diff --git a/internal/serv/init.go b/internal/serv/init.go index 7d8eecd..ef2abc8 100644 --- a/internal/serv/init.go +++ b/internal/serv/init.go @@ -114,7 +114,7 @@ func initConf() (*Config, error) { return c, nil } -func initDB(c *Config, useDB bool, useTelemetry bool) (*sql.DB, error) { +func initDB(c *Config, useDB, useTelemetry bool) (*sql.DB, error) { var db *sql.DB var err error diff --git a/internal/serv/rice-box.go b/internal/serv/rice-box.go index 4b7aac9..4f83e68 100644 --- a/internal/serv/rice-box.go +++ b/internal/serv/rice-box.go @@ -30,9 +30,9 @@ func init() { } file5 := &embedded.EmbeddedFile{ Filename: "dev.yml", - FileModTime: time.Unix(1587739518, 0), + FileModTime: time.Unix(1590248169, 0), - Content: string("app_name: \"{% app_name %} Development\"\nhost_port: 0.0.0.0:8080\nweb_ui: true\n\n# debug, error, warn, info\nlog_level: \"info\"\n\n# enable or disable http compression (uses gzip)\nhttp_compress: true\n\n# When production mode is 'true' only queries \n# from the allow list are permitted.\n# When it's 'false' all queries are saved to the\n# the allow list in ./config/allow.list\nproduction: false\n\n# Throw a 401 on auth failure for queries that need auth\nauth_fail_block: false\n\n# Latency tracing for database queries and remote joins\n# the resulting latency information is returned with the\n# response\nenable_tracing: true\n\n# Watch the config folder and reload Super Graph\n# with the new configs when a change is detected\nreload_on_config_change: true\n\n# File that points to the database seeding script\n# seed_file: seed.js\n\n# Path pointing to where the migrations can be found\n# this must be a relative path under the config path\nmigrations_path: ./migrations\n\n# Secret key for general encryption operations like \n# encrypting the cursor data\nsecret_key: supercalifajalistics\n\n# CORS: A list of origins a cross-domain request can be executed from. \n# If the special * value is present in the list, all origins will be allowed. \n# An origin may contain a wildcard (*) to replace 0 or more \n# characters (i.e.: http://*.domain.com).\ncors_allowed_origins: [\"*\"]\n\n# Debug Cross Origin Resource Sharing requests\ncors_debug: false\n\n# Default API path prefix is /api you can change it if you like\n# api_path: \"/data\"\n\n# Cache-Control header can help cache queries if your CDN supports cache-control \n# on POST requests (does not work with not mutations) \n# cache_control: \"public, max-age=300, s-maxage=600\"\n\n# Postgres related environment Variables\n# SG_DATABASE_HOST\n# SG_DATABASE_PORT\n# SG_DATABASE_USER\n# SG_DATABASE_PASSWORD\n\n# Auth related environment Variables\n# SG_AUTH_RAILS_COOKIE_SECRET_KEY_BASE\n# SG_AUTH_RAILS_REDIS_URL\n# SG_AUTH_RAILS_REDIS_PASSWORD\n# SG_AUTH_JWT_PUBLIC_KEY_FILE\n\n# inflections:\n# person: people\n# sheep: sheep\n\nauth:\n # Can be 'rails', 'jwt' or 'header'\n type: rails\n cookie: _{% app_name_slug %}_session\n\n # Comment this out if you want to disable setting\n # the user_id via a header for testing. \n # Disable in production\n creds_in_header: true\n\n rails:\n # Rails version this is used for reading the\n # various cookies formats.\n version: 5.2\n\n # Found in 'Rails.application.config.secret_key_base'\n secret_key_base: 0a248500a64c01184edb4d7ad3a805488f8097ac761b76aaa6c17c01dcb7af03a2f18ba61b2868134b9c7b79a122bc0dadff4367414a2d173297bfea92be5566\n\n # Remote cookie store. (memcache or redis)\n # url: redis://redis:6379\n # password: \"\"\n # max_idle: 80\n # max_active: 12000\n\n # In most cases you don't need these\n # salt: \"encrypted cookie\"\n # sign_salt: \"signed encrypted cookie\"\n # auth_salt: \"authenticated encrypted cookie\"\n\n # jwt:\n # provider: auth0\n # secret: abc335bfcfdb04e50db5bb0a4d67ab9\n # public_key_file: /secrets/public_key.pem\n # public_key_type: ecdsa #rsa\n\n # header:\n # name: dnt\n # exists: true\n # value: localhost:8080\n\n# You can add additional named auths to use with actions\n# In this example actions using this