feat(compute01): Deploy demarches simplifiees
This commit is contained in:
parent
eb329666ce
commit
9f24f1d98d
16 changed files with 5257 additions and 1 deletions
|
@ -13,6 +13,7 @@ let
|
|||
|
||||
# List of services to enable
|
||||
enabledServices = [
|
||||
"ds-fr"
|
||||
"kanidm"
|
||||
"mastodon"
|
||||
"nextcloud"
|
||||
|
|
77
machines/compute01/ds-fr/default.nix
Normal file
77
machines/compute01/ds-fr/default.nix
Normal file
|
@ -0,0 +1,77 @@
|
|||
{ config, lib, dgn-lib, ... }:
|
||||
|
||||
let
|
||||
inherit (dgn-lib) setDefault;
|
||||
|
||||
host = "demarches.dgnum.eu";
|
||||
in {
|
||||
imports = [ ./module.nix ];
|
||||
|
||||
services.demarches-simplifiees = {
|
||||
enable = true;
|
||||
|
||||
secretFile = config.age.secrets.ds_fr-secret_file.path;
|
||||
|
||||
initialDeploymentDate = "20230923";
|
||||
|
||||
settings = {
|
||||
APP_HOST = host;
|
||||
|
||||
# TODO: use France Connect ?
|
||||
FRANCE_CONNECT_ENABLED = "disabled";
|
||||
FC_PARTICULIER_ID = "demarches_dgn";
|
||||
FC_PARTICULIER_SECRET = "JD2MKKR3aMapqk1f27AcMZMy8sTW7ypRkqcegvf5TUy8bMRp";
|
||||
FC_PARTICULIER_BASE_URL = "https://sso.dgnum.eu";
|
||||
|
||||
# S3 storage setup
|
||||
ACTIVE_STORAGE_SERVICE = "garage";
|
||||
S3_ENDPOINT = "https://s3.dgnum.eu";
|
||||
S3_BUCKET = "demarches-dgnum";
|
||||
S3_REGION = "garage";
|
||||
S3_FORCE_PATH_STYLE = "true";
|
||||
S3_ACCESS_KEY_ID = "GK4d244118eac2336ae0ab2dd9";
|
||||
S3_SECRET_ACCESS_KEY = "61100261fb0a0c861371596f9ffcd1e83134301a6d0c665a077135af04ba18c3";
|
||||
|
||||
# SAML_IDP_ENABLED = "enabled";
|
||||
|
||||
# Optional settings
|
||||
APPLICATION_NAME = ''"Démarches normaliennes"'';
|
||||
APPLICATION_SHORTNAME = "d-s.dgnum.eu";
|
||||
APPLICATION_BASE_URL = "https://${host}";
|
||||
|
||||
# Deactivate connexion methods
|
||||
AGENT_CONNECT_ENABLED = "disabled";
|
||||
|
||||
# SMTP setup, TODO: Fix and stop using sendmail
|
||||
CLASSIC_SMTP_ENABLED = "enabled";
|
||||
SMTP_HOST = "kurisu.lahfa.xyz";
|
||||
SMTP_PORT = "465";
|
||||
SMTP_USER = "web-services@infra.dgnum.eu";
|
||||
SMTP_TLS = "";
|
||||
SMTP_SSL = "true";
|
||||
SMTP_AUTHENTICATION = "plain";
|
||||
|
||||
SUPER_ADMIN_OTP_ENABLED = "disabled";
|
||||
|
||||
CONTACT_EMAIL = "demarches@infra.dgnum.eu";
|
||||
EQUIPE_EMAIL = "equipe@infra.dgnum.eu";
|
||||
TECH_EMAIL = "tech@infra.dgnum.eu";
|
||||
NO_REPLY_EMAIL =
|
||||
''"Ne pas répondre <@infra.dgnum.eu>"'';
|
||||
OLD_CONTACT_EMAIL = "";
|
||||
CONTACT_PHONE = "";
|
||||
|
||||
# Customization
|
||||
# HEADER_LOGO_SRC = "logo_ens_psl_couleur.png";
|
||||
# HEADER_LOGO_ALT = "Par la Recherche, pour la Recherche";
|
||||
# PROCEDURE_DEFAULT_LOGO_SRC = "logo_ens_psl_couleur.png";
|
||||
};
|
||||
};
|
||||
|
||||
dgn-secrets.options = [
|
||||
(setDefault { owner = "ds-fr"; }
|
||||
(builtins.filter (lib.hasPrefix "ds_fr") config.dgn-secrets.names))
|
||||
];
|
||||
|
||||
users.users.ds-fr.extraGroups = [ "sendmail" ];
