Add environment "staging"

config/application.rb

@@ -14,7 +14,7 @@ require 'action_view/railtie'
 require 'sprockets/railtie'
 
 # Require the gems listed in Gemfile, including any gems
-# you've limited to :test, :development, or :production.
+# you've limited to :test, :development, :staging, or :production.
 Bundler.require(*Rails.groups)
 
 require 'csv'

config/database.yml

@@ -21,6 +21,14 @@ test: &test
 cucumber:
   <<: *test
 
+staging:
+  <<: *default
+  host: 'private-db-postgresql-ams3-63609-do-user-4455684-0.db.ondigitalocean.com'
+  port: 25060
+  database: 'partynest_staging'
+  username: 'doadmin'
+  password: <%= Rails.application.credentials.postgres_password %>
+
 production:
   <<: *default
   host: 'private-db-postgresql-ams3-63609-do-user-4455684-0.db.ondigitalocean.com'

config/deploy/staging.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+server 'delta.libertarian-party.com',
+       roles: %w[rvm web app db shell]

config/environments/staging.rb

@@ -0,0 +1,123 @@
+# frozen_string_literal: true
+
+Rails.application.configure do
+  # Settings specified here will take precedence over those
+  # in config/application.rb.
+
+  # Code is not reloaded between requests.
+  config.cache_classes = true
+
+  # Eager load code on boot. This eager loads most of Rails and
+  # your application in memory, allowing both threaded web servers
+  # and those relying on copy on write to perform better.
+  # Rake tasks automatically ignore this option for performance.
+  config.eager_load = true
+
+  # Full error reports are disabled and caching is turned on.
+  config.consider_all_requests_local       = false
+  config.action_controller.perform_caching = true
+
+  # Ensures that a master key has been made available in either
+  # ENV["RAILS_MASTER_KEY"] or in config/master.key. This key is used
+  # to decrypt credentials (and other encrypted files).
+  # config.require_master_key = true
+
+  # Disable serving static files from the `/public` folder by default since
+  # Apache or NGINX already handles this.
+  config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
+
+  # Compress JavaScripts and CSS.
+  config.assets.js_compressor = :uglifier
+  # config.assets.css_compressor = :sass
+
+  # Do not fallback to assets pipeline if a precompiled asset is missed.
+  config.assets.compile = false
+
+  # `config.assets.precompile` and `config.assets.version` have moved
+  # to config/initializers/assets.rb
+
+  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+  # config.action_controller.asset_host = 'http://assets.example.com'
+
+  # Specifies the header that your server uses for sending files.
+  # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
+  # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
+
+  # Store uploaded files on the local file system
+  # (see config/storage.yml for options).
+  config.active_storage.service = :amazon
+
+  # Force all access to the app over SSL, use Strict-Transport-Security,
+  # and use secure cookies.
+  config.force_ssl = true
+
+  # Configure SSL.
+  config.ssl_options = {
+    secure_cookies: true,
+    hsts: {
+      expires: 1.year,
+      subdomains: true,
+      preload: true,
+    },
+  }
+
+  # Use the lowest log level to ensure availability of diagnostic information
+  # when problems arise.
+  config.log_level = :info
+
+  # Prepend all log lines with the following tags.
+  config.log_tags = [:request_id]
+
+  # Use a different cache store in staging.
+  cache_conf = Rails.application.settings :cache_store
+  config.cache_store = :redis_cache_store, {
+    host: cache_conf[:host],
+    port: cache_conf[:port],
+    db: cache_conf[:db],
+    password: cache_conf[:password],
+    ssl: cache_conf[:ssl],
+    ssl_params: cache_conf[:ssl_params],
+  }
+
+  # Use a real queuing backend for Active Job
+  # (and separate queues per environment).
+  # config.active_job.queue_adapter     = :resque
+  # config.active_job.queue_name_prefix = "partynest_#{Rails.env}"
+
+  # Send mail with SMTP.
+  config.action_mailer.delivery_method = :smtp
+  config.action_mailer.perform_deliveries = true
+  config.action_mailer.raise_delivery_errors = true
+  config.action_mailer.perform_caching = false
+
+  config.action_mailer.default_url_options = {
+    host: Rails.application.settings(:identity)[:site_domain],
+  }
+
+  # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+  # the I18n.default_locale when a translation cannot be found).
+  config.i18n.fallbacks = true
+
+  # Send deprecation notices to registered listeners.
+  config.active_support.deprecation = :notify
+
+  # Use default logging formatter so that PID and timestamp are not suppressed.
+  config.log_formatter = ::Logger::Formatter.new
+
+  # Use a different logger for distributed setups.
+  # require 'syslog/logger'
+  # config.logger =
+  #   ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name')
+
+  if ENV['RAILS_LOG_TO_STDOUT'].present?
+    logger           = ActiveSupport::Logger.new(STDOUT)
+    logger.formatter = config.log_formatter
+    config.logger    = ActiveSupport::TaggedLogging.new(logger)
+  end
+
+  # Do not dump schema after migrations.
+  config.active_record.dump_schema_after_migration = false
+
+  # Middleware.
+  config.middleware.use Rack::Attack
+end

config/initializers/raven.rb

@@ -6,7 +6,7 @@ Raven.configure do |config|
   config.async = RavenJob.method :perform_later
   config.current_environment = Rails.env
   config.dsn = Rails.application.credentials.raven_dsn
-  config.environments = %w[production]
+  config.environments = %w[production staging]
   config.excluded_exceptions = %w[
     AbstractController::ActionNotFound
     ActionController::InvalidAuthenticityToken

config/settings/cache_store.yml

@@ -4,6 +4,16 @@ default:
   db:       <%= ENV.fetch('RAILS_CACHE_REDIS_DB')       { 1           } %>
   password: <%= ENV.fetch('RAILS_CACHE_REDIS_PASSWORD') { 'password'  } %>
 
