From 922837dc96154b0455a4cf660c3f8369c65aacb4 Mon Sep 17 00:00:00 2001 From: Jean byroot Boussier Date: Sat, 4 Mar 2023 16:38:28 +0100 Subject: Upgrade to latest redis-rb 4.x and fix deprecations (#23616) Co-authored-by: Jean Boussier --- config/environments/development.rb | 2 ++ 1 file changed, 2 insertions(+) (limited to 'config/environments/development.rb') diff --git a/config/environments/development.rb b/config/environments/development.rb index de8762ff7..29b17a350 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -87,6 +87,8 @@ Rails.application.configure do config.x.otp_secret = ENV.fetch('OTP_SECRET', '1fc2b87989afa6351912abeebe31ffc5c476ead9bf8b3d74cbc4a302c7b69a45b40b1bbef3506ddad73e942e15ed5ca4b402bf9a66423626051104f4b5f05109') end +Redis.raise_deprecations = true + ActiveRecordQueryTrace.enabled = ENV['QUERY_TRACE_ENABLED'] == 'true' module PrivateAddressCheck -- cgit From 6fa81ca17e50c2f66a4357fc6866b33b7a606b42 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Thu, 16 Mar 2023 02:53:55 +0100 Subject: Remove `bullet` and `active_record_query_trace` gems (#24121) --- Gemfile | 2 -- Gemfile.lock | 7 ------- config/environments/development.rb | 20 ++++++-------------- 3 files changed, 6 insertions(+), 23 deletions(-) (limited to 'config/environments/development.rb') diff --git a/Gemfile b/Gemfile index cc039d7e0..e5353a08c 100644 --- a/Gemfile +++ b/Gemfile @@ -129,11 +129,9 @@ group :test do end group :development do - gem 'active_record_query_trace', '~> 1.8' gem 'annotate', '~> 3.2' gem 'better_errors', '~> 2.9' gem 'binding_of_caller', '~> 1.0' - gem 'bullet', '~> 7.0' gem 'letter_opener', '~> 1.8' gem 'letter_opener_web', '~> 2.0' gem 'memory_profiler' diff --git a/Gemfile.lock b/Gemfile.lock index 151eba150..c7e1d1750 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -73,7 +73,6 @@ GEM activemodel (>= 4.1, < 7.1) case_transform (>= 0.2) jsonapi-renderer (>= 0.1.1.beta1, < 0.3) - active_record_query_trace (1.8) activejob (6.1.7.3) activesupport (= 6.1.7.3) globalid (>= 0.3.6) @@ -149,9 +148,6 @@ GEM concurrent-ruby (~> 1.0, >= 1.0.5) redis (>= 1.0, < 6) builder (3.2.4) - bullet (7.0.7) - activesupport (>= 3.0.0) - uniform_notifier (~> 1.11) bundler-audit (0.9.1) bundler (>= 1.2.0, < 3) thor (~> 1.0) @@ -727,7 +723,6 @@ GEM unf_ext unf_ext (0.0.8.2) unicode-display_width (2.4.2) - uniform_notifier (1.16.0) uri (0.12.0) validate_email (0.1.6) activemodel (>= 3.0) @@ -772,7 +767,6 @@ PLATFORMS DEPENDENCIES active_model_serializers (~> 0.10) - active_record_query_trace (~> 1.8) addressable (~> 2.8) annotate (~> 3.2) aws-sdk-s3 (~> 1.119) @@ -782,7 +776,6 @@ DEPENDENCIES bootsnap (~> 1.16.0) brakeman (~> 5.4) browser - bullet (~> 7.0) bundler-audit (~> 0.9) capistrano (~> 3.17) capistrano-rails (~> 1.6) diff --git a/config/environments/development.rb b/config/environments/development.rb index 29b17a350..f5f6cbed8 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -24,7 +24,6 @@ Rails.application.configure do } else config.action_controller.perform_caching = false - config.cache_store = :null_store end @@ -34,9 +33,10 @@ Rails.application.configure do end # Generate random VAPID keys - vapid_key = Webpush.generate_key - config.x.vapid_private_key = vapid_key.private_key - config.x.vapid_public_key = vapid_key.public_key + Webpush.generate_key.tap do |vapid_key| + config.x.vapid_private_key = vapid_key.private_key + config.x.vapid_public_key = vapid_key.public_key + end # Don't care if the mailer can't send. config.action_mailer.raise_delivery_errors = false @@ -76,21 +76,13 @@ Rails.application.configure do # Otherwise, use letter_opener, which launches a browser window to view sent mail. config.action_mailer.delivery_method = (ENV['HEROKU'] || ENV['VAGRANT'] || ENV['REMOTE_DEV']) ? :letter_opener_web : :letter_opener - config.after_initialize do - Bullet.enable = true - Bullet.bullet_logger = true - Bullet.rails_logger = false - - Bullet.add_safelist type: :n_plus_one_query, class_name: 'User', association: :account - end - + # We provide a default secret for the development environment here. + # This value should not be used in production environments! config.x.otp_secret = ENV.fetch('OTP_SECRET', '1fc2b87989afa6351912abeebe31ffc5c476ead9bf8b3d74cbc4a302c7b69a45b40b1bbef3506ddad73e942e15ed5ca4b402bf9a66423626051104f4b5f05109') end Redis.raise_deprecations = true -ActiveRecordQueryTrace.enabled = ENV['QUERY_TRACE_ENABLED'] == 'true' - module PrivateAddressCheck def self.private_address?(*) false -- cgit From f0e727f958cd9428b2c56a3c6a65bbbf176bfa0d Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Thu, 16 Mar 2023 02:55:54 +0100 Subject: Add cache headers to static files served through Rails (#24120) --- config/application.rb | 5 +++++ config/environments/development.rb | 5 ----- config/environments/production.rb | 12 +--------- config/environments/test.rb | 5 ----- lib/public_file_server_middleware.rb | 43 ++++++++++++++++++++++++++++++++++++ 5 files changed, 49 insertions(+), 21 deletions(-) create mode 100644 lib/public_file_server_middleware.rb (limited to 'config/environments/development.rb') diff --git a/config/application.rb b/config/application.rb index c51eacd68..43631c551 100644 --- a/config/application.rb +++ b/config/application.rb @@ -35,6 +35,7 @@ require_relative '../lib/terrapin/multi_pipe_extensions' require_relative '../lib/mastodon/snowflake' require_relative '../lib/mastodon/version' require_relative '../lib/mastodon/rack_middleware' +require_relative '../lib/public_file_server_middleware' require_relative '../lib/devise/two_factor_ldap_authenticatable' require_relative '../lib/devise/two_factor_pam_authenticatable' require_relative '../lib/chewy/strategy/mastodon' @@ -181,6 +182,10 @@ module Mastodon config.active_job.queue_adapter = :sidekiq config.action_mailer.deliver_later_queue_name = 'mailers' + # We use our own middleware for this + config.public_file_server.enabled = false + + config.middleware.use PublicFileServerMiddleware if Rails.env.development? || ENV['RAILS_SERVE_STATIC_FILES'] == 'true' config.middleware.use Rack::Attack config.middleware.use Mastodon::RackMiddleware diff --git a/config/environments/development.rb b/config/environments/development.rb index f5f6cbed8..32c5cce8b 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -16,12 +16,7 @@ Rails.application.configure do # Run rails dev:cache to toggle caching. if Rails.root.join('tmp/caching-dev.txt').exist? config.action_controller.perform_caching = true - config.cache_store = :redis_cache_store, REDIS_CACHE_PARAMS - - config.public_file_server.headers = { - 'Cache-Control' => "public, max-age=#{2.days.to_i}", - } else config.action_controller.perform_caching = false config.cache_store = :null_store diff --git a/config/environments/production.rb b/config/environments/production.rb index b8536c53a..00d783477 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -19,24 +19,14 @@ Rails.application.configure do # or in config/master.key. This key is used to decrypt credentials (and other encrypted files). # config.require_master_key = true - # Disable serving static files from the `/public` folder by default since - # Apache or NGINX already handles this. - config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? - ActiveSupport::Logger.new(STDOUT).tap do |logger| logger.formatter = config.log_formatter config.logger = ActiveSupport::TaggedLogging.new(logger) end - # Compress JavaScripts and CSS. - # config.assets.js_compressor = Uglifier.new(mangle: false) - # config.assets.css_compressor = :sass - # Do not fallback to assets pipeline if a precompiled asset is missed. config.assets.compile = false - # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb - # Specifies the header that your server uses for sending files. config.action_dispatch.x_sendfile_header = ENV['SENDFILE_HEADER'] if ENV['SENDFILE_HEADER'].present? @@ -66,7 +56,7 @@ Rails.application.configure do # Enable locale fallbacks for I18n (makes lookups for any locale fall back to # English when a translation cannot be found). - config.i18n.fallbacks = [:en] + config.i18n.fallbacks = true # Send deprecation notices to registered listeners. config.active_support.deprecation = :notify diff --git a/config/environments/test.rb b/config/environments/test.rb index 9cbf31e8d..1328e155a 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -12,11 +12,6 @@ Rails.application.configure do # preloads Rails for running tests, you may have to set it to true. config.eager_load = false - # Configure public file server for tests with Cache-Control for performance. - config.public_file_server.enabled = true - config.public_file_server.headers = { - 'Cache-Control' => "public, max-age=#{1.hour.to_i}" - } config.assets.digest = false # Show full error reports and disable caching. diff --git a/lib/public_file_server_middleware.rb b/lib/public_file_server_middleware.rb new file mode 100644 index 000000000..3799230a2 --- /dev/null +++ b/lib/public_file_server_middleware.rb @@ -0,0 +1,43 @@ +# frozen_string_literal: true + +require 'action_dispatch/middleware/static' + +class PublicFileServerMiddleware + SERVICE_WORKER_TTL = 7.days.to_i + CACHE_TTL = 28.days.to_i + + def initialize(app) + @app = app + @file_handler = ActionDispatch::FileHandler.new(Rails.application.paths['public'].first) + end + + def call(env) + file = @file_handler.attempt(env) + + # If the request is not a static file, move on! + return @app.call(env) if file.nil? + + status, headers, response = file + + # Set cache headers on static files. Some paths require different cache headers + headers['Cache-Control'] = begin + request_path = env['REQUEST_PATH'] + + if request_path.start_with?('/sw.js') + "public, max-age=#{SERVICE_WORKER_TTL}, must-revalidate" + elsif request_path.start_with?(paperclip_root_url) + "public, max-age=#{CACHE_TTL}, immutable" + else + "public, max-age=#{CACHE_TTL}, must-revalidate" + end + end + + [status, headers, response] + end + + private + + def paperclip_root_url + ENV.fetch('PAPERCLIP_ROOT_URL', '/system') + end +end -- cgit From 630436ab2d84b5ed2334ad510cb9ad6253050ae5 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Thu, 16 Mar 2023 04:33:38 +0100 Subject: Refactor monkey-patching of `PrivateAddressCheck` (#24122) --- app/lib/request.rb | 4 +++- config/environments/development.rb | 6 ------ 2 files changed, 3 insertions(+), 7 deletions(-) (limited to 'config/environments/development.rb') diff --git a/app/lib/request.rb b/app/lib/request.rb index 85716f999..4bde6fc91 100644 --- a/app/lib/request.rb +++ b/app/lib/request.rb @@ -273,7 +273,9 @@ class Request def check_private_address(address, host) addr = IPAddr.new(address.to_s) - return if private_address_exceptions.any? { |range| range.include?(addr) } + + return if Rails.env.development? || private_address_exceptions.any? { |range| range.include?(addr) } + raise Mastodon::PrivateNetworkAddressError, host if PrivateAddressCheck.private_address?(addr) end diff --git a/config/environments/development.rb b/config/environments/development.rb index 32c5cce8b..a633dfce5 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -77,9 +77,3 @@ Rails.application.configure do end Redis.raise_deprecations = true - -module PrivateAddressCheck - def self.private_address?(*) - false - end -end -- cgit