diff options
Diffstat (limited to 'config')
| -rw-r--r-- | config/environment.rb | 12 | ||||
| -rw-r--r-- | config/environments/production.rb | 7 | ||||
| -rw-r--r-- | config/general.yml-example | 19 | ||||
| -rw-r--r-- | config/routes.rb | 32 | ||||
| -rw-r--r-- | config/test.yml | 9 | ||||
| -rw-r--r-- | config/varnish-alaveteli.vcl | 40 |
6 files changed, 68 insertions, 51 deletions
diff --git a/config/environment.rb b/config/environment.rb index 929ed4dc1..f9042857b 100644 --- a/config/environment.rb +++ b/config/environment.rb @@ -117,17 +117,6 @@ end # Domain for URLs (so can work for scripts, not just web pages) ActionMailer::Base.default_url_options[:host] = Configuration::domain -# So that javascript assets use full URL, so proxied admin URLs read javascript OK -if (Configuration::domain != "") - ActionController::Base.asset_host = Proc.new { |source, request| - if ENV["RAILS_ENV"] != "test" && request.fullpath.match(/^\/admin\//) - Configuration::admin_public_url - else - Configuration::domain - end - } -end - # fallback locale and available locales available_locales = Configuration::available_locales.split(/ /) default_locale = Configuration::default_locale @@ -145,7 +134,6 @@ require 'ruby19.rb' require 'activesupport_cache_extensions.rb' require 'timezone_fixes.rb' require 'use_spans_for_errors.rb' -require 'make_html_4_compliant.rb' require 'activerecord_errors_extensions.rb' require 'willpaginate_extension.rb' require 'sendmail_return_path.rb' diff --git a/config/environments/production.rb b/config/environments/production.rb index 84a8f5965..097944196 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -17,3 +17,10 @@ config.action_controller.perform_caching = true # Disable delivery errors, bad email addresses will be ignored # config.action_mailer.raise_delivery_errors = false config.action_mailer.delivery_method = :sendmail # so is queued, rather than giving immediate errors + +require 'rack/ssl' +if ::Configuration::force_ssl + config.middleware.insert_after ActionController::Failsafe, ::Rack::SSL + # For Rails 3.x this will need to change to + #config.middleware.insert_before ActionDispatch::Cookies, ::Rack::SSL +end diff --git a/config/general.yml-example b/config/general.yml-example index bfe289541..5005fda77 100644 --- a/config/general.yml-example +++ b/config/general.yml-example @@ -12,6 +12,11 @@ SITE_NAME: 'Alaveteli' # Domain used in URLs generated by scripts (e.g. for going in some emails) DOMAIN: '127.0.0.1:3000' +# If true forces everyone (in the production environment) to use encrypted connections +# (via https) by redirecting unencrypted connections. This is *highly* recommended +# so that logins can't be intercepted by naughty people. +FORCE_SSL: true + # ISO country code of country currrently deployed in # (http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2) ISO_COUNTRY_CODE: GB @@ -53,7 +58,6 @@ FRONTPAGE_PUBLICBODY_EXAMPLES: 'tgq' # script). Earlier in the list means the templates have a higher # priority. THEME_URLS: - - 'git://github.com/mysociety/adminbootstraptheme.git' - 'git://github.com/mysociety/alavetelitheme.git' # When rails-post-deploy installs the themes it will try this branch first @@ -100,19 +104,6 @@ TRACK_SENDER_NAME: 'Alaveteli Webmaster' # this up! RAW_EMAILS_LOCATION: 'files/raw_emails' -# The base URL for admin pages, must always end with a '/' -# e.g. https://www.example.com/secure/alaveteli-admin/ -# If not specified, it will default to the path to the admin controller, -# which is usually what you want. It is useful in situations where admin -# requests are proxied via a secure server, for example. -ADMIN_BASE_URL: '' - -# Where /stylesheets sits under for admin pages. See asset_host in -# config/environment.rb. Can be full domain or relative path (not an -# absolute path beginning with /). Again, unlikely to want to change -# this. -ADMIN_PUBLIC_URL: '' - # Secret key for signing cookie_store sessions COOKIE_STORE_SESSION_SECRET: 'your secret key here, make it long and random' diff --git a/config/routes.rb b/config/routes.rb