34 # Print deprecation notices to the Rails logger. 44 # Print deprecation notices to the Rails logger.
35 config.active_support.deprecation = :log 45 config.active_support.deprecation = :log
36 46
47 # Raise exceptions for disallowed deprecations.
48 config.active_support.disallowed_deprecation = :raise
49
50 # Tell Active Support which deprecation messages to disallow.
51 config.active_support.disallowed_deprecation_warnings = []
52
37 # Raise an error on page load if there are pending migrations. 53 # Raise an error on page load if there are pending migrations.
38 config.active_record.migration_error = :page_load 54 config.active_record.migration_error = :page_load
39 55
40 # Debug mode disables concatenation and preprocessing of assets. 56 # Highlight code that triggered database queries in logs.
41 # This option may cause significant delays in view rendering with a large 57 config.active_record.verbose_query_logs = true
42 # number of complex assets.
43 config.assets.debug = true
44 58
45 # Suppress logger output for asset requests. 59 # Suppress logger output for asset requests.
46 config.assets.quiet = true 60 config.assets.quiet = true
47 61
48 # Raises error for missing translations 62 # Raises error for missing translations.
49 # config.action_view.raise_on_missing_translations = true 63 # config.i18n.raise_on_missing_translations = true
50 64
51 # Use an evented file watcher to asynchronously detect changes in source code, 65 # Annotate rendered view with file names.
52 # routes, locales, etc. This feature depends on the listen gem. 66 # config.action_view.annotate_rendered_view_with_filenames = true
53 config.file_watcher = ActiveSupport::EventedFileUpdateChecker
54 67
55 config.action_mailer.default_url_options = { host: 'localhost', port: 3000 } 68 # Uncomment if you wish to allow Action Cable access from any origin.
69 # config.action_cable.disable_request_forgery_protection = true
56end 70end
diff --git a/config/environments/test.rb b/config/environments/test.rb index 8e5cbde..6ea4d1e 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb
@@ -1,32 +1,41 @@
1require "active_support/core_ext/integer/time"
2
3# The test environment is used exclusively to run your application's
4# test suite. You never need to work with it otherwise. Remember that
5# your test database is "scratch space" for the test suite and is wiped
6# and recreated between test runs. Don't rely on the data there!
7
1Rails.application.configure do 8Rails.application.configure do
2 # Settings specified here will take precedence over those in config/application.rb. 9 # Settings specified here will take precedence over those in config/application.rb.
3 10
4 # The test environment is used exclusively to run your application's 11 # Turn false under Spring and add config.action_view.cache_template_loading = true.
5 # test suite. You never need to work with it otherwise. Remember that
6 # your test database is "scratch space" for the test suite and is wiped
7 # and recreated between test runs. Don't rely on the data there!
8 config.cache_classes = true 12 config.cache_classes = true
9 13
10 # Do not eager load code on boot. This avoids loading your whole application 14 # Eager loading loads your whole application. When running a single test locally,
11 # just for the purpose of running a single test. If you are using a tool that 15 # this probably isn't necessary. It's a good idea to do in a continuous integration
12 # preloads Rails for running tests, you may have to set it to true. 16 # system, or in some way before deploying your code.
13 config.eager_load = false 17 config.eager_load = ENV["CI"].present?
14 18
15 # Configure public file server for tests with Cache-Control for performance. 19 # Configure public file server for tests with Cache-Control for performance.
16 config.public_file_server.enabled = true 20 config.public_file_server.enabled = true
17 config.public_file_server.headers = { 21 config.public_file_server.headers = {
18 'Cache-Control' => "public, max-age=#{1.hour.seconds.to_i}" 22 "Cache-Control" => "public, max-age=#{1.hour.to_i}"
19 } 23 }
20 24
21 # Show full error reports and disable caching. 25 # Show full error reports and disable caching.
22 config.consider_all_requests_local = true 26 config.consider_all_requests_local = true
23 config.action_controller.perform_caching = false 27 config.action_controller.perform_caching = false
28 config.cache_store = :null_store
24 29
25 # Raise exceptions instead of rendering exception templates. 30 # Raise exceptions instead of rendering exception templates.
26 config.action_dispatch.show_exceptions = false 31 config.action_dispatch.show_exceptions = false
27 32
28 # Disable request forgery protection in test environment. 33 # Disable request forgery protection in test environment.
29 config.action_controller.allow_forgery_protection = false 34 config.action_controller.allow_forgery_protection = false
35
36 # Store uploaded files on the local file system in a temporary directory.
