27 files changed, 437 insertions, 144 deletions

@@ -9,10 +9,11 @@ Bundler.require(*Rails.groups)
 module Thoughts
   class Application < Rails::Application
     # Initialize configuration defaults for originally generated Rails version.
-    config.load_defaults 5.1
+    config.load_defaults Rails::VERSION::STRING.to_f
 
     # Settings in config/environments/* take precedence over those specified here.
     # Application configuration should go into files in config/initializers
     # -- all .rb files in that directory are automatically loaded.
+    config.time_zone = "Eastern Time (US & Canada)"
   end
 end
@@ -1,3 +1,3 @@
-ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
 
-require 'bundler/setup' # Set up gems listed in the Gemfile.
+require "bundler/setup" # Set up gems listed in the Gemfile.
@@ -0,0 +1 @@
+MTHDW1ZOa9otC2lb9iG3bKlhzM8WgEoJddmcsv22b7TEv+ZxlnjBvql1MGJjfo+tNl9dT4gqUOH41Q2WfRhwIokibD6cLMKl8z3VPLHdARR3HW4OzEJoLYXYB5ycLtSFmL3jq/TkMBkctRvPo7jeGGBwtEHvh1tBx6cGr/fEvzWMKYMUPiugaMN3OPExZ5VaD1sCHTMm7erwP06+8KTABwGfF6quthHctj/39RusmAWaObVsUwm70nqij+/qekJEZS3xYEuCDZlKqQvwC7Z+qJlmO8vj8CYNFq80bD9MiuEL0kiTVp22ZyMj2TY6YXy2jabkVx5c7FVytx/+kbaNdGtLYqvvuqDXodcai18OWUhR3r+tzPqcinggWmzZeJ0O54dE7Srpe3wGFH3xmgXHRa1jczmCDwlGRTqmjX7E6CBiP7u5NAKLeALvADWGocJwUi0r8r6E3/a8rpsaL97JCjL1GNCDlRSAapqHafzszDWN31yG5mLc9OUoE2RJjU7bgohrhoAPyHpetRxO7fBpZ0quNAh1awiTXVTcNUlDT+UPkQi1mvQo47G3CM9OG8hlgKtfkMMKsl9D92k/g7zIyJzLsPKqYnxHj+qcnU0939xJ0x4MnUPam1oq7OF2FtBgU/OCDxMuM//qSI2Q4+RRKRHs/NLdADxRgO3WJZ+oe2r9YBfTYTlbdOEKmCxSrQMzpB/1jq0jSTRYynn/GO0Z1Pjx0wVzH8vjVosXfh6/PaKslMdHbOM=--A5y7uJSVaL0539+f--FP9Oigql2/EdcYszZ6hj/A==
\ No newline at end of file
@@ -0,0 +1 @@
+uzTsEcFmu5QyOod1jjNQT8pqdQ9Tq8+OuH5qOulURR+Ew3+DBAN9/kYZ0b5OBcxnNGlN3suMC6fpgev4fYoaucCufXgNVAhhl1Lch9SJ2jo/1jCIS1U6mTPmwbF1aWM/P7jJhw8535RdlzohVStrIO0Rn3ygshVFFPODSccqyIhDbiiK5j0bvErzt5fDN091SIB0pdtxzy/XBwwfcQ6EaTg170Pv1mmIyCSWD1AGyzGlRhFVYhyv3sEabsC1dfYXjyZYrpbhvfZbi46TzeNA4kPLIVfVNiW0QoJtT90UqpOLcnQKwf23WIxPemzsT9iQj0/pEci+umHG6MkH2zE1eBOlj2VdopBqVEwQEgDvqt6zQMKAbLPU1E3VM94gCxeTidwIMoFGhSXl6nlGwI9ozBXvKyFNgMiz9UKtjEXcQOG3cIBxxMEQ+sjGEu3vAMvD7OymSGSC81JCbcdOqHWH/iIh2K3IcGyibJ4ScVsUBMn7lnsMEPrQQEJ/Df0X2mplJc0i8n19H1S7SrLKSaO7FDENPC0d1dN5nnOt5nDGU2/qkiGJ+LepX/Gb3cxc0fpcnC359rB5WCTKsxBOzjqW5IapCRSa0ztZz+xeXUBN4sDRUzPun2yCqaCxe+ptzTxzT+Ej9oMKSJJncc/zUuwRmd6KbnyQ3/ISeNNIC0BLWaohaj3lP/tRkLkcBNqu/MA4pxUxs1Lwu/8gW9d4GrrxCxOSsQnDk5VzF80LCk4oq+BVrjPYY0vWzVxtj+56slIoUIBIUWRjFTbBuyr3gejPjis5NwiFMyi8emH+a9aa3Ge44YnrDSAA+JVzqHSAF8erIuiqgaTAFwprSmED8pIIV2A0/WWrPcuI5xaAv4e2bQWfzM3SujvY--rs7RvQb911E+dh50--fCsEmvYD6LcaB6ReBcHGrA==
\ No newline at end of file
@@ -0,0 +1,31 @@
+# SQLite version 3.x
+#   gem install sqlite3
+#
+#   Ensure the SQLite 3 gem is defined in your Gemfile
+#   gem 'sqlite3'
+#
+default: &default
+  adapter: sqlite3
+  pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %>
+  timeout: 5000
+
+development:
+  <<: *default
+  database: db/development.sqlite3
+
+# Warning: The database defined as "test" will be erased and
+# re-generated from your development database when you run "rake".
+# Do not set this db to the same as development or production.
+test:
+  <<: *default
+  database: db/test.sqlite3
+
+production:
+  adapter: mysql2
+  encoding: utf8mb4
+  database: thoughts
+  pool: 5
+  username: thoughts
+  password: <%= Rails.application.credentials.database_password %>
+  collation: utf8mb4_bin
+  socket: /var/run/mysqld/mysqld.sock
@@ -1,8 +1,8 @@
 # config valid only for current version of Capistrano
-lock "3.11.0"
+lock "3.19.2"
 