auth can only be\n# called from the Google Appengine Cron service that\n# sets a special header to all it's requests\nauths:\n - name: from_taskqueue\n type: header\n header:\n name: X-Appengine-Cron\n exists: true\n\ndatabase:\n type: postgres\n host: db\n port: 5432\n dbname: {% app_name_slug %}_development\n user: postgres\n password: postgres\n\n #schema: \"public\"\n #pool_size: 10\n #max_retries: 0\n #log_level: \"debug\"\n\n # Set session variable \"user.id\" to the user id\n # Enable this if you need the user id in triggers, etc\n set_user_id: false\n\n # database ping timeout is used for db health checking\n ping_timeout: 1m\n\n # Set up an secure tls encrypted db connection\n enable_tls: false\n\n # Required for tls. For example with Google Cloud SQL it's\n # :\"\n # server_name: blah\n\n # Required for tls. Can be a file path or the contents of the pem file\n # server_cert: ./server-ca.pem\n\n # Required for tls. Can be a file path or the contents of the pem file\n # client_cert: ./client-cert.pem\n\n # Required for tls. Can be a file path or the contents of the pem file\n # client_key: ./client-key.pem\n\n# Define additional variables here to be used with filters\nvariables:\n #admin_account_id: \"5\"\n admin_account_id: \"sql:select id from users where admin = true limit 1\"\n\n\n# Field and table names that you wish to block\nblocklist:\n - ar_internal_metadata\n - schema_migrations\n - secret\n - password\n - encrypted\n - token\n\n# Create custom actions with their own api endpoints\n# For example the below action will be available at /api/v1/actions/refresh_leaderboard_users\n# A request to this url will execute the configured SQL query\n# which in this case refreshes a materialized view in the database.\n# The auth_name is from one of the configured auths\nactions:\n - name: refresh_leaderboard_users\n sql: REFRESH MATERIALIZED VIEW CONCURRENTLY \"leaderboard_users\"\n auth_name: from_taskqueue\n\ntables:\n - name: customers\n remotes:\n - name: payments\n id: stripe_id\n url: http://rails_app:3000/stripe/$id\n path: data\n # debug: true\n pass_headers: \n - cookie\n set_headers:\n - name: Host\n value: 0.0.0.0\n # - name: Authorization\n # value: Bearer \n\n - # You can create new fields that have a\n # real db table backing them\n name: me\n table: users\n\n\n#roles_query: \"SELECT\u00a0* FROM users WHERE id = $user_id\"\n\nroles:\n - name: anon\n tables:\n - name: users\n query:\n limit: 10\n\n - name: user\n tables:\n - name: users\n query:\n filters: [\"{ id: { _eq: $user_id } }\"]\n\n - name: products\n query:\n limit: 50\n filters: [\"{ user_id: { eq: $user_id } }\"]\n disable_functions: false\n\n insert:\n filters: [\"{ user_id: { eq: $user_id } }\"]\n presets:\n - user_id: \"$user_id\"\n - created_at: \"now\"\n \n update:\n filters: [\"{ user_id: { eq: $user_id } }\"]\n presets:\n - updated_at: \"now\"\n\n delete:\n block: true\n\n # - name: admin\n # match: id = 1000\n # tables:\n # - name: users\n # filters: []\n"), + Content: string("app_name: \"{% app_name %} Development\"\nhost_port: 0.0.0.0:8080\nweb_ui: true\n\n# debug, error, warn, info\nlog_level: \"info\"\n\n# enable or disable http compression (uses gzip)\nhttp_compress: true\n\n# When production mode is 'true' only queries \n# from the allow list are permitted.\n# When it's 'false' all queries are saved to the\n# the allow list in ./config/allow.list\nproduction: false\n\n# Throw a 401 on auth failure for queries that need auth\nauth_fail_block: false\n\n# Latency tracing for database queries and remote joins\n# the resulting latency information is returned with the\n# response\nenable_tracing: true\n\n# Watch the config folder and reload Super Graph\n# with the new configs when a change is detected\nreload_on_config_change: true\n\n# File that points to the database seeding script\n# seed_file: seed.js\n\n# Path pointing to where the migrations can be found\n# this must be a relative path under the config path\nmigrations_path: ./migrations\n\n# Secret key for general encryption operations like \n# encrypting the cursor data\nsecret_key: supercalifajalistics\n\n# CORS: A list of origins a cross-domain request can be executed from. \n# If the special * value is present in the list, all origins will be allowed. \n# An origin may contain a wildcard (*) to replace 0 or more \n# characters (i.e.: http://*.domain.com).