37 config.active_storage.service = :test
38
30 config.action_mailer.perform_caching = false 39 config.action_mailer.perform_caching = false
31 40
32 # Tell Action Mailer not to deliver emails to the real world. 41 # Tell Action Mailer not to deliver emails to the real world.
@@ -37,6 +46,15 @@ Rails.application.configure do
37 # Print deprecation notices to the stderr. 46 # Print deprecation notices to the stderr.
38 config.active_support.deprecation = :stderr 47 config.active_support.deprecation = :stderr
39 48
40 # Raises error for missing translations 49 # Raise exceptions for disallowed deprecations.
41 # config.action_view.raise_on_missing_translations = true 50 config.active_support.disallowed_deprecation = :raise
51
52 # Tell Active Support which deprecation messages to disallow.
53 config.active_support.disallowed_deprecation_warnings = []
54
55 # Raises error for missing translations.
56 # config.i18n.raise_on_missing_translations = true
57
58 # Annotate rendered view with file names.
59 # config.action_view.annotate_rendered_view_with_filenames = true
42end 60end
diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb new file mode 100644 index 0000000..54f47cf --- /dev/null +++ b/config/initializers/content_security_policy.rb
@@ -0,0 +1,25 @@
1# Be sure to restart your server when you modify this file.
2
3# Define an application-wide content security policy.
4# See the Securing Rails Applications Guide for more information:
5# https://guides.rubyonrails.org/security.html#content-security-policy-header
6
7# Rails.application.configure do
8# config.content_security_policy do |policy|
9# policy.default_src :self, :https
10# policy.font_src :self, :https, :data
11# policy.img_src :self, :https, :data
12# policy.object_src :none
13# policy.script_src :self, :https
14# policy.style_src :self, :https
15# # Specify URI for violation reports
16# # policy.report_uri "/csp-violation-report-endpoint"
17# end
18#
19# # Generate session nonces for permitted importmap and inline scripts
20# config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s }
21# config.content_security_policy_nonce_directives = %w(script-src)
22#
23# # Report violations without enforcing the policy.
24# # config.content_security_policy_report_only = true
25# end
diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb index 4a994e1..adc6568 100644 --- a/config/initializers/filter_parameter_logging.rb +++ b/config/initializers/filter_parameter_logging.rb
@@ -1,4 +1,8 @@
1# Be sure to restart your server when you modify this file. 1# Be sure to restart your server when you modify this file.
2 2
3# Configure sensitive parameters which will be filtered from the log file. 3# Configure parameters to be filtered from the log file. Use this to limit dissemination of
4Rails.application.config.filter_parameters += [:password] 4# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
5# notations and behaviors.
6Rails.application.config.filter_parameters += [
7 :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
8]
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb index ac033bf..3860f65 100644 --- a/config/initializers/inflections.rb +++ b/config/initializers/inflections.rb
@@ -4,13 +4,13 @@
4# are locale specific, and you may define rules for as many different 4# are locale specific, and you may define rules for as many different
5# locales as you wish. All of these examples are active by default: 5# locales as you wish. All of these examples are active by default:
6# ActiveSupport::Inflector.inflections(:en) do |inflect| 6# ActiveSupport::Inflector.inflections(:en) do |inflect|
7# inflect.plural /^(ox)$/i, '\1en' 7# inflect.plural /^(ox)$/i, "\\1en"
8# inflect.singular /^(ox)en/i, '\1' 8# inflect.singular /^(ox)en/i, "\\1"
9# inflect.irregular 'person', 'people' 9# inflect.irregular "person", "people"
10# inflect.uncountable %w( fish sheep ) 10# inflect.uncountable %w( fish sheep )
11# end 11# end
12 12
13# These inflection rules are supported but not enabled by default: 13# These inflection rules are supported but not enabled by default:
14# ActiveSupport::Inflector.inflections(:en) do |inflect| 14# ActiveSupport::Inflector.inflections(:en) do |inflect|
15# inflect.acronym 'RESTful' 15# inflect.acronym "RESTful"
16# end 16# end
diff --git a/config/initializers/lingo.rb b/config/initializers/lingo.rb new file mode 100644 index 0000000..edb76d8 --- /dev/null +++ b/config/initializers/lingo.rb
@@ -0,0 +1 @@
Lingo.secret_code = Rails.application.config_for(:lingo)[:secret_code] \ No newline at end of file
diff --git a/config/initializers/new_framework_defaults_7_0.rb b/config/initializers/new_framework_defaults_7_0.rb new file mode 100644 index 0000000..4d58024 --- /dev/null +++ b/config/initializers/new_framework_defaults_7_0.rb
@@ -0,0 +1,135 @@
1# Be sure to restart your server when you modify this file.
