The FORCE_SSL env variable can make the app secure.
The app is secure by default, if FORCE_SSL is not set. This toggles the force_ssl rails flag, which among other things makes TLS mandatory, marks cookies as secure-only and enables HSTS. Generally...
View ArticleUse FORCE_SECURE env var instead of FORCE_SSL to force secure behavior
It not only forces the use of SSL but also HSTS and secure cookies.
View ArticleCorrectly use the FORCE_SECURE env variable
Env vars are strings, not booleans. Convert to boolean before actually using the value in code.
View ArticleControl log level in production with the FEEDBUNCH_LOG_LEVEL env var
It takes the value "warn" by default.
View ArticleMake SMTP port and authentication method parametrizable.
These are used to connect to an SMTP server to when sending emails. They can be set via values in secrets.yml file.
View ArticleRemoved facebook app ID from secrets.
Sharing entries in facebook has not worked for a long, long while.
View ArticleMake uploads behavior parametrizable via env variables
- UPLOADS_LOCATION: "local" means use a local uploads folder, "s3" means use an AWS S3 bucket. - new secret to configure AWS region to use, in case S3 is used for uploads. - if S3 is used for uploads,...
View ArticleUse a single sidekiq server initialization block
FeedBunch was making two calls to Sidekiq.configure_server : one to initialize the redis connection pool and a second one to create default scheduled jobs. There is a possibility that this was causing...
View ArticleAdded script to create users non-interactively.
It can be invoked with "rails runner" to e.g. populate the initial admin user in a new installation.
View ArticleDisable confirmation email for users created non-interactively
Use the correct Devise method (.skip_confirmation!, part of the Confirmable module for Devise) instead of hackishly trying to disable ActiveMailer sending emails.
View ArticleParametrize the base url in links inside emails sent by the app
The EMAIL_LINKS_URL environment variable controls this base url. It takes the value "https://www.feedbunch.com" if the env var is not set.
View ArticleEnabling or disabling the demo user is controlled by an env var
The DEMO_USER_ENABLED environment variable controls whether the demo user is enabled or not. Enabled by default.
View ArticleRender the demo user popup only if demo user is enabled.
This should fix an error displaying some pages when demo user is disabled
View ArticleMake the admin email parametrizable.
It can be set with the ADMIN_EMAIL environment variable, it takes the value 'admin@feedbunch.com' by default. This email is used when sending certain emails from the app, like OPML import/export...
View ArticlePublic signups can be enabled/disabled with the SIGNUPS_ENABLED env var
Signups are enabled by default.
View ArticleRemoved the host blacklist from the default installation.
The capability to add blacklisted domains and keep users from subscribing to feeds in those domains is still implemented, but the domain blacklist itself is emtpy in the default installation. Also...
View Article