|
||||
}
|
396
machines/compute01/ds-fr/module.nix
Normal file
396
machines/compute01/ds-fr/module.nix
Normal file
|
@ -0,0 +1,396 @@
|
|||
# Copyright Tom Hubrecht, (2023)
|
||||
#
|
||||
# Tom Hubrecht <tom@hubrecht.ovh>
|
||||
#
|
||||
# This software is a computer program whose purpose is to configure
|
||||
# machines and servers with NixOS.
|
||||
#
|
||||
# This software is governed by the CeCILL license under French law and
|
||||
# abiding by the rules of distribution of free software. You can use,
|
||||
# modify and/ or redistribute the software under the terms of the CeCILL
|
||||
# license as circulated by CEA, CNRS and INRIA at the following URL
|
||||
# "http://www.cecill.info".
|
||||
#
|
||||
# As a counterpart to the access to the source code and rights to copy,
|
||||
# modify and redistribute granted by the license, users are provided only
|
||||
# with a limited warranty and the software's author, the holder of the
|
||||
# economic rights, and the successive licensors have only limited
|
||||
# liability.
|
||||
#
|
||||
# In this respect, the user's attention is drawn to the risks associated
|
||||
# with loading, using, modifying and/or developing or reproducing the
|
||||
# software by the user in light of its specific status of free software,
|
||||
# that may mean that it is complicated to manipulate, and that also
|
||||
# therefore means that it is reserved for developers and experienced
|
||||
# professionals having in-depth computer knowledge. Users are therefore
|
||||
# encouraged to load and test the software's suitability as regards their
|
||||
# requirements in conditions enabling the security of their systems and/or
|
||||
# data to be ensured and, more generally, to use and operate it in the
|
||||
# same conditions as regards security.
|
||||
#
|
||||
# The fact that you are presently reading this means that you have had
|
||||
# knowledge of the CeCILL license and that you accept its terms.
|
||||
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (lib)
|
||||
mdDoc mkDefault mkEnableOption mkIf mkOption
|
||||
|
||||
optional optionalString
|
||||
|
||||
types;
|
||||
|
||||
cfg = config.services.demarches-simplifiees;
|
||||
|
||||
settingsFormat = pkgs.formats.keyValue { };
|
||||
|
||||
env = settingsFormat.generate "ds-fr-env" cfg.settings;
|
||||
|
||||
ds-fr = pkgs.writeShellScriptBin "ds-fr" ''
|
||||
set -a
|
||||
cd ${cfg.package}
|
||||
|
||||
${optionalString (cfg.secretFile != null) "source ${cfg.secretFile}"}
|
||||
source ${env}
|
||||
|
||||
BIN="$1"
|
||||
shift
|
||||
|
||||
SUDO="exec"
|
||||
if [[ $USER != ${cfg.user} ]]; then
|
||||
SUDO='exec /run/wrappers/bin/sudo -u ${cfg.user} --preserve-env'
|
||||
fi
|
||||
|
||||
$SUDO ${cfg.package}/bin/$BIN "$@"
|
||||
'';
|
||||
|
||||
in {
|
||||
options.services.demarches-simplifiees = {
|
||||
enable = mkEnableOption "demarches-simplifiees.";
|
||||
|
||||
package = mkOption {
|
||||
type = types.package;
|
||||
default = pkgs.callPackage ./package {
|
||||
inherit (cfg) initialDeploymentDate dataDir logDir;
|
||||
};
|
||||
};
|
||||
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "ds-fr";
|
||||
description = mdDoc "User account under which DS runs.";
|
||||
};
|
||||
|
||||
group = mkOption {
|
||||
type = types.str;
|
||||
default = "ds-fr";
|
||||
description = mdDoc "Group account under which DS runs.";
|
||||
};
|
||||
|
||||
dataDir = mkOption {
|
||||
type = types.str;
|
||||
default = "/var/lib/ds-fr";
|
||||
};
|
||||
|
||||
logDir = mkOption {
|
||||
type = types.str;
|
||||
default = "/var/log/ds-fr";
|
||||
};
|
||||
|
||||
secretFile = mkOption {
|
||||
type = types.nullOr types.path;
|
||||
default = null;
|
||||
};
|
||||
|
||||
settings = mkOption { inherit (settingsFormat) type; };
|
||||
|
||||
initialDeploymentDate = mkOption {
|
||||
type = types.nullOr types.str;
|
||||
default = null;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
services.demarches-simplifiees.settings =
|
||||
(builtins.mapAttrs (_: mkDefault) {
|
||||
RAILS_ENV = "production";
|
||||
RAILS_ROOT = builtins.toString cfg.package;
|
||||
|
||||
# Application host name
|
||||
#
|
||||
# Examples:
|
||||
# * For local development: localhost:3000
|
||||
# * For preproduction: staging.ds.example.org
|
||||
# * For production: ds.example.org
|
||||
APP_HOST = "localhost:3000";