 set :application, "thoughts"
-set :repo_url, "git@github.com:hatkirby/thoughts.git"
+set :repo_url, "/srv/git/thoughts"
 
 # Default branch is :master
 # ask :branch, `git rev-parse --abbrev-ref HEAD`.chomp
@@ -21,10 +21,10 @@ set :deploy_to, "/srv/www/thoughts"
 # set :pty, true
 
 # Default value for :linked_files is []
-append :linked_files, "config/database.yml", "config/secrets.yml"
+append :linked_files, "config/master.key", "config/credentials/production.key"
 
 # Default value for linked_dirs is []
-append :linked_dirs, "log", "tmp/pids", "tmp/cache", "tmp/sockets", "public/uploads"
+append :linked_dirs, "log", "tmp/pids", "tmp/cache", "tmp/sockets", "public/uploads", "storage"
 
 # Default value for default_env is {}
 # set :default_env, { path: "/opt/ruby/bin:$PATH" }
@@ -6,7 +6,7 @@
 # server "example.com", user: "deploy", roles: %w{app db web}, my_property: :my_value
 # server "example.com", user: "deploy", roles: %w{app web}, other_property: :other_value
 # server "db.example.com", user: "deploy", roles: %w{db}
-server "feffernoo.se", user: "thoughts", roles: %w{app db web}
+server "fourisland.com", user: "thoughts", roles: %w{app db web}
 
 
 
@@ -1,5 +1,5 @@
 # Load the Rails application.
-require_relative 'application'
+require_relative "application"
 
 # Initialize the Rails application.
 Rails.application.initialize!
@@ -1,8 +1,10 @@
+require "active_support/core_ext/integer/time"
+
 Rails.application.configure do
   # Settings specified here will take precedence over those in config/application.rb.
 