+staging:
+  host:     'private-db-redis-ams3-76837-do-user-4455684-0.db.ondigitalocean.com'
+  port:     25061
+  password: <%= Rails.application.credentials.rails_cache_redis_password %>
+  db:       11
+  ssl:      true
+  ssl_params:
+    verify_mode: <%= OpenSSL::SSL::VERIFY_NONE %>
+    ca_file:     <%= Rails.root.join 'config', 'certs', 'redis.crt' %>
+
 production:
   host:     'private-db-redis-ams3-76837-do-user-4455684-0.db.ondigitalocean.com'
   port:     25061

config/settings/devise.yml

@@ -1,5 +1,5 @@
 default: &default
-  mailer_sender: 'Libertarian party of Russia <no-reply@libertarian-party.com>'
+  mailer_sender: 'Libertarian party of Russia <no-reply@stg.libertarian-party.com>'
 
 development:
   <<: *default
@@ -15,6 +15,13 @@ test:
   github_id:     a70df81e860ff2c3ceb0
   github_secret: bbea64bbf666361e50ca96bbf596cb9d122eff1c
 
+staging:
+  <<: *default
+  secret_key:    33f993a85e852b7b2cff7367d2599952ff7b564c2820377a5b97f7db8df965a20953a928ed452b09bdd365b7bbab94b8d2dae07026bcd6afeb7c7f72dcc316cd
+  pepper:        cdaa6324cc384ad55e9e6be481e25c93fc1cb3cde1057c50bb8ad7fc0e39f133ee576148f4a3277b443fac01d1d7c4f9bfd5027f0bfc3e1468db02bf081a02d2
+  github_id:     4a9dc06681e485b406de
+  github_secret: 3f851c5a870ede307ea48a25d94e9e5d0a9d30e4
+
 production:
   <<: *default
   secret_key:    <%= Rails.application.credentials.devise_secret_key %>

config/settings/identity.yml

@@ -13,5 +13,12 @@ development:
 test:
   <<: *default
 
+staging:
+  site_domain: 'stg.libertarian-party.com'
+
+  noreply_email_address: 'no-reply@stg.libertarian-party.com'
+  noreply_email_contact: >-
+    Libertarian party of Russia <no-reply@stg.libertarian-party.com>
+
 production:
   <<: *default

config/settings/recaptcha.yml

@@ -5,5 +5,8 @@ default: &default
 development:
   <<: *default
 
+staging:
+  <<: *default
+
 production:
   <<: *default

config/settings/sidekiq_client.yml

@@ -11,6 +11,16 @@ test:
   <<: *default
   db: <%= ENV.fetch('SIDEKIQ_CLIENT_REDIS_DB') { 15 } %>
 
+staging:
+  host:     'private-db-redis-ams3-76837-do-user-4455684-0.db.ondigitalocean.com'
+  port:     25061
+  password: <%= Rails.application.credentials.sidekiq_client_redis_password %>
+  db:       10
+  ssl:      true
+  ssl_params:
+    verify_mode: <%= OpenSSL::SSL::VERIFY_NONE %>
+    ca_file:     <%= Rails.root.join 'config', 'certs', 'redis.crt' %>
+
 production:
   host:     'private-db-redis-ams3-76837-do-user-4455684-0.db.ondigitalocean.com'
   port:     25061

config/settings/sidekiq_server.yml

@@ -11,6 +11,16 @@ test:
   <<: *default
   db: <%= ENV.fetch('SIDEKIQ_SERVER_REDIS_DB') { 15 } %>
 
+staging:
+  host:     'private-db-redis-ams3-76837-do-user-4455684-0.db.ondigitalocean.com'
+  port:     25061
+  password: <%= Rails.application.credentials.sidekiq_server_redis_password %>
+  db:       10
+  ssl:      true
+  ssl_params:
+    verify_mode: <%= OpenSSL::SSL::VERIFY_NONE %>
+    ca_file:     <%= Rails.root.join 'config', 'certs', 'redis.crt' %>
+
 production:
   host:     'private-db-redis-ams3-76837-do-user-4455684-0.db.ondigitalocean.com'
   port:     25061

config/settings/smtp.yml

@@ -1,3 +1,13 @@
+staging:
+  address: smtp.sendgrid.net
+  port: 587
+  domain: stg.libertarian-party.com
+  user_name: apikey
+  password: <%= Rails.application.credentials.sendgrid_api_key %>
+  authentication: plain
+  enable_starttls_auto: true
+  openssl_verify_mode: none
+
 production:
   address: smtp.sendgrid.net
   port: 587

config/settings/superuser.yml

@@ -5,6 +5,13 @@ development:
   public_name: Just Admin
   biography:   I am creator of the website you read this text on.
 
+staging:
+  email:       admin@example.com
+  password:    password
+  nickname:    admin
+  public_name: Just Admin
+  biography:   I am creator of the website you read this text on.
+
 production:
   email:       <%= Rails.application.credentials.superuser_email %>
   password:    <%= Rails.application.credentials.superuser_password %>

spec/rails_helper.rb

@@ -6,9 +6,9 @@ require 'spec_helper'
 ENV['RAILS_ENV'] ||= 'test'
 require File.expand_path('../config/environment', __dir__)
 
-# Prevent database truncation if the environment is production
-if Rails.env.production?
-  abort 'The Rails environment is running in production mode!'
+# Prevent database truncation if the environment is production or staging
+if Rails.env.production? || Rails.env.staging?
+  abort 'The Rails environment is running in production or staging mode!'
 end
 
 require 'rspec/rails'