index 3476a6f87..a18295f7b 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -10,7 +10,7 @@ $alaveteli_route_extensions.each do |f| end ActionController::Routing::Routes.draw do |map| - + # The priority is based upon order of creation: first created -> highest priority. # Sample of regular route: @@ -43,7 +43,7 @@ ActionController::Routing::Routes.draw do |map| request.request_list '/list', :action => 'list' request.select_authority '/select_authority', :action => 'select_authority' - + request.new_request '/new', :action => 'new' request.new_request_to_body '/new/:url_name', :action => 'new' @@ -65,7 +65,7 @@ ActionController::Routing::Routes.draw do |map| request.upload_response "/upload/request/:url_title", :action => 'upload_response' request.download_entire_request '/request/:url_title/download', :action => 'download_entire_request' - + # It would be nice to add :conditions => { :method => :post } to this next one, # because it ought not really to be available as a GET request since it changes # the server state. Unfortunately this doesn’t play well with the PostRedirect @@ -162,9 +162,9 @@ ActionController::Routing::Routes.draw do |map| end map.with_options :controller => 'request_game' do |game| - game.play '/categorise/play', :action => 'play' - game.request '/categorise/request/:url_title', :action => 'show' - game.stop '/categorise/stop', :action => 'stop' + game.categorise_play '/categorise/play', :action => 'play' + game.categorise_request '/categorise/request/:url_title', :action => 'show' + game.categorise_stop '/categorise/stop', :action => 'stop' end map.with_options :controller => 'admin_public_body' do |body| @@ -172,10 +172,10 @@ ActionController::Routing::Routes.draw do |map| body.admin_body_index '/admin/body', :action => 'index' body.admin_body_list '/admin/body/list', :action => 'list' body.admin_body_show '/admin/body/show/:id', :action => 'show' - body.admin_body_new '/admin/body/new/:id', :action => 'new' + body.admin_body_new '/admin/body/new', :action => 'new' body.admin_body_edit '/admin/body/edit/:id', :action => 'edit' body.admin_body_update '/admin/body/update/:id', :action => 'update' - body.admin_body_create '/admin/body/create/:id', :action => 'create' + body.admin_body_create '/admin/body/create', :action => 'create' body.admin_body_destroy '/admin/body/destroy/:id', :action => 'destroy' body.admin_body_import_csv '/admin/body/import_csv', :action => 'import_csv' body.admin_body_mass_tag_add '/admin/body/mass_tag_add', :action => 'mass_tag_add' @@ -186,10 +186,10 @@ ActionController::Routing::Routes.draw do |map| admin.admin_timeline '/admin/timeline', :action => 'timeline' admin.admin_debug '/admin/debug', :action => 'debug' admin.admin_stats '/admin/stats', :action => 'stats' + admin.admin_js '/admin/javascripts/admin.js', :action => 'admin_js' end map.with_options :controller => 'admin_request' do |admin| - admin.admin_request_list_old_unclassified '/admin/unclassified', :action => 'list_old_unclassified' admin.admin_request_index '/admin/request', :action => 'index' admin.admin_request_list '/admin/request/list', :action => 'list' admin.admin_request_show '/admin/request/show/:id', :action => 'show' @@ -198,11 +198,11 @@ ActionController::Routing::Routes.draw do |map| admin.admin_request_update '/admin/request/update/:id', :action => 'update' admin.admin_request_destroy '/admin/request/destroy/:id', :action => 'fully_destroy' admin.admin_request_edit_outgoing '/admin/request/edit_outgoing/:id', :action => 'edit_outgoing' - admin.admin_request_destroy_outgoing '/admin/request/destroy_outgoing/:id', :action => 'destroy_outgoing' + admin.admin_request_destroy_outgoing '/admin/request/destroy_outgoing', :action => 'destroy_outgoing' admin.admin_request_update_outgoing '/admin/request/update_outgoing/:id', :action => 'update_outgoing' admin.admin_request_edit_comment '/admin/request/edit_comment/:id', :action => 'edit_comment' admin.admin_request_update_comment '/admin/request/update_comment/:id', :action => 'update_comment' - admin.admin_request_destroy_incoming '/admin/request/destroy_incoming/:id', :action => 'destroy_incoming' + admin.admin_request_destroy_incoming '/admin/request/destroy_incoming', :action => 'destroy_incoming' admin.admin_request_redeliver_incoming '/admin/request/redeliver_incoming', :action => 'redeliver_incoming' admin.admin_request_move_request '/admin/request/move_request', :action => 'move_request' admin.admin_request_generate_upload_url '/admin/request/generate_upload_url/:id', :action => 'generate_upload_url' @@ -218,7 +218,7 @@ ActionController::Routing::Routes.draw do |map| user.admin_user_list_banned '/admin/user/banned', :action => 'list_banned' user.admin_user_show '/admin/user/show/:id', :action => 'show' user.admin_user_edit '/admin/user/edit/:id', :action => 'edit' - user.admin_user_show '/admin/user/show_bounce_message/:id', :action => 'show_bounce_message' + user.admin_user_show_bounce '/admin/user/show_bounce_message/:id', :action => 'show_bounce_message' user.admin_user_update '/admin/user/update/:id', :action => 'update' user.admin_user_clear_bounce '/admin/user/clear_bounce/:id', :action => 'clear_bounce' user.admin_user_destroy_track '/admin/user/destroy_track', :action => 'destroy_track' @@ -237,16 +237,16 @@ ActionController::Routing::Routes.draw do |map| rule.admin_rule_update '/admin/censor/update/:id', :action => 'update' rule.admin_rule_destroy '/admin/censor/destroy/:censor_rule_id', :action => 'destroy' end - + map.with_options :controller => 'api' do |api| api.api_create_request '/api/v2/request.json', :action => 'create_request', :conditions => { :method => :post } - + api.api_show_request '/api/v2/request/:id.json', :action => 'show_request', :conditions => { :method => :get } api.api_add_correspondence '/api/v2/request/:id.json', :action => 'add_correspondence', :conditions => { :method => :post } - + api.api_body_request_events '/api/v2/body/:id/request_events.:feed_type', :action => 'body_request_events', :feed_type => '^(json|atom)$' end - + map.filter('conditionallyprependlocale') # Allow downloading Web Service WSDL as a file with an extension diff --git a/config/test.yml b/config/test.yml index ef270dcf2..f40b11764 100644 --- a/config/test.yml +++ b/config/test.yml @@ -71,15 +71,6 @@ CONTACT_NAME: 'Alaveteli Webmaster' # this up! RAW_EMAILS_LOCATION: 'files/raw_emails' -# The base URL for admin pages. You probably don't want to change this. -ADMIN_BASE_URL: '' - -# Where /stylesheets sits under for admin pages. See asset_host in -# config/environment.rb. Can be full domain or relative path (not an -# absolute path beginning with /). Again, unlikely to want to change -# this. -ADMIN_PUBLIC_URL: '' - # Secret key for signing cookie_store sessions COOKIE_STORE_SESSION_SECRET: 'your secret key here, make it long and random' diff --git a/config/varnish-alaveteli.vcl b/config/varnish-alaveteli.vcl index 77350a8c8..5dd0ac83c 100644 --- a/config/varnish-alaveteli.vcl +++ b/config/varnish-alaveteli.vcl @@ -115,3 +115,43 @@ sub vcl_fetch { } } +# We need to separately cache requests originating via http and via https +# since we are serving very slightly different content in each case + +# Varnish 2.x version of vcl_hash +#sub vcl_hash { +# set req.hash += req.url; +# if (req.http.host) { +# set req.hash += req.http.host; +# } else { +# set req.hash += server.ip; +# } +# +# # Include the X-Forward-Proto header, since we want to treat HTTPS +# # requests differently, and make sure this header is always passed +# # properly to the backend server. +# if (req.http.X-Forwarded-Proto) { +# set req.hash += req.http.X-Forwarded-Proto; +# } +# +# return (hash); +#} + +# Varnish 3 version of vcl_hash +sub vcl_hash { + hash_data(req.url); + if (req.http.host) { + hash_data(req.http.host); + } else { + hash_data(server.ip); + } + + # Include the X-Forward-Proto header, since we want to treat HTTPS + # requests differently, and make sure this header is always passed + # properly to the backend server. + if (req.http.X-Forwarded-Proto) { + hash_data(req.http.X-Forwarded-Proto); + } + + return (hash); +} |