-  # In the development environment your application's code is reloaded on
-  # every request. This slows down response time but is perfect for development
+  # In the development environment your application's code is reloaded any time
+  # it changes. This slows down response time but is perfect for development
   # since you don't have to restart the web server when you make code changes.
   config.cache_classes = false
 
@@ -12,13 +14,18 @@ Rails.application.configure do
   # Show full error reports.
   config.consider_all_requests_local = true
 
+  # Enable server timing
+  config.server_timing = true
+
   # Enable/disable caching. By default caching is disabled.
-  if Rails.root.join('tmp/caching-dev.txt').exist?
+  # Run rails dev:cache to toggle caching.
+  if Rails.root.join("tmp/caching-dev.txt").exist?
     config.action_controller.perform_caching = true
+    config.action_controller.enable_fragment_cache_logging = true
 
     config.cache_store = :memory_store
     config.public_file_server.headers = {
-      'Cache-Control' => "public, max-age=#{2.days.seconds.to_i}"
+      "Cache-Control" => "public, max-age=#{2.days.to_i}"
     }
   else
     config.action_controller.perform_caching = false
@@ -26,7 +33,11 @@ Rails.application.configure do
     config.cache_store = :null_store
   end
 
+  # Store uploaded files on the local file system (see config/storage.yml for options).
+  config.active_storage.service = :local
+
   # Don't care if the mailer can't send.
+  config.action_mailer.default_url_options = { host: 'localhost:3000' }
   config.action_mailer.raise_delivery_errors = false
 
   config.action_mailer.perform_caching = false
@@ -34,23 +45,27 @@ Rails.application.configure do
   # Print deprecation notices to the Rails logger.
   config.active_support.deprecation = :log
 
+  # Raise exceptions for disallowed deprecations.
+  config.active_support.disallowed_deprecation = :raise
+
+  # Tell Active Support which deprecation messages to disallow.
+  config.active_support.disallowed_deprecation_warnings = []
+
   # Raise an error on page load if there are pending migrations.
   config.active_record.migration_error = :page_load
 
-  # Debug mode disables concatenation and preprocessing of assets.
-  # This option may cause significant delays in view rendering with a large
-  # number of complex assets.
-  config.assets.debug = true
+  # Highlight code that triggered database queries in logs.
+  config.active_record.verbose_query_logs = true
 
   # Suppress logger output for asset requests.
   config.assets.quiet = true
 
-  # Raises error for missing translations
-  # config.action_view.raise_on_missing_translations = true
+  # Raises error for missing translations.
+  # config.i18n.raise_on_missing_translations = true
 
-  # Use an evented file watcher to asynchronously detect changes in source code,
-  # routes, locales, etc. This feature depends on the listen gem.
-  config.file_watcher = ActiveSupport::EventedFileUpdateChecker
+  # Annotate rendered view with file names.
+  # config.action_view.annotate_rendered_view_with_filenames = true
 
-  config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
+  # Uncomment if you wish to allow Action Cable access from any origin.
+  # config.action_cable.disable_request_forgery_protection = true
 end
@@ -14,17 +14,12 @@ Rails.application.configure do
   config.consider_all_requests_local       = false
   config.action_controller.perform_caching = true
 
-  # Attempt to read encrypted secrets from `config/secrets.yml.enc`.
-  # Requires an encryption key in `ENV["RAILS_MASTER_KEY"]` or
-  # `config/secrets.yml.key`.
-  config.read_encrypted_secrets = true
-
   # Disable serving static files from the `/public` folder by default since
   # Apache or NGINX already handles this.
   config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
 
   # Compress JavaScripts and CSS.
-  config.assets.js_compressor = :uglifier
+  config.assets.js_compressor = :terser
   # config.assets.css_compressor = :sass
 
   # Do not fallback to assets pipeline if a precompiled asset is missed.
@@ -66,7 +61,9 @@ Rails.application.configure do
   # Set this to true and configure the email server for immediate delivery to raise delivery errors.
   # config.action_mailer.raise_delivery_errors = false
 
-  config.action_mailer.default_url_options = { host: 'feffernoo.se' }
+  config.action_mailer.default_url_options = { host: 'www.fourisland.com' }
+  config.action_mailer.delivery_method = :smtp
+  config.action_mailer.smtp_settings = Rails.application.config_for(:mail)[:smtp_settings]
 
   # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
   # the I18n.default_locale when a translation cannot be found).
@@ -90,4 +87,7 @@ Rails.application.configure do
 
   # Do not dump schema after migrations.
   config.active_record.dump_schema_after_migration = false
+
+  # Store uploaded files on the local file system (see config/storage.yml for options).
+  config.active_storage.service = :local
 end
@@ -1,32 +1,41 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
 Rails.application.configure do
   # Settings specified here will take precedence over those in config/application.rb.
 
