Setup production configuration (#26)

* Fix build of package * Allow configuration in production * Configure sentry for error tracking * fixup config application * Provide a nixos module to run the app * Make sure that build does not need ENV variables
robbevp · Oct 14, 2023 · 4e720ec · 4e720ec
1 parent 40aff70
commit 4e720ec
Show file tree

Hide file tree

Showing 13 changed files with 599 additions and 198 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -27,7 +27,11 @@ updates:
   groups:
     rubocop:
       patterns:
+        - "rubocop"
         - "rubocop-*"
+    sentry:
+      patterns:
+        - "sentry-*"
     vite:
       patterns:
         - "vite*"

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -83,7 +83,7 @@ jobs:
         with:
           nix_path: nixpkgs=channel:nixos-23.05
       - name: Lint with nixpkgs-fmt
-        run: nix-shell -p nixpkgs-fmt --run "nixpkgs-fmt --check flake.nix"
+        run: nix-shell -p nixpkgs-fmt --run "nixpkgs-fmt --check flake.nix module.nix"
   precompile:
     runs-on: ubuntu-latest
     env:

diff --git a/.gitignore b/.gitignore
@@ -43,4 +43,3 @@ node_modules
 # Vite uses dotenv and suggests to ignore local-only env files. See
 # https://vitejs.dev/guide/env-and-mode.html#env-files
 *.local
-
diff --git a/Gemfile b/Gemfile
@@ -20,6 +20,12 @@ gem 'turbo-rails' # Use Turbo for progressive enhancement of requests
 gem 'view_component' # Use ViewComponent to replace partials
 gem 'vite_rails' # Use ViteRails to compile assets
 
+group :production do
+  # Report issues in production
+  gem 'sentry-rails'
+  gem 'sentry-ruby'
+end
+
 group :development, :test do
   # See https://guides.rubyonrails.org/debugging_rails_applications.html#debugging-with-the-debug-gem
   gem 'debug', platforms: %i[mri mingw x64_mingw]

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -270,6 +270,11 @@ GEM
       rexml (~> 3.2, >= 3.2.5)
       rubyzip (>= 1.2.2, < 3.0)
       websocket (~> 1.0)
+    sentry-rails (5.10.0)
+      railties (>= 5.0)
+      sentry-ruby (~> 5.10.0)
+    sentry-ruby (5.10.0)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
     simplecov (0.22.0)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
@@ -344,6 +349,8 @@ DEPENDENCIES
   rubocop-performance
   rubocop-rails
   selenium-webdriver
+  sentry-rails
+  sentry-ruby
   simplecov
   simplecov-cobertura
   turbo-rails

diff --git a/bin/vite b/bin/vite
@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'vite' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("vite_ruby", "vite")
diff --git a/config/environments/production.rb b/config/environments/production.rb
@@ -48,7 +48,7 @@
   # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]
 
   # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
-  # config.force_ssl = true
+  config.force_ssl = true
 
   # Include generic and useful information about system operation, but avoid logging too much
   # information to avoid inadvertent exposure of personally identifiable information (PII).
@@ -65,6 +65,18 @@
   # config.active_job.queue_name_prefix = "feed_reader_production"
 
   config.action_mailer.perform_caching = false
+  config.action_mailer.default_options = { from: ENV.fetch('RAILS_MAILER_DEFAULT_FROM') }
+  config.action_mailer.default_url_options = { host: ENV.fetch('HOSTNAME', nil), port: false, protocol: 'https' }
+  config.action_mailer.delivery_method = :smtp
+  config.action_mailer.smtp_settings = {
+    address: ENV.fetch('RAILS_SMTP_ADDRESS'),
+    port: 587,
+    domain: ENV.fetch('RAILS_SMTP_DOMAIN'),
+    user_name: ENV.fetch('RAILS_SMTP_USER_NAME'),
+    password: ENV.fetch('RAILS_SMTP_PASSWORD'),
+    authentication: 'login',
+    enable_starttls_auto: true
+  }
 
   # Ignore bad email addresses and do not raise email delivery errors.
   # Set this to true and configure the email server for immediate delivery to raise delivery errors.

diff --git a/config/initializers/sentry.rb b/config/initializers/sentry.rb
@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+dsn = ENV.fetch('SENTRY_DSN', nil)
+
+if dsn.present?
+  Sentry.init do |config|
+    config.dsn = dsn
+    config.breadcrumbs_logger = %i[active_support_logger http_logger]
+    # Disable performance monitoring
+    config.traces_sample_rate = 0
+  end
+end
diff --git a/config/storage.yml b/config/storage.yml
@@ -4,7 +4,7 @@ test:
 
 local:
   service: Disk
-  root: <%= Rails.root.join("storage") %>
+  root: <%= ENV['RAILS_STORAGE_PATH'] || Rails.root.join("storage") %>
 
 # Use bin/rails credentials:edit to set the AWS secrets (as aws:access_key_id|secret_access_key)
 # amazon:
Original file line number	Diff line number	Diff line change
Expand Up		@@ -43,4 +43,3 @@ node_modules
		# Vite uses dotenv and suggests to ignore local-only env files. See
		# https://vitejs.dev/guide/env-and-mode.html#env-files
		*.local