diff options
Diffstat (limited to 'config')
| -rw-r--r-- | config/crontab.ugly | 1 | ||||
| -rw-r--r-- | config/environment.rb | 3 | ||||
| -rw-r--r-- | config/environments/development.rb | 2 | ||||
| -rw-r--r-- | config/general.yml-example | 23 | ||||
| -rw-r--r-- | config/initializers/fast_gettext.rb | 1 | ||||
| -rw-r--r-- | config/initializers/session_store.rb | 2 | ||||
| -rw-r--r-- | config/initializers/theme_loader.rb | 7 | ||||
| -rw-r--r-- | config/purge-varnish-debian.ugly | 81 | ||||
| -rw-r--r-- | config/routes.rb | 2 | ||||
| -rw-r--r-- | config/test.yml | 2 | ||||
| -rw-r--r-- | config/varnish-alaveteli.vcl | 24 |
11 files changed, 138 insertions, 10 deletions
diff --git a/config/crontab.ugly b/config/crontab.ugly index a22d5afd7..c5d023f2f 100644 --- a/config/crontab.ugly +++ b/config/crontab.ugly @@ -13,6 +13,7 @@ MAILTO=cron-!!(*= $site *)!!@mysociety.org */5 * * * * !!(*= $user *)!! run-with-lockfile -n /data/vhost/!!(*= $vhost *)!!/change-xapian-database.lock "/data/vhost/!!(*= $vhost *)!!/!!(*= $vcspath *)!!/script/update-xapian-index verbose=true" >> /data/vhost/!!(*= $vhost *)!!/logs/update-xapian-index.log || echo "stalled?" # Every 10 minutes 5,15,25,35,45,55 * * * * !!(*= $user *)!! /etc/init.d/foi-alert-tracks check +5,15,25,35,45,55 * * * * !!(*= $user *)!! /etc/init.d/purge-varnish check # Once an hour 39 * * * * !!(*= $user *)!! run-with-lockfile -n /data/vhost/!!(*= $vhost *)!!/alert-overdue-requests.lock /data/vhost/!!(*= $vhost *)!!/!!(*= $vcspath *)!!/script/alert-overdue-requests || echo "stalled?" diff --git a/config/environment.rb b/config/environment.rb index 7b6e8f5bc..b958c6475 100644 --- a/config/environment.rb +++ b/config/environment.rb @@ -49,7 +49,7 @@ Rails::Initializer.run do |config| # config.plugins = %W( exception_notification ssl_requirement ) # Add additional load paths for your own custom dirs - # config.load_paths += %W( #{RAILS_ROOT}/extras ) + # config.load_paths += %W( #{Rails.root}/extras ) # Force all environments to use the same logger level # (by default production uses :info, the others :debug) @@ -135,6 +135,7 @@ require 'i18n_fixes.rb' require 'rack_quote_monkeypatch.rb' require 'world_foi_websites.rb' require 'alaveteli_external_command.rb' +require 'quiet_opener.rb' ExceptionNotification::Notifier.sender_address = MySociety::Config::get('EXCEPTION_NOTIFICATIONS_FROM') ExceptionNotification::Notifier.exception_recipients = MySociety::Config::get('EXCEPTION_NOTIFICATIONS_TO') diff --git a/config/environments/development.rb b/config/environments/development.rb index d5f2f5772..a1e8133a8 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -1,5 +1,7 @@ # Settings specified here will take precedence over those in config/environment.rb +config.log_level = :info + # In the development environment your application's code is reloaded on # every request. This slows down response time but is perfect for development # since you don't have to restart the webserver when you make code changes. diff --git a/config/general.yml-example b/config/general.yml-example index ed04e0fd5..019eb7ada 100644 --- a/config/general.yml-example +++ b/config/general.yml-example @@ -1,7 +1,7 @@ # general.yml-example: # Example values for the "general" config file. # -# Configuration parameters, in YAML syntax. +# Configuration parameters, in YAML syntax. # # Copy this file to one called "general.yml" in the same directory. Or # have multiple config files and use a symlink to change between them. @@ -34,8 +34,12 @@ SPECIAL_REPLY_VERY_LATE_AFTER_DAYS: 60 # example public bodies for the home page, semicolon delimited - short_names FRONTPAGE_PUBLICBODY_EXAMPLES: 'tgq' -# URL of theme to install (when running rails-post-deploy script) -THEME_URL: 'git://github.com/sebbacon/alavetelitheme.git' +# URLs