-  # The test environment is used exclusively to run your application's
-  # test suite. You never need to work with it otherwise. Remember that
-  # your test database is "scratch space" for the test suite and is wiped
-  # and recreated between test runs. Don't rely on the data there!
+  # Turn false under Spring and add config.action_view.cache_template_loading = true.
   config.cache_classes = true
 
-  # Do not eager load code on boot. This avoids loading your whole application
-  # just for the purpose of running a single test. If you are using a tool that
-  # preloads Rails for running tests, you may have to set it to true.
-  config.eager_load = false
+  # Eager loading loads your whole application. When running a single test locally,
+  # this probably isn't necessary. It's a good idea to do in a continuous integration
+  # system, or in some way before deploying your code.
+  config.eager_load = ENV["CI"].present?
 
   # Configure public file server for tests with Cache-Control for performance.
   config.public_file_server.enabled = true
   config.public_file_server.headers = {
-    'Cache-Control' => "public, max-age=#{1.hour.seconds.to_i}"
+    "Cache-Control" => "public, max-age=#{1.hour.to_i}"
   }
 
   # Show full error reports and disable caching.
   config.consider_all_requests_local       = true
   config.action_controller.perform_caching = false
+  config.cache_store = :null_store
 
   # Raise exceptions instead of rendering exception templates.
   config.action_dispatch.show_exceptions = false
 
   # Disable request forgery protection in test environment.
   config.action_controller.allow_forgery_protection = false
+
+  # Store uploaded files on the local file system in a temporary directory.
+  config.active_storage.service = :test
+
   config.action_mailer.perform_caching = false
 
   # Tell Action Mailer not to deliver emails to the real world.
@@ -37,6 +46,15 @@ Rails.application.configure do
   # Print deprecation notices to the stderr.
   config.active_support.deprecation = :stderr
 
-  # Raises error for missing translations
-  # config.action_view.raise_on_missing_translations = true
+  # Raise exceptions for disallowed deprecations.
+  config.active_support.disallowed_deprecation = :raise
+
+  # Tell Active Support which deprecation messages to disallow.
+  config.active_support.disallowed_deprecation_warnings = []
+
+  # Raises error for missing translations.
+  # config.i18n.raise_on_missing_translations = true
+
+  # Annotate rendered view with file names.
+  # config.action_view.annotate_rendered_view_with_filenames = true
 end
@@ -0,0 +1,2 @@
+Akismet.api_key = Rails.application.credentials.akismet_api_key
+Akismet.app_url = Rails.application.credentials.akismet_app_url
@@ -12,5 +12,4 @@ Rails.application.config.assets.paths << Rails.root.join('node_modules')
 # application.js, application.css, and all non-JS/CSS in the app/assets
 # folder are already added.
 # Rails.application.config.assets.precompile += %w( admin.js admin.css )
-Rails.application.config.assets.precompile += %w( ckeditor/* )
-Rails.application.config.assets.precompile += %w( main userdata admin )
+Rails.application.config.assets.precompile += %w( main userdata admin quotes )
@@ -1,58 +0,0 @@
