Skip to content

Latest commit

 

History

History
155 lines (101 loc) · 4.94 KB

README.md

File metadata and controls

155 lines (101 loc) · 4.94 KB

The code repository maintaining chrisrjones.com

Contents

UsageDeploymentDeployment Use CaseSecurityTODOs

Usage

When working with attachments using this CMS visit http://tld.com/attachments to manage attachments stored in the Postgres DB for this app.

⚠️ Must be logged in to manage attachments.

Usage / Manually Testing API endpoints

httpie is a useful utility for accessing endpoints, and even those exposed through an API. That said, I half ass setup SSL a while back, and test certain API endpoints on the remote box, ie. chrisrjones.com, pass the --verify=no flag to http to manually access / test an endpoint.

Ex

http --verbose --verify=no http://localhost:3000/api/hello
http --verbose --verify=no https://chrisrjones.com/api/hello

The above command is an exposed API endpoint that does not require an auth token to access, and should return a 200 HTTP status code.

The URL must be https and NOT http or else a 302 response will be returned from the server.

Deployment

This app will bind to the local port of 7777 on the deployed server using puma and nginx. See deploy.rb for more details.

Deployment Use Case

For my particular use case, I manage many different Rubies on my system using various different tools such as asdf, homebrew, and RVM, that said, I chose to use RVM to manage the bundled gems used within this app because RVM integrates with Capistrano less painful then other Ruby managers, ie. asdf. One caveat with using fish shell with RVM is that by default I use asdf Rubies on the daily, and need to switch to RVM when I want to manage gems contained with this app, and also need to start and ssh-agent when deploying this app using fish shell with RVM.

echo "rvm use [RUBY_VERSION_DEFINED_FOR_THIS APP]"
echo "as of March 4, 2020 👇"
rvm ues 2.7.0
ssh-agent
ssh-add ~/.ssh/id_rsa
cap production deploy

Security

To update a vulnerable gem bundled within the app

bundle update [mr-fancy-vulnerable-gem]
echo "Example"
bundle update loofah

The above command is useful for updating gems bundled in the gemset but aren't defined within the Gemfile.

Maintenance

maintenance / march 2023

it appears a rails 5.x app will not work with ruby 3.x so use ruby 2.7.x to work with rails 5.x

  1. install rvm for local $USER
  2. install latest ruby 2.7.x

2a. if using archlinux, install openssl 1.x via rvm

rvm pkg install openssl

2b. reinstall ruby 2.7.x via rvm, use rvm defined openssl

rvm install 2.7.7 --with-openssl-dir=$HOME/.rvm/usr
echo "install ruby with local openssl and jemalloc"
rvm reinstall 2.7.8 --with-openssl-dir="$HOME/.rvm/usr" --with-jemalloc
  1. if using fish shell, setup rvm.fish from dotfiles repo
  2. if working locally with a arch linux box, install postgres

4a. post postgres setup steps

sudo -iu postgres
initdb -D /var/lib/postgres/data
createuser --interactive
  1. then run rails tasks
rails db:create
rails db:migrate

To update gems listed within a Gemfile

bundle update --all

❗️ The are sub commands for performing different levels of updates ie.

  • major
  • minor
  • patch

to name a few. For more info on granular updating of gems see

TODO

  • if using app as an API only how can i authenticate with the app using a frontend framework such as react
  • fix the user registration process, ie. when i register an account the app throws and error as seen below
    SocketError in UsersController#create
    
    getaddrinfo: Name or service not known
    
    Rails.root: /opt/code/git/github/chrisrjones_rails
    Application Trace | Framework Trace | Full Trace
    
    app/models/user.rb:36:in `send_confirmation'
    app/controllers/users_controller.rb:28:in `create'
    
  • work on figuring out how i can setup an intializer to experiment with the bun & deno javascript runtimes
  • updating my boot.rb file to use next avail port broke accessing my app on my LAN, should be easy fix
  • fix contact form time permitting
  • make certain that only the owner of an attachment can delete an attachment, ie. don't allow other peeps to delete other peeps attachments.
  • figure out why seed data isn't properly inserting into the test database
  • experiment with versioning API, ie. create a V1 & V2
  • update string formatting with those defined in the Rubocop style guidelines for Ruby
  • figure out why app isn't running in dev environment ¯\(ツ)