of themes to download and use (when running rails-post-deploy +# script). Earlier in the list means the templates have a higher +# priority. +THEME_URLS: + - 'git://github.com/sebbacon/adminbootstraptheme.git' + - 'git://github.com/sebbacon/alavetelitheme.git' # Whether a user needs to sign in to start the New Request process FORCE_REGISTRATION_ON_NEW_REQUEST: false @@ -56,10 +60,13 @@ BLACKHOLE_PREFIX: 'do-not-reply-to-this-address' ## Administration -# Leave these two blank to skip admin authorisation +# The emergency user ADMIN_USERNAME: 'adminxxxx' ADMIN_PASSWORD: 'passwordx' +# Set this to true, and the admin interface will be available to anonymous users +SKIP_ADMIN_AUTH: false + # Email "from" details CONTACT_EMAIL: 'postmaster@localhost' CONTACT_NAME: 'Alaveteli Webmaster' @@ -142,3 +149,11 @@ EXCEPTION_NOTIFICATIONS_TO: # This rate limiting can be turned off per-user via the admin interface MAX_REQUESTS_PER_USER_PER_DAY: 6 + + +# This is used to work out where to send purge requests. Should be +# unset if you aren't running behind varnish +VARNISH_HOST: localhost + +# Adding a value here will enable Google Analytics on all non-admin pages. +GA_CODE: '' diff --git a/config/initializers/fast_gettext.rb b/config/initializers/fast_gettext.rb index 63cf6b50d..9049fd8ed 100644 --- a/config/initializers/fast_gettext.rb +++ b/config/initializers/fast_gettext.rb @@ -1,2 +1,3 @@ +Encoding.default_external = 'UTF-8' if RUBY_VERSION.to_f >= 1.9 FastGettext.add_text_domain 'app', :path => File.join(Rails.root, 'locale'), :type => :po FastGettext.default_text_domain = 'app' diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb index 9ef2dddc1..bf40e99c1 100644 --- a/config/initializers/session_store.rb +++ b/config/initializers/session_store.rb @@ -12,6 +12,6 @@ ActionController::Base.session = { ActionController::Base.session_store = :cookie_store # Insert a bit of middleware code to prevent uneeded cookie setting. -require "#{RAILS_ROOT}/lib/whatdotheyknow/strip_empty_sessions" +require "#{Rails.root}/lib/whatdotheyknow/strip_empty_sessions" ActionController::Dispatcher.middleware.insert_before ActionController::Base.session_store, WhatDoTheyKnow::StripEmptySessions, :key => '_wdtk_cookie_session', :path => "/", :httponly => true diff --git a/config/initializers/theme_loader.rb b/config/initializers/theme_loader.rb new file mode 100644 index 000000000..df392cc08 --- /dev/null +++ b/config/initializers/theme_loader.rb @@ -0,0 +1,7 @@ +theme_urls = MySociety::Config.get("THEME_URLS", []) +if ENV["RAILS_ENV"] != "test" # Don't let the theme interfere with Alaveteli specs + for url in theme_urls.reverse + theme_name = url.sub(/.*\/(.*).git/, "\\1") + require File.expand_path "../../../vendor/plugins/#{theme_name}/lib/alavetelitheme.rb", __FILE__ + end +end diff --git a/config/purge-varnish-debian.ugly b/config/purge-varnish-debian.ugly new file mode 100644 index 000000000..3e77c09c3 --- /dev/null +++ b/config/purge-varnish-debian.ugly @@ -0,0 +1,81 @@ +#!/bin/bash +# +### BEGIN INIT INFO +# Provides: purge-varnish +# Required-Start: $local_fs $syslog +# Required-Stop: $local_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: purge-varnish is a daemon running the Alaveteli email alerts +# Description: purge-varnish send Alaveteli email alerts as required +### END INIT INFO +# +# !!(*= $daemon_name *)!! Start the Alaveteli email alert daemon + +NAME=!!(*= $daemon_name *)!! +DAEMON=/data/vhost/!!(*= $vhost *)!!/alaveteli/script/runner +DAEMON_ARGS="--daemon PurgeRequest.purge_all_loop" +PIDFILE=/data/vhost/!!(*= $vhost *)!!/purge-varnish.pid +LOGFILE=/data/vhost/!!(*= $vhost *)!!/logs/purge-varnish.log +DUSER=!!