|
||||
|
||||
# Rails key for signing sensitive data
|
||||
# See https://guides.rubyonrails.org/security.html
|
||||
#
|
||||
# For production you MUST generate a new key, and keep it secret.
|
||||
# Secrets must be long and random. Use bin/rails secret to get new unique secrets.
|
||||
|
||||
# Secret key for One-Time-Password codes, used for 2-factors authentication
|
||||
# OTP_SECRET_KEY = "";
|
||||
|
||||
# Protect access to the instance with a static login/password (useful for staging environments)
|
||||
BASIC_AUTH_ENABLED = "disabled";
|
||||
BASIC_AUTH_USERNAME = "";
|
||||
BASIC_AUTH_PASSWORD = "";
|
||||
|
||||
# ActiveStorage service to use for attached files.
|
||||
# Possible values:
|
||||
# - "local": store files on the local filesystem
|
||||
# - "amazon": store files remotely on an S3 storage service
|
||||
# - "openstack": store files remotely on an OpenStack storage service
|
||||
#
|
||||
# (See config/storage.yml for the configuration of each service.)
|
||||
ACTIVE_STORAGE_SERVICE = "local";
|
||||
|
||||
# Configuration for the OpenStack storage service (if enabled)
|
||||
FOG_OPENSTACK_API_KEY = "";
|
||||
FOG_OPENSTACK_USERNAME = "";
|
||||
FOG_OPENSTACK_URL = "";
|
||||
FOG_OPENSTACK_REGION = "";
|
||||
DS_PROXY_URL = "";
|
||||
|
||||
# SAML
|
||||
SAML_IDP_ENABLED = "disabled";
|
||||
|
||||
# External service: authentication through France Connect
|
||||
FC_PARTICULIER_ID = "";
|
||||
FC_PARTICULIER_SECRET = "";
|
||||
FC_PARTICULIER_BASE_URL = "";
|
||||
|
||||
# External service: authentication through Agent Connect
|
||||
AGENT_CONNECT_ID = "";
|
||||
AGENT_CONNECT_SECRET = "";
|
||||
AGENT_CONNECT_BASE_URL = "";
|
||||
AGENT_CONNECT_JWKS = "";
|
||||
AGENT_CONNECT_REDIRECT = "";
|
||||
|
||||
# External service: integration with HelpScout (optional)
|
||||
HELPSCOUT_MAILBOX_ID = "";
|
||||
HELPSCOUT_CLIENT_ID = "";
|
||||
HELPSCOUT_CLIENT_SECRET = "";
|
||||
HELPSCOUT_WEBHOOK_SECRET = "";
|
||||
|
||||
# External service: external supervision
|
||||
SENTRY_ENABLED = "disabled";
|
||||
SENTRY_CURRENT_ENV = "development";
|
||||
SENTRY_DSN_RAILS = "";
|
||||
SENTRY_DSN_JS = "";
|
||||
|
||||
# External service: Matomo web analytics
|
||||
MATOMO_ENABLED = "disabled";
|
||||
MATOMO_COOKIE_DOMAIN = "*.www.demarches-simplifiees.fr";
|
||||
MATOMO_DOMAIN = "*.www.demarches-simplifiees.fr";
|
||||
MATOMO_ID = "";
|
||||
MATOMO_HOST = "matomo.example.org";
|
||||
|
||||
# Default SMTP Provider: Mailjet
|
||||
MAILJET_API_KEY = "";
|
||||
MAILJET_SECRET_KEY = "";
|
||||
|
||||
# Alternate SMTP Provider: SendInBlue/DoList
|
||||
SENDINBLUE_CLIENT_KEY = "";
|
||||
SENDINBLUE_SMTP_KEY = "";
|
||||
SENDINBLUE_USER_NAME = "";
|
||||
# SENDINBLUE_LOGIN_URL="https://app.sendinblue.com/account/saml/login/truc"
|
||||
|
||||
# Alternate SMTP Provider: Mailtrap (mail catcher for staging environments)
|
||||
# When enabled, all emails will be sent using this provider
|
||||
MAILTRAP_ENABLED = "disabled";
|
||||
MAILTRAP_USERNAME = "";
|
||||
MAILTRAP_PASSWORD = "";