-# Use this hook to configure ckeditor
-Ckeditor.setup do |config|
-  # ==> ORM configuration
-  # Load and configure the ORM. Supports :active_record (default), :mongo_mapper and
-  # :mongoid (bson_ext recommended) by default. Other ORMs may be
-  # available as additional gems.
-  require 'ckeditor/orm/active_record'
-
-  # Allowed image file types for upload.
-  # Set to nil or [] (empty array) for all file types
-  # By default: %w(jpg jpeg png gif tiff)
-  # config.image_file_types = %w(jpg jpeg png gif tiff)
-
-  # Allowed flash file types for upload.
-  # Set to nil or [] (empty array) for all file types
-  # By default: %w(jpg jpeg png gif tiff)
-  # config.flash_file_types = %w(swf)
-
-  # Allowed attachment file types for upload.
-  # Set to nil or [] (empty array) for all file types
-  # By default: %w(doc docx xls odt ods pdf rar zip tar tar.gz swf)
-  # config.attachment_file_types = %w(doc docx xls odt ods pdf rar zip tar tar.gz swf)
-
-  # Setup authorization to be run as a before filter
-  # By default: there is no authorization.
-  # config.authorize_with :cancan
-
-  # Override parent controller CKEditor inherits from
-  # By default: 'ApplicationController'
-  # config.parent_controller = 'MyController'
-
-  # Asset model classes
-  # config.picture_model { Ckeditor::Picture }
-  # config.attachment_file_model { Ckeditor::AttachmentFile }
-
-  # Paginate assets
-  # By default: 24
-  # config.default_per_page = 24
-
-  # Customize ckeditor assets path
-  # By default: nil
-  # config.asset_path = 'http://www.example.com/assets/ckeditor/'
-
-  # To reduce the asset precompilation time, you can limit plugins and/or languages to those you need:
-  # By default: nil (no limit)
-  config.assets_languages = ['en']
-  # config.assets_plugins = ['image', 'smiley']
-
-  # CKEditor CDN
-  # More info here http://cdn.ckeditor.com/
-  # By default: nil (CDN disabled)
-  # config.cdn_url = '//cdn.ckeditor.com/4.7.1/standard/ckeditor.js'
-
-  # JS config url
-  # Used when CKEditor CDN enabled
-  # By default: "ckeditor/config.js"
-  # config.js_config_url = 'ckeditor/config.js'
-end
@@ -0,0 +1,25 @@
+# Be sure to restart your server when you modify this file.
+
+# Define an application-wide content security policy.
+# See the Securing Rails Applications Guide for more information:
+# https://guides.rubyonrails.org/security.html#content-security-policy-header
+
+# Rails.application.configure do
+#   config.content_security_policy do |policy|
+#     policy.default_src :self, :https
+#     policy.font_src    :self, :https, :data
+#     policy.img_src     :self, :https, :data
+#     policy.object_src  :none
+#     policy.script_src  :self, :https
+#     policy.style_src   :self, :https
+#     # Specify URI for violation reports
+#     # policy.report_uri "/csp-violation-report-endpoint"
+#   end
+#
+#   # Generate session nonces for permitted importmap and inline scripts
+#   config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s }
+#   config.content_security_policy_nonce_directives = %w(script-src)
+#
+#   # Report violations without enforcing the policy.
+#   # config.content_security_policy_report_only = true
+# end
@@ -1,4 +1,8 @@
 # Be sure to restart your server when you modify this file.
 