\ncors_allowed_origins: [\"*\"]\n\n# Debug Cross Origin Resource Sharing requests\ncors_debug: false\n\n# Default API path prefix is /api you can change it if you like\n# api_path: \"/data\"\n\n# Cache-Control header can help cache queries if your CDN supports cache-control \n# on POST requests (does not work with not mutations) \n# cache_control: \"public, max-age=300, s-maxage=600\"\n\n# Postgres related environment Variables\n# SG_DATABASE_HOST\n# SG_DATABASE_PORT\n# SG_DATABASE_USER\n# SG_DATABASE_PASSWORD\n\n# Auth related environment Variables\n# SG_AUTH_RAILS_COOKIE_SECRET_KEY_BASE\n# SG_AUTH_RAILS_REDIS_URL\n# SG_AUTH_RAILS_REDIS_PASSWORD\n# SG_AUTH_JWT_PUBLIC_KEY_FILE\n\n# inflections:\n# person: people\n# sheep: sheep\n\n# open opencensus tracing and metrics\n# telemetry:\n# debug: true\n# metrics:\n# exporter: \"prometheus\"\n# tracing:\n# exporter: \"zipkin\"\n# endpoint: \"http://zipkin:9411/api/v2/spans\"\n# sample: 0.6\n\nauth:\n # Can be 'rails', 'jwt' or 'header'\n type: rails\n cookie: _{% app_name_slug %}_session\n\n # Comment this out if you want to disable setting\n # the user_id via a header for testing. \n # Disable in production\n creds_in_header: true\n\n rails:\n # Rails version this is used for reading the\n # various cookies formats.\n version: 5.2\n\n # Found in 'Rails.application.config.secret_key_base'\n secret_key_base: 0a248500a64c01184edb4d7ad3a805488f8097ac761b76aaa6c17c01dcb7af03a2f18ba61b2868134b9c7b79a122bc0dadff4367414a2d173297bfea92be5566\n\n # Remote cookie store. (memcache or redis)\n # url: redis://redis:6379\n # password: \"\"\n # max_idle: 80\n # max_active: 12000\n\n # In most cases you don't need these\n # salt: \"encrypted cookie\"\n # sign_salt: \"signed encrypted cookie\"\n # auth_salt: \"authenticated encrypted cookie\"\n\n # jwt:\n # provider: auth0\n # secret: abc335bfcfdb04e50db5bb0a4d67ab9\n # public_key_file: /secrets/public_key.pem\n # public_key_type: ecdsa #rsa\n\n # header:\n # name: dnt\n # exists: true\n # value: localhost:8080\n\n# You can add additional named auths to use with actions\n# In this example actions using this auth can only be\n# called from the Google Appengine Cron service that\n# sets a special header to all it's requests\nauths:\n - name: from_taskqueue\n type: header\n header:\n name: X-Appengine-Cron\n exists: true\n\ndatabase:\n type: postgres\n host: db\n port: 5432\n dbname: {% app_name_slug %}_development\n user: postgres\n password: postgres\n\n #schema: \"public\"\n #pool_size: 10\n #max_retries: 0\n #log_level: \"debug\"\n\n # Set session variable \"user.id\" to the user id\n # Enable this if you need the user id in triggers, etc\n set_user_id: false\n\n # database ping timeout is used for db health checking\n ping_timeout: 1m\n\n # Set up an secure tls encrypted db connection\n enable_tls: false\n\n # Required for tls. For example with Google Cloud SQL it's\n # :\"\n # server_name: blah\n\n # Required for tls. Can be a file path or the contents of the pem file\n # server_cert: ./server-ca.pem\n\n # Required for tls. Can be a file path or the contents of the pem file\n # client_cert: ./client-cert.pem\n\n # Required for tls. Can be a file path or the contents of the pem file\n # client_key: ./client-key.pem\n\n# Define additional variables here to be used with filters\nvariables:\n #admin_account_id: \"5\"\n admin_account_id: \"sql:select id from users where admin = true limit 1\"\n\n\n# Field and table names that you wish to block\nblocklist:\n - ar_internal_metadata\n - schema_migrations\n - secret\n - password\n - encrypted\n - token\n\n# Create custom actions with their own api endpoints\n# For example the below action will be available at /api/v1/actions/refresh_leaderboard_users\n# A request to this url will execute the configured SQL query\n# which in this case refreshes a materialized view in the database.