2#
3# This file eases your Rails 7.0 framework defaults upgrade.
4#
5# Uncomment each configuration one by one to switch to the new default.
6# Once your application is ready to run with all new defaults, you can remove
7# this file and set the `config.load_defaults` to `7.0`.
8#
9# Read the Guide for Upgrading Ruby on Rails for more info on each option.
10# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html
11
12# `button_to` view helper will render `<button>` element, regardless of whether
13# or not the content is passed as the first argument or as a block.
14# Rails.application.config.action_view.button_to_generates_button_tag = true
15
16# `stylesheet_link_tag` view helper will not render the media attribute by default.
17# Rails.application.config.action_view.apply_stylesheet_media_default = false
18
19# Change the digest class for the key generators to `OpenSSL::Digest::SHA256`.
20# Changing this default means invalidate all encrypted messages generated by
21# your application and, all the encrypted cookies. Only change this after you
22# rotated all the messages using the key rotator.
23#
24# See upgrading guide for more information on how to build a rotator.
25# https://guides.rubyonrails.org/v7.0/upgrading_ruby_on_rails.html
26# Rails.application.config.active_support.key_generator_hash_digest_class = OpenSSL::Digest::SHA256
27
28# Change the digest class for ActiveSupport::Digest.
29# Changing this default means that for example Etags change and
30# various cache keys leading to cache invalidation.
31# Rails.application.config.active_support.hash_digest_class = OpenSSL::Digest::SHA256
32
33# Don't override ActiveSupport::TimeWithZone.name and use the default Ruby
34# implementation.
35# Rails.application.config.active_support.remove_deprecated_time_with_zone_name = true
36
37# Calls `Rails.application.executor.wrap` around test cases.
38# This makes test cases behave closer to an actual request or job.
39# Several features that are normally disabled in test, such as Active Record query cache
40# and asynchronous queries will then be enabled.
41# Rails.application.config.active_support.executor_around_test_case = true
42
43# Define the isolation level of most of Rails internal state.
44# If you use a fiber based server or job processor, you should set it to `:fiber`.
45# Otherwise the default of `:thread` if preferable.
46# Rails.application.config.active_support.isolation_level = :thread
47
48# Set both the `:open_timeout` and `:read_timeout` values for `:smtp` delivery method.
49# Rails.application.config.action_mailer.smtp_timeout = 5
50
51# The ActiveStorage video previewer will now use scene change detection to generate
52# better preview images (rather than the previous default of using the first frame
53# of the video).
54# Rails.application.config.active_storage.video_preview_arguments =
55# "-vf 'select=eq(n\\,0)+eq(key\\,1)+gt(scene\\,0.015),loop=loop=-1:size=2,trim=start_frame=1' -frames:v 1 -f image2"
56
57# Automatically infer `inverse_of` for associations with a scope.
58# Rails.application.config.active_record.automatic_scope_inversing = true
59
60# Raise when running tests if fixtures contained foreign key violations
61# Rails.application.config.active_record.verify_foreign_keys_for_fixtures = true
62
63# Disable partial inserts.
64# This default means that all columns will be referenced in INSERT queries
65# regardless of whether they have a default or not.
66# Rails.application.config.active_record.partial_inserts = false
67
68# Protect from open redirect attacks in `redirect_back_or_to` and `redirect_to`.
69# Rails.application.config.action_controller.raise_on_open_redirects = true
70
71# Change the variant processor for Active Storage.
72# Changing this default means updating all places in your code that
73# generate variants to use image processing macros and ruby-vips
74# operations. See the upgrading guide for detail on the changes required.
75# The `:mini_magick` option is not deprecated; it's fine to keep using it.
76# Rails.application.config.active_storage.variant_processor = :vips
77
78# Enable parameter wrapping for JSON.
79# Previously this was set in an initializer. It's fine to keep using that initializer if you've customized it.
80# To disable parameter wrapping entirely, set this config to `false`.
81# Rails.application.config.action_controller.wrap_parameters_by_default = true
82
83# Specifies whether generated namespaced UUIDs follow the RFC 4122 standard for namespace IDs provided as a
84# `String` to `Digest::UUID.uuid_v3` or `Digest::UUID.uuid_v5` method calls.
85#
86# See https://guides.rubyonrails.org/configuring.html#config-active-support-use-rfc4122-namespaced-uuids for
87# more information.