-# Configure sensitive parameters which will be filtered from the log file.
-Rails.application.config.filter_parameters += [:password]
+# Configure parameters to be filtered from the log file. Use this to limit dissemination of
+# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
+# notations and behaviors.
+Rails.application.config.filter_parameters += [
+  :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]
@@ -4,13 +4,13 @@
 # are locale specific, and you may define rules for as many different
 # locales as you wish. All of these examples are active by default:
 # ActiveSupport::Inflector.inflections(:en) do |inflect|
-#   inflect.plural /^(ox)$/i, '\1en'
-#   inflect.singular /^(ox)en/i, '\1'
-#   inflect.irregular 'person', 'people'
+#   inflect.plural /^(ox)$/i, "\\1en"
+#   inflect.singular /^(ox)en/i, "\\1"
+#   inflect.irregular "person", "people"
 #   inflect.uncountable %w( fish sheep )
 # end
 
 # These inflection rules are supported but not enabled by default:
 # ActiveSupport::Inflector.inflections(:en) do |inflect|
-#   inflect.acronym 'RESTful'
+#   inflect.acronym "RESTful"
 # end
@@ -0,0 +1,7 @@
+JsRoutes.setup do |c|
+  # Setup your JS module system:
+  # ESM, CJS, AMD, UMD or nil
+  # c.module_type = "ESM"
+  c.module_type = nil
+  c.namespace = 'Routes'
+end
@@ -0,0 +1,135 @@
+# Be sure to restart your server when you modify this file.
+#
+# This file eases your Rails 7.0 framework defaults upgrade.
+#
+# Uncomment each configuration one by one to switch to the new default.
+# Once your application is ready to run with all new defaults, you can remove
+# this file and set the `config.load_defaults` to `7.0`.
+#
+# Read the Guide for Upgrading Ruby on Rails for more info on each option.
+# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html
+
+# `button_to` view helper will render `<button>` element, regardless of whether
+# or not the content is passed as the first argument or as a block.
+# Rails.application.config.action_view.button_to_generates_button_tag = true
+
+# `stylesheet_link_tag` view helper will not render the media attribute by default.
+# Rails.application.config.action_view.apply_stylesheet_media_default = false
+
+# Change the digest class for the key generators to `OpenSSL::Digest::SHA256`.
+# Changing this default means invalidate all encrypted messages generated by
+# your application and, all the encrypted cookies. Only change this after you
+# rotated all the messages using the key rotator.
+#
+# See upgrading guide for more information on how to build a rotator.
+# https://guides.rubyonrails.org/v7.0/upgrading_ruby_on_rails.html
+# Rails.application.config.active_support.key_generator_hash_digest_class = OpenSSL::Digest::SHA256
+
+# Change the digest class for ActiveSupport::Digest.
+# Changing this default means that for example Etags change and
+# various cache keys leading to cache invalidation.
+# Rails.application.config.active_support.hash_digest_class = OpenSSL::Digest::SHA256
+
+# Don't override ActiveSupport::TimeWithZone.name and use the default Ruby
+# implementation.
+# Rails.application.config.active_support.remove_deprecated_time_with_zone_name = true
+
+# Calls `Rails.application.executor.wrap` around test cases.
+# This makes test cases behave closer to an actual request or job.
+# Several features that are normally disabled in test, such as Active Record query cache
+# and asynchronous queries will then be enabled.
+# Rails.application.config.active_support.executor_around_test_case = true
+
+# Define the isolation level of most of Rails internal state.
+# If you use a fiber based server or job processor, you should set it to `:fiber`.
+# Otherwise the default of `:thread` if preferable.
+# Rails.application.config.active_support.isolation_level = :thread
+
+# Set both the `:open_timeout` and `:read_timeout` values for `:smtp` delivery method.
+# Rails.application.config.action_mailer.smtp_timeout = 5
+
+# The ActiveStorage video previewer will now use scene change detection to generate
+# better preview images (rather than the previous default of using the first frame
+# of the video).
+# Rails.application.config.active_storage.video_preview_arguments =
+#   "-vf 'select=eq(n\\,0)+eq(key\\,1)+gt(scene\\,0.015),loop=loop=-1:size=2,trim=start_frame=1' -frames:v 1 -f image2"
+
+# Automatically infer `inverse_of` for associations with a scope.
+# Rails.application.config.active_record.automatic_scope_inversing = true
+
+# Raise when running tests if fixtures contained foreign key violations
+# Rails.application.config.active_record.verify_foreign_keys_for_fixtures = true
+
+# Disable partial inserts.