(*= $user *)!! + +trap "" 1 + +export PIDFILE LOGFILE + +quietly_start_daemon() { + /sbin/start-stop-daemon --quiet --start --pidfile "$PIDFILE" --chuid "$DUSER" --startas "$DAEMON" -- $DAEMON_ARGS +} + +start_daemon() { + /sbin/start-stop-daemon --start --pidfile "$PIDFILE" --chuid "$DUSER" --startas "$DAEMON" -- $DAEMON_ARGS +} + +stop_daemon() { + /sbin/start-stop-daemon --stop --oknodo --pidfile "$PIDFILE" +} + +restart() { stop; start; } + +case "$1" in + check) + quietly_start_daemon + if [ $? -ne 1 ] + then + echo "Alaveteli alert daemon was not running; now restarted" + exit 1 + else + exit 0 + fi + ;; + + start) + echo -n "Starting Alaveteli alert daemon: $NAME" + start_daemon + ;; + + stop) + echo -n "Stopping Alaveteli alert daemon: $NAME" + stop_daemon + ;; + + restart) + echo -n "Restarting Alaveteli alert daemon: $NAME" + stop_daemon + start_daemon + ;; + + *) + echo "Usage: /etc/init.d/$NAME {start|stop|restart|check}" + exit 1 + ;; +esac + +if [ $? -eq 0 ]; then + echo . + exit 0 +else + echo " failed" + exit 1 +fi + diff --git a/config/routes.rb b/config/routes.rb index 747cc9b06..698752218 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -22,6 +22,7 @@ ActionController::Routing::Routes.draw do |map| general.blog '/blog', :action => 'blog' general.custom_css '/stylesheets/custom.css', :action => 'custom_css' general.search_redirect '/search', :action => 'search_redirect' + general.search_redirect '/search/all', :action => 'search_redirect' # XXX combined is the search query, and then if sorted a "/newest" at the end. # Couldn't find a way to do this in routes which also picked up multiple other slashes # and dots and other characters that can appear in search query. So we sort it all @@ -65,6 +66,7 @@ ActionController::Routing::Routes.draw do |map| request.upload_response "/upload/request/:url_title", :action => 'upload_response' request.download_entire_request '/request/:url_title/download', :action => 'download_entire_request' + request.report '/request/:url_title/report', :action => 'report_request' end diff --git a/config/test.yml b/config/test.yml index 90689395a..460d7c6c1 100644 --- a/config/test.yml +++ b/config/test.yml @@ -124,3 +124,5 @@ EXCEPTION_NOTIFICATIONS_TO: MAX_REQUESTS_PER_USER_PER_DAY: 2 +VARNISH_HOST: varnish.localdomain +SKIP_ADMIN_AUTH: true
\ No newline at end of file diff --git a/config/varnish-alaveteli.vcl b/config/varnish-alaveteli.vcl index 7eedf83fc..452a956da 100644 --- a/config/varnish-alaveteli.vcl +++ b/config/varnish-alaveteli.vcl @@ -15,6 +15,12 @@ backend default { .between_bytes_timeout = 600s; } +// set the servers alaveteli can issue a purge from +acl purge { + "localhost"; + "127.0.0.1"; +} + sub vcl_recv { # Handle IPv6 @@ -54,12 +60,13 @@ sub vcl_recv { req.request != "HEAD" && req.request != "POST" && req.request != "PUT" && + req.request != "PURGE" && req.request != "DELETE" ) { # We don't allow any other methods. error 405 "Method Not Allowed"; } - if (req.request != "GET" && req.request != "HEAD") { + if (req.request != "GET" && req.request != "HEAD" && req.request != "PURGE") { /* We only deal with GET and HEAD by default, the rest get passed direct to backend */ return (pass); } @@ -73,15 +80,23 @@ sub vcl_recv { if (req.http.Authorization || req.http.Cookie) { return (pass); } - # Let's have a little grace set req.grace = 30s; + # Handle PURGE requests + if (req.request == "PURGE") { + if (!client.ip ~ purge) { + error 405 "Not allowed."; + } + # XXX in Varnish 2.x, the following would be + # purge("obj.http.x-url ~ " req.url); + ban("obj.http.x-url ~ " + req.url); + error 200 "Banned"; + } return (lookup); } - sub vcl_fetch { - + set beresp.http.x-url = req.url; if (req.url ~ "\.(png|gif|jpg|jpeg|swf|css|js|rdf|ico|txt)(\?.*|)$") { # Ignore backend headers.. remove beresp.http.set-Cookie; @@ -94,3 +109,4 @@ sub vcl_fetch { return (deliver); } } + |