diff --git a/app.json b/app.json index 534691b21..75bcfacf1 100644 --- a/app.json +++ b/app.json @@ -78,6 +78,7 @@ }, "name": "coderdojo.jp", "scripts": { + "postdeploy": "bundle exec rails db:setup && bundle exec rails dojos:update_db_by_yaml && bundle exec rails dojo_event_services:upsert" }, "stack": "heroku-18" } diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 94e28d714..00d0297ce 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -1,4 +1,7 @@ class ApplicationController < ActionController::Base + http_basic_authenticate_with name: ENV['BASIC_AUTH_NAME'], + password: ENV['BASIC_AUTH_PASSWORD'] if Rails.env.staging? + before_action :store_location , unless: :login_page_access? # Prevent CSRF attacks by raising an exception. diff --git a/config/database.yml b/config/database.yml index 5b81c173c..1320279da 100644 --- a/config/database.yml +++ b/config/database.yml @@ -82,5 +82,9 @@ test: # production: # url: <%= ENV['DATABASE_URL'] %> # +staging: + <<: *default + database: coderdojo_jp_staging + production: url: <%= ENV['DATABASE_URL'] %> diff --git a/config/environments/staging.rb b/config/environments/staging.rb new file mode 100644 index 000000000..ded634c15 --- /dev/null +++ b/config/environments/staging.rb @@ -0,0 +1,105 @@ +Rails.application.configure do + # Settings specified here will take precedence over those in config/application.rb. + + # Code is not reloaded between requests. + config.cache_classes = true + + # Eager load code on boot. This eager loads most of Rails and + # your application in memory, allowing both threaded web servers + # and those relying on copy on write to perform better. + # Rake tasks automatically ignore this option for performance. + config.eager_load = true + + # Full error reports are disabled and caching is turned on. + config.consider_all_requests_local = false + config.action_controller.perform_caching = true + + # Attempt to read encrypted secrets from `config/secrets.yml.enc`. + # Requires an encryption key in `ENV["RAILS_MASTER_KEY"]` or + # `config/secrets.yml.key`. + config.read_encrypted_secrets = true + + # Disable serving static files from the `/public` folder by default since + # Apache or NGINX already handles this. + config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? + + # Debug mode disables concatenation and preprocessing of assets. + # This option may cause significant delays in view rendering with a large + # number of complex assets. + config.assets.debug = true + + # Suppress logger output for asset requests. + #config.assets.quiet = true + + # Compress JavaScripts and CSS. + config.assets.js_compressor = Sprockets::UglifierCompressor.new(comments: :copyright) + # config.assets.css_compressor = :sass + + # Do not fallback to assets pipeline if a precompiled asset is missed. + config.assets.compile = false + + # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb + + # Enable serving of images, stylesheets, and JavaScripts from an asset server. + # config.action_controller.asset_host = 'http://assets.example.com' + + # Specifies the header that your server uses for sending files. + # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache + # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX + + # Mount Action Cable outside main process or domain + # config.action_cable.mount_path = nil + # config.action_cable.url = 'wss://example.com/cable' + # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ] + + # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. + config.force_ssl = true + + # Use the lowest log level to ensure availability of diagnostic information + # when problems arise. + config.log_level = :debug + + # Prepend all log lines with the following tags. + config.log_tags = [ :request_id ] + + # Use a different cache store in production. + # config.cache_store = :mem_cache_store + # config.cache_store = :memory_store + + # Use a real queuing backend for Active Job (and separate queues per environment) + # config.active_job.queue_adapter = :resque + # config.active_job.queue_name_prefix = "coderdojo_jp_#{Rails.env}" + config.action_mailer.perform_caching = false + + # Ignore bad email addresses and do not raise email delivery errors. + # Set this to true and configure the email server for immediate delivery to raise delivery errors. + # config.action_mailer.raise_delivery_errors = false + + # Enable locale fallbacks for I18n (makes lookups for any locale fall back to + # the I18n.default_locale when a translation cannot be found). + config.i18n.fallbacks = true + + # Send deprecation notices to registered listeners. + config.active_support.deprecation = :notify + + # Use default logging formatter so that PID and timestamp are not suppressed. + config.log_formatter = ::Logger::Formatter.new + + # Use a different logger for distributed setups. + # require 'syslog/logger' + # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name') + + if ENV["RAILS_LOG_TO_STDOUT"].present? + logger = ActiveSupport::Logger.new(STDOUT) + logger.formatter = config.log_formatter + config.logger = ActiveSupport::TaggedLogging.new(logger) + end + + # Do not dump schema after migrations. + config.active_record.dump_schema_after_migration = false + + # Redirect if not in correct domains + config.middleware.use Rack::HostRedirect, { + %w(coderdojo-japan.herokuapp.com www.coderdojo.jp) => 'coderdojo.jp' + } +end diff --git a/config/secrets.yml b/config/secrets.yml index ce3de6e05..c36cdff63 100644 --- a/config/secrets.yml +++ b/config/secrets.yml @@ -23,6 +23,9 @@ development: test: secret_key_base: 7ba3d6d2a7c7089b9ec2d21821c88cef5801cf32e4f9c4c0908456c3319d3bd651c8601b04625c2a03d3c16d1eb37833f1ae23a34586352eb6ab9d06999af583 +staging: + secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> + # Do not keep production secrets in the unencrypted secrets file. # Instead, either read values from the environment. # Or, use `bin/rails secrets:setup` to configure encrypted secrets