+# This default means that all columns will be referenced in INSERT queries
+# regardless of whether they have a default or not.
+# Rails.application.config.active_record.partial_inserts = false
+
+# Protect from open redirect attacks in `redirect_back_or_to` and `redirect_to`.
+# Rails.application.config.action_controller.raise_on_open_redirects = true
+
+# Change the variant processor for Active Storage.
+# Changing this default means updating all places in your code that
+# generate variants to use image processing macros and ruby-vips
+# operations. See the upgrading guide for detail on the changes required.
+# The `:mini_magick` option is not deprecated; it's fine to keep using it.
+# Rails.application.config.active_storage.variant_processor = :vips
+
+# Enable parameter wrapping for JSON.
+# Previously this was set in an initializer. It's fine to keep using that initializer if you've customized it.
+# To disable parameter wrapping entirely, set this config to `false`.
+# Rails.application.config.action_controller.wrap_parameters_by_default = true
+
+# Specifies whether generated namespaced UUIDs follow the RFC 4122 standard for namespace IDs provided as a
+# `String` to `Digest::UUID.uuid_v3` or `Digest::UUID.uuid_v5` method calls.
+#
+# See https://guides.rubyonrails.org/configuring.html#config-active-support-use-rfc4122-namespaced-uuids for
+# more information.
+# Rails.application.config.active_support.use_rfc4122_namespaced_uuids = true
+
+# Change the default headers to disable browsers' flawed legacy XSS protection.
+# Rails.application.config.action_dispatch.default_headers = {
+#   "X-Frame-Options" => "SAMEORIGIN",
+#   "X-XSS-Protection" => "0",
+#   "X-Content-Type-Options" => "nosniff",
+#   "X-Download-Options" => "noopen",
+#   "X-Permitted-Cross-Domain-Policies" => "none",
+#   "Referrer-Policy" => "strict-origin-when-cross-origin"
+# }
+
+
+# ** Please read carefully, this must be configured in config/application.rb **
+# Change the format of the cache entry.
+# Changing this default means that all new cache entries added to the cache
+# will have a different format that is not supported by Rails 6.1 applications.
+# Only change this value after your application is fully deployed to Rails 7.0
+# and you have no plans to rollback.
+# When you're ready to change format, add this to `config/application.rb` (NOT this file):
+#  config.active_support.cache_format_version = 7.0
+
+
+# Cookie serializer: 2 options
+# 
+# If you're upgrading and haven't set `cookies_serializer` previously, your cookie serializer
+# is `:marshal`. The default for new apps is `:json`.
+#
+# Rails.application.config.action_dispatch.cookies_serializer = :json
+#
+#
+# To migrate an existing application to the `:json` serializer, use the `:hybrid` option.
+# 
+# Rails transparently deserializes existing (Marshal-serialized) cookies on read and
+# re-writes them in the JSON format.
+# 
+# It is fine to use `:hybrid` long term; you should do that until you're confident *all* your cookies
+# have been converted to JSON. To keep using `:hybrid` long term, move this config to its own
+# initializer or to `config/application.rb`.
+#
+# Rails.application.config.action_dispatch.cookies_serializer = :hybrid
+#
+#
+# If your cookies can't yet be serialized to JSON, keep using `:marshal` for backward-compatibility.
+#
+# If you have configured the serializer elsewhere, you can remove this section of the file.
+# 
+# See https://guides.rubyonrails.org/action_controller_overview.html#cookies for more information.
@@ -0,0 +1,11 @@
+# Define an application-wide HTTP permissions policy. For further
+# information see https://developers.google.com/web/updates/2018/06/feature-policy
+#
+# Rails.application.config.permissions_policy do |f|
+#   f.camera      :none
+#   f.gyroscope   :none
+#   f.microphone  :none
+#   f.usb         :none
+#   f.fullscreen  :self
+#   f.payment     :self, "https://secure.example.com"
+# end
@@ -0,0 +1,4 @@
+Recaptcha.configure do |config|
+  config.site_key = Rails.application.credentials.recaptcha_site_key
+  config.secret_key = Rails.application.credentials.recaptcha_secret_key
+end
@@ -0,0 +1 @@
+Rails.application.config.active_record.yaml_column_permitted_classes = [Enumerize::Value]
@@ -0,0 +1,8 @@
+production:
+  smtp_settings:
+    address: "mail.smtp2go.com"
+    port: 2525
+    user_name: "fourisland.com"
+    password: <%= Rails.application.credentials.smtp2go_password %>
+    authentication: "plain"
+    openssl_verify_mode: "none"
@@ -11,20 +11,79 @@ Rails.application.routes.draw do
     resources :streams, except: [:show] do
       resources :updates, except: [:index, :show]
     end
-  end
 
