Skip to content

Commit

Permalink
Upgrade app configuration to Rails 7.1
Browse files Browse the repository at this point in the history
  • Loading branch information
Tetrino committed Jan 23, 2024
1 parent 6fb82f1 commit 8ae4c7e
Show file tree
Hide file tree
Showing 8 changed files with 40 additions and 19 deletions.
2 changes: 1 addition & 1 deletion bin/setup
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ require "fileutils"
APP_ROOT = File.expand_path("..", __dir__)

def system!(*args)
system(*args) || abort("\n== Command #{args} failed ==")
system(*args, exception: true)
end

FileUtils.chdir APP_ROOT do
Expand Down
2 changes: 1 addition & 1 deletion config/application.rb
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
module Static
class Application < Rails::Application
# Initialize configuration defaults for originally generated Rails version.
config.load_defaults 7.0
config.load_defaults 7.1

# Settings in config/environments/* take precedence over those specified here.
# Application configuration can go into files in config/initializers
Expand Down
2 changes: 1 addition & 1 deletion config/boot.rb
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)

require "bundler/setup" # Set up gems listed in the Gemfile.
require "bootsnap/setup"
require "bootsnap/setup" # Speed up boot time by caching expensive operations.
5 changes: 4 additions & 1 deletion config/environments/development.rb
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
# In the development environment your application's code is reloaded any time
# it changes. This slows down response time but is perfect for development
# since you don't have to restart the web server when you make code changes.
config.cache_classes = false
config.enable_reloading = true

# Do not eager load code on boot.
config.eager_load = false
Expand Down Expand Up @@ -56,4 +56,7 @@

# Uncomment if you wish to allow Action Cable access from any origin.
# config.action_cable.disable_request_forgery_protection = true

# Raise error when a before_action's only/except options reference missing actions
config.action_controller.raise_on_missing_callback_actions = true
end
14 changes: 13 additions & 1 deletion config/environments/production.rb
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
# Settings specified here will take precedence over those in config/application.rb.

# Code is not reloaded between requests.
config.cache_classes = true
config.enable_reloading = false

# Eager load code on boot. This eager loads most of Rails and
# your application in memory, allowing both threaded web servers
Expand Down Expand Up @@ -40,6 +40,10 @@
# config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache
# config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX

# Assume all access to the app is happening through a SSL-terminating reverse proxy.
# Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies.
# config.assume_ssl = true

# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
# config.force_ssl = true

Expand Down Expand Up @@ -83,4 +87,12 @@
if ENV["HEROKU_APP_NAME"] && !ENV.include?("PLEK_SERVICE_STATIC_URI")
ENV["PLEK_SERVICE_STATIC_URI"] = "#{ENV['HEROKU_APP_NAME']}.herokuapp.com"
end

# Enable DNS rebinding protection and other `Host` header attacks.
# config.hosts = [
# "example.com", # Allow requests from example.com
# /.*\.example\.com/ # Allow requests from subdomains like `www.example.com`
# ]
# Skip DNS rebinding protection for the default health check endpoint.
# config.host_authorization = { exclude: ->(request) { request.path == "/up" } }
end
10 changes: 7 additions & 3 deletions config/environments/test.rb
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,10 @@
# Turn false under Spring and add config.action_view.cache_template_loading = true.
config.cache_classes = true

# Eager loading loads your whole application. When running a single test locally,
# this probably isn't necessary. It's a good idea to do in a continuous integration
# system, or in some way before deploying your code.
# Eager loading loads your entire application. When running a single test locally,
# this is usually not necessary, and can slow down your test suite. However, it's
# recommended that you enable it in continuous integration systems to ensure eager
# loading is working properly before deploying your code.
config.eager_load = ENV["CI"].present?

# Configure public file server for tests with Cache-Control for performance.
Expand Down Expand Up @@ -50,4 +51,7 @@

# Annotate rendered view with file names.
# config.action_view.annotate_rendered_view_with_filenames = true

# Raise error when a before_action's only/except options reference missing actions
config.action_controller.raise_on_missing_callback_actions = true
end
4 changes: 2 additions & 2 deletions config/initializers/content_security_policy.rb
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,9 @@
# # policy.report_uri "/csp-violation-report-endpoint"
# end
#
# # Generate session nonces for permitted importmap and inline scripts
# # Generate session nonces for permitted importmap, inline scripts, and inline styles.
# config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s }
# config.content_security_policy_nonce_directives = %w(script-src)
# config.content_security_policy_nonce_directives = %w(script-src style-src)
#
# # Report violations without enforcing the policy.
# # config.content_security_policy_report_only = true
Expand Down
20 changes: 11 additions & 9 deletions config/initializers/permissions_policy.rb
Original file line number Diff line number Diff line change
@@ -1,11 +1,13 @@
# Be sure to restart your server when you modify this file.

# Define an application-wide HTTP permissions policy. For further
# information see https://developers.google.com/web/updates/2018/06/feature-policy
#
# Rails.application.config.permissions_policy do |f|
# f.camera :none
# f.gyroscope :none
# f.microphone :none
# f.usb :none
# f.fullscreen :self
# f.payment :self, "https://secure.example.com"
# information see: https://developers.google.com/web/updates/2018/06/feature-policy

# Rails.application.config.permissions_policy do |policy|
# policy.camera :none
# policy.gyroscope :none
# policy.microphone :none
# policy.usb :none
# policy.fullscreen :self
# policy.payment :self, "https://secure.example.com"
# end

0 comments on commit 8ae4c7e

Please sign in to comment.