\n# The auth_name is from one of the configured auths\nactions:\n - name: refresh_leaderboard_users\n sql: REFRESH MATERIALIZED VIEW CONCURRENTLY \"leaderboard_users\"\n auth_name: from_taskqueue\n\ntables:\n - name: customers\n remotes:\n - name: payments\n id: stripe_id\n url: http://rails_app:3000/stripe/$id\n path: data\n # debug: true\n pass_headers: \n - cookie\n set_headers:\n - name: Host\n value: 0.0.0.0\n # - name: Authorization\n # value: Bearer \n\n - # You can create new fields that have a\n # real db table backing them\n name: me\n table: users\n\n\n#roles_query: \"SELECT\u00a0* FROM users WHERE id = $user_id\"\n\nroles:\n - name: anon\n tables:\n - name: users\n query:\n limit: 10\n\n - name: user\n tables:\n - name: users\n query:\n filters: [\"{ id: { _eq: $user_id } }\"]\n\n - name: products\n query:\n limit: 50\n filters: [\"{ user_id: { eq: $user_id } }\"]\n disable_functions: false\n\n insert:\n filters: [\"{ user_id: { eq: $user_id } }\"]\n presets:\n - user_id: \"$user_id\"\n - created_at: \"now\"\n \n update:\n filters: [\"{ user_id: { eq: $user_id } }\"]\n presets:\n - updated_at: \"now\"\n\n delete:\n block: true\n\n # - name: admin\n # match: id = 1000\n # tables:\n # - name: users\n # filters: []\n"), } file6 := &embedded.EmbeddedFile{ Filename: "docker-compose.yml", @@ -42,9 +42,9 @@ func init() { } file7 := &embedded.EmbeddedFile{ Filename: "prod.yml", - FileModTime: time.Unix(1587739523, 0), + FileModTime: time.Unix(1590248179, 0), - Content: string("# Inherit config from this other config file\n# so I only need to overwrite some values\ninherits: dev\n\napp_name: \"{% app_name %} Production\"\nhost_port: 0.0.0.0:8080\nweb_ui: false\n\n# debug, error, warn, info\nlog_level: \"warn\"\n\n# enable or disable http compression (uses gzip)\nhttp_compress: true\n\n# When production mode is 'true' only queries \n# from the allow list are permitted.\n# When it's 'false' all queries are saved to the\n# the allow list in ./config/allow.list\nproduction: true\n\n# Throw a 401 on auth failure for queries that need auth\nauth_fail_block: true\n\n# Latency tracing for database queries and remote joins\n# the resulting latency information is returned with the\n# response\nenable_tracing: false\n\n# Watch the config folder and reload Super Graph\n# with the new configs when a change is detected\nreload_on_config_change: false\n\n# File that points to the database seeding script\n# seed_file: seed.js\n\n# Path pointing to where the migrations can be found\n# migrations_path: ./migrations\n\n# Secret key for general encryption operations like \n# encrypting the cursor data\n# secret_key: supercalifajalistics\n\n# CORS: A list of origins a cross-domain request can be executed from. \n# If the special * value is present in the list, all origins will be allowed. \n# An origin may contain a wildcard (*) to replace 0 or more \n# characters (i.e.: http://*.domain.com).\n# cors_allowed_origins: [\"*\"]\n\n# Debug Cross Origin Resource Sharing requests\n# cors_debug: false\n\n# Default API path prefix is /api you can change it if you like\n# api_path: \"/data\"\n\n# Cache-Control header can help cache queries if your CDN supports cache-control \n# on POST requests (does not work with not mutations) \n# cache_control: \"public, max-age=300, s-maxage=600\"\n\n# Postgres related environment Variables\n# SG_DATABASE_HOST\n# SG_DATABASE_PORT\n# SG_DATABASE_USER\n# SG_DATABASE_PASSWORD\n\n# Auth related environment Variables\n# SG_AUTH_RAILS_COOKIE_SECRET_KEY_BASE\n# SG_AUTH_RAILS_REDIS_URL\n# SG_AUTH_RAILS_REDIS_PASSWORD\n# SG_AUTH_JWT_PUBLIC_KEY_FILE\n\ndatabase:\n type: postgres\n host: db\n port: 5432\n dbname: {% app_name_slug %}_production\n user: postgres\n password: postgres\n #pool_size: 10\n #max_retries: 0\n #log_level: \"debug\" \n\n # Set session variable \"user.id\" to the user id\n # Enable this if you need the user id in triggers, etc\n set_user_id: false\n\n # database ping timeout is used for db health checking\n ping_timeout: 5m\n\n # Set up an secure tls encrypted db connection\n enable_tls: false\n\n # Required for tls. For example with Google Cloud SQL it's\n # :\"\n # server_name: blah\n\n # Required for tls. Can be a file path or the contents of the pem file\n # server_cert: ./server-ca.pem\n\n # Required for tls. Can be a file path or the contents of the pem file\n # client_cert: ./client-cert.pem\n\n # Required for tls. Can be a file path or the contents of the pem file\n # client_key: ./client-key.pem"), + Content: string("# Inherit config from this other config file\n# so I only need to overwrite some values\ninherits: dev\n\napp_name: \"{% app_name %} Production\"\nhost_port: 0.0.0.0:8080\nweb_ui: false\n\n# debug, error, warn, info\nlog_level: \"warn\"\n\n# enable or disable http compression (uses gzip)\nhttp_compress: true\n\n# When production mode is 'true' only queries \n# from the allow list are permitted.\n# When it's 'false' all queries are saved to the\n# the allow list in ./config/allow.list\nproduction: true\n\n# Throw a 401 on auth failure for queries that need auth\nauth_fail_block: true\n\n# Latency tracing for database queries and remote joins\n# the resulting latency information is returned with the\n# response\nenable_tracing: false\n\n# Watch the config folder and reload Super Graph\n# with the new configs when a change is detected\nreload_on_config_change: false\n\n# File that points to the database seeding script\n# seed_file: seed.js\n\n# Path pointing to where the migrations can be found\n# migrations_path: ./migrations\n\n# Secret key for general encryption operations like \n# encrypting the cursor data\n# secret_key: supercalifajalistics\n\n# CORS: A list of origins a cross-domain request can be executed from. \n# If the special * value is present in the list, all origins will be allowed. \n# An origin may contain a wildcard (*) to replace 0 or more \n# characters (i.e.: http://*.domain.com).\n# cors_allowed_origins: [\"*\"]\n\n# Debug Cross Origin Resource Sharing requests\n# cors_debug: false\n\n# Default API path prefix is /api you can change it if you like\n# api_path: \"/data\"\n\n# Cache-Control header can help cache queries if your CDN supports cache-control \n# on POST requests (does not work with not mutations) \n# cache_control: \"public, max-age=300, s-maxage=600\"\n\n# Postgres related environment Variables\n# SG_DATABASE_HOST\n# SG_DATABASE_PORT\n# SG_DATABASE_USER\n# SG_DATABASE_PASSWORD\n\n# Auth related environment Variables\n# SG_AUTH_RAILS_COOKIE_SECRET_KEY_BASE\n# SG_AUTH_RAILS_REDIS_URL\n# SG_AUTH_RAILS_REDIS_PASSWORD\n# SG_AUTH_JWT_PUBLIC_KEY_FILE\n\n# open opencensus tracing and metrics\n# telemetry:\n# debug: false\n# metrics:\n# exporter: \"prometheus\"\n# tracing:\n# exporter: \"zipkin\"\n# endpoint: \"http://zipkin:9411/api/v2/spans\"\n# sample: 0.6\n\ndatabase:\n type: postgres\n host: db\n port: 5432\n dbname: {% app_name_slug %}_production\n user: postgres\n password: postgres\n #pool_size: 10\n #max_retries: 0\n #log_level: \"debug\" \n\n # Set session variable \"user.id\" to the user id\n # Enable this if you need the user id in triggers, etc\n set_user_id: false\n\n # database ping timeout is used for db health checking\n ping_timeout: 5m\n\n # Set up an secure tls encrypted db connection\n enable_tls: false\n\n # Required for tls. For example with Google Cloud SQL it's\n # :\"\n # server_name: blah\n\n # Required for tls. Can be a file path or the contents of the pem file\n # server_cert: ./server-ca.pem\n\n # Required for tls. Can be a file path or the contents of the pem file\n # client_cert: ./client-cert.pem\n\n # Required for tls. Can be a file path or the contents of the pem file\n # client_key: ./client-key.pem"), } file8 := &embedded.EmbeddedFile{ Filename: "seed.js",