-  mount Ckeditor::Engine => '/ckeditor'
+    resources :links, except: [:show]
+
+    resources :games, except: [:show]
+
+    resources :comments, only: [:index, :destroy] do
+      collection do
+        get 'pending'
+        post 'mass'
+      end
+
+      member do
+        post 'accept'
+        post 'reject'
+        post 'mark_spam'
+      end
+    end
+
+    resources :quotes do
+      collection do
+        get 'pending'
+      end
+
+      member do
+        post 'accept'
+      end
+    end
+  end
 
   devise_for :users, controllers: {
     sessions: 'users/sessions',
     passwords: 'users/passwords'
   }
 
-  root "records#index"
+  root "blogs#summary"
+
+  resources :blogs, only: [:index, :show], param: :slug, path: "blog" do
+    member do
+      post 'upvote'
+      post 'downvote'
 
-  get 'says/:slug', to: 'blogs#show', as: :blog
+      resources :comments, only: [:create]
+    end
+  end
 
+  get 'thinks', to: 'streams#index', as: :streams
   get 'thinks/:slug', to: 'streams#show', as: :stream
 
-  mount Pokeviewer::Engine => '/poke3'
+  get 'plays', to: 'games#index'
+
+  resources :tags, only: [:index, :show], param: :name do
+    collection do
+      get 'suggest'
+    end
+  end
+
+  resources :quotes do
+    collection do
+      get 'latest'
+      get 'top'
+      get 'random'
+      get 'tags'
+      get 'tags/:id', :action => "tag", :as => "tag"
+      get 'stats'
+      get 'search_form'
+      get 'search'
+    end
+
+    member do
+      post 'upvote'
+      post 'downvote'
+    end
+  end
+
+  resources :webmentions, only: [:create]
 end
@@ -0,0 +1,27 @@
+# Use this file to easily define all of your cron jobs.
+#
+# It's helpful, but not entirely necessary to understand cron before proceeding.
+# http://en.wikipedia.org/wiki/Cron
+
+# Example:
+#
+# set :output, "/path/to/my/cron_log.log"
+#
+# every 2.hours do
+#   command "/usr/bin/some_great_command"
+#   runner "MyModel.some_method"
+#   rake "some:great:rake:task"
+# end
+#
+# every 4.days do
+#   runner "AnotherModel.prune_old_records"
+# end
+
+# Learn more: http://github.com/javan/whenever
+every 1.day, at: "6:00am" do
+  rake "thoughts:email_upvote_report"
+end
+
+every 6.hours do
+  rake "thoughts:refresh_scrobbles"
+end
@@ -1,32 +0,0 @@
-# Be sure to restart your server when you modify this file.
-
-# Your secret key is used for verifying the integrity of signed cookies.
-# If you change this key, all old signed cookies will become invalid!
-
-# Make sure the secret is at least 30 characters and all random,
-# no regular words or you'll be exposed to dictionary attacks.
-# You can use `rails secret` to generate a secure secret key.
-
-# Make sure the secrets in this file are kept private
-# if you're sharing your code publicly.
-
-# Shared secrets are available across all environments.
-
-# shared:
-#   api_key: a1B2c3D4e5F6
-
-# Environmental secrets are only available for that specific environment.
-
-development:
-  secret_key_base: d56c163402b7f74e65934e2a5d5a0990a8120dc88c39c5ca00c143cbc1551f0d21e811cbd246c282ffc58d46286f5ae7d3231696c21772b252f137c24de0aa3f
-
-test:
-  secret_key_base: 66e64fc722045f0e636e7658997477d4e265d14e5dfef59f045e3512019b38a885320274116edf354d390a6019555848a89d8a3e01a6091df83032120edff6ac
-
-# Do not keep production secrets in the unencrypted secrets file.
-# Instead, either read values from the environment.
-# Or, use `bin/rails secrets:setup` to configure encrypted secrets
-# and move the `production:` environment over there.
-
-production:
-  secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
@@ -0,0 +1,34 @@
+test:
+  service: Disk
+  root: <%= Rails.root.join("tmp/storage") %>
+
+local:
+  service: Disk
+  root: <%= Rails.root.join("storage") %>
+
+# Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
+# amazon:
+#   service: S3
+#   access_key_id: <%= Rails.application.credentials.dig(:aws, :access_key_id) %>
+#   secret_access_key: <%= Rails.application.credentials.dig(:aws, :secret_access_key) %>
+#   region: us-east-1
+#   bucket: your_own_bucket-<%= Rails.env %>
+
+# Remember not to checkin your GCS keyfile to a repository
+# google:
+#   service: GCS
+#   project: your_project
+#   credentials: <%= Rails.root.join("path/to/gcs.keyfile") %>
+#   bucket: your_own_bucket-<%= Rails.env %>
+
+# Use bin/rails credentials:edit to set the Azure Storage secret (as azure_storage:storage_access_key)
+# microsoft:
+#   service: AzureStorage
+#   storage_account_name: your_account_name
+#   storage_access_key: <%= Rails.application.credentials.dig(:azure_storage, :storage_access_key) %>
+#   container: your_container_name-<%= Rails.env %>
+
+# mirror:
+#   service: Mirror
+#   primary: local
+#   mirrors: [ amazon, google, microsoft ]