88# Rails.application.config.active_support.use_rfc4122_namespaced_uuids = true
89
90# Change the default headers to disable browsers' flawed legacy XSS protection.
91# Rails.application.config.action_dispatch.default_headers = {
92# "X-Frame-Options" => "SAMEORIGIN",
93# "X-XSS-Protection" => "0",
94# "X-Content-Type-Options" => "nosniff",
95# "X-Download-Options" => "noopen",
96# "X-Permitted-Cross-Domain-Policies" => "none",
97# "Referrer-Policy" => "strict-origin-when-cross-origin"
98# }
99
100
101# ** Please read carefully, this must be configured in config/application.rb **
102# Change the format of the cache entry.
103# Changing this default means that all new cache entries added to the cache
104# will have a different format that is not supported by Rails 6.1 applications.
105# Only change this value after your application is fully deployed to Rails 7.0
106# and you have no plans to rollback.
107# When you're ready to change format, add this to `config/application.rb` (NOT this file):
108# config.active_support.cache_format_version = 7.0
109
110
111# Cookie serializer: 2 options
112#
113# If you're upgrading and haven't set `cookies_serializer` previously, your cookie serializer
114# is `:marshal`. The default for new apps is `:json`.
115#
116# Rails.application.config.action_dispatch.cookies_serializer = :json
117#
118#
119# To migrate an existing application to the `:json` serializer, use the `:hybrid` option.
120#
121# Rails transparently deserializes existing (Marshal-serialized) cookies on read and
122# re-writes them in the JSON format.
123#
124# It is fine to use `:hybrid` long term; you should do that until you're confident *all* your cookies
125# have been converted to JSON. To keep using `:hybrid` long term, move this config to its own
126# initializer or to `config/application.rb`.
127#
128# Rails.application.config.action_dispatch.cookies_serializer = :hybrid
129#
130#
131# If your cookies can't yet be serialized to JSON, keep using `:marshal` for backward-compatibility.
132#
133# If you have configured the serializer elsewhere, you can remove this section of the file.
134#
135# See https://guides.rubyonrails.org/action_controller_overview.html#cookies for more information.
diff --git a/config/initializers/permissions_policy.rb b/config/initializers/permissions_policy.rb new file mode 100644 index 0000000..00f64d7 --- /dev/null +++ b/config/initializers/permissions_policy.rb
@@ -0,0 +1,11 @@
1# Define an application-wide HTTP permissions policy. For further
2# information see https://developers.google.com/web/updates/2018/06/feature-policy
3#
4# Rails.application.config.permissions_policy do |f|
5# f.camera :none
6# f.gyroscope :none
7# f.microphone :none
8# f.usb :none
9# f.fullscreen :self
10# f.payment :self, "https://secure.example.com"
11# end
diff --git a/config/lingo.yml b/config/lingo.yml new file mode 100644 index 0000000..96c5e56 --- /dev/null +++ b/config/lingo.yml
@@ -0,0 +1,4 @@
1production:
2 secret_code: ""
3development:
4 secret_code: "test" \ No newline at end of file
diff --git a/config/routes.rb b/config/routes.rb index 240beae..f524cf1 100644 --- a/config/routes.rb +++ b/config/routes.rb
@@ -39,4 +39,5 @@ Rails.application.routes.draw do
39 end 39 end
40 40
41 mount Pokeviewer::Engine => '/poke3' 41 mount Pokeviewer::Engine => '/poke3'
42 mount Lingo::Engine => '/lingo'
42end 43end
diff --git a/config/storage.yml b/config/storage.yml new file mode 100644 index 0000000..4942ab6 --- /dev/null +++ b/config/storage.yml
@@ -0,0 +1,34 @@
1test:
2 service: Disk
3 root: <%= Rails.root.join("tmp/storage") %>
4
5local:
6 service: Disk
7 root: <%= Rails.root.join("storage") %>
8
9# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
10# amazon:
11# service: S3
12# access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
13# secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
14# region: us-east-1
15# bucket: your_own_bucket-<%= Rails.env %>
16
17# Remember not to checkin your GCS keyfile to a repository
18# google:
19# service: GCS
20# project: your_project
21# credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
22# bucket: your_own_bucket-<%= Rails.env %>
23
24# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
25# microsoft:
26# service: AzureStorage
27# storage_account_name: your_account_name
28# storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
29# container: your_container_name-<%= Rails.env %>
30
31# mirror:
32# service: Mirror
33# primary: local
34# mirrors: [ amazon, google, microsoft ]