|
||||
|
||||
# Alternative SMTP Provider: Mailcatcher (Catches mail and serves it through a dream.)
|
||||
# When enabled, all emails will be sent using this provider
|
||||
MAILCATCHER_ENABLED = "disabled";
|
||||
MAILCATCHER_HOST = "";
|
||||
MAILCATCHER_PORT = "";
|
||||
|
||||
# External service: live chat for admins (specific to démarches-simplifiées.fr)
|
||||
CRISP_ENABLED = "disabled";
|
||||
CRISP_CLIENT_KEY = "";
|
||||
|
||||
# API Entreprise credentials
|
||||
# https://api.gouv.fr/api/api-entreprise.html
|
||||
API_ENTREPRISE_KEY = "";
|
||||
|
||||
# External service: CRM for following admin accounts pipeline (specific to démarches-simplifiées.fr)
|
||||
PIPEDRIVE_KEY = "";
|
||||
|
||||
# Networks bypassing the email login token that verifies new devices, and rack-attack throttling
|
||||
TRUSTED_NETWORKS = "";
|
||||
|
||||
# External service: mesuring performance of the Rails app (specific to démarches-simplifiées.fr)
|
||||
SKYLIGHT_AUTHENTICATION_KEY = "";
|
||||
# "sXaot-fKhBlkI8qaSirQyuZbrpv5sVFoOturQ0pFEh0";
|
||||
|
||||
# Enable or disable Lograge logs
|
||||
LOGRAGE_ENABLED = "disabled";
|
||||
|
||||
# Logs source for Lograge
|
||||
#
|
||||
# Examples:
|
||||
# * For local development: tps_local
|
||||
# * For preproduction: tps_staging
|
||||
# * For production: tps_prod
|
||||
LOGRAGE_SOURCE = "tps_prod";
|
||||
|
||||
# External service: timestamping a daily archive of dossiers status changes
|
||||
UNIVERSIGN_API_URL = "https://ws.universign.eu/tsa/post/";
|
||||
UNIVERSIGN_USERPWD = "";
|
||||
|
||||
# External service: API Geo / Adresse
|
||||
API_ADRESSE_URL = "https://api-adresse.data.gouv.fr";
|
||||
API_GEO_URL = "https://geo.api.gouv.fr";
|
||||
|
||||
# External service: API Education
|
||||
API_EDUCATION_URL = "https://data.education.gouv.fr/api/records/1.0";
|
||||
|
||||
# Encryption key for sensitive columns in the database
|
||||
ENCRYPTION_SERVICE_SALT = "";
|
||||
|
||||
# ActiveRecord encryption keys. Generate them with bin/rails db:encryption:init (you can omit deterministic_key)
|
||||
AR_ENCRYPTION_PRIMARY_KEY = "";
|
||||
AR_ENCRYPTION_KEY_DERIVATION_SALT = "";
|
||||
|
||||
# Salt for invisible_captcha session data.
|
||||
# Must be the same value for all app instances behind a load-balancer.
|
||||
INVISIBLE_CAPTCHA_SECRET = "kikooloool";
|
||||
|
||||
# Clamav antivirus usage
|
||||
CLAMAV_ENABLED = "disabled";
|
||||
|
||||
# Siret number used for API Entreprise, by default we use SIRET from dinum
|
||||
API_ENTREPRISE_DEFAULT_SIRET = "put_your_own_siret";
|
||||
}) // {
|
||||
# Database credentials
|
||||
DB_DATABASE = "ds-fr";
|
||||
DB_USERNAME = cfg.user;
|
||||
DB_PASSWORD = "";
|
||||
DB_HOST = "/run/postgresql";
|
||||
DB_POOL = "";
|
||||
|
||||
# Log on stdout
|
||||
RAILS_LOG_TO_STDOUT = true;
|
||||
};
|
||||
|
||||
environment.systemPackages = [ ds-fr ];
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"f '${cfg.logDir}/production.log' 0640 ${cfg.user} ${cfg.group} - -"
|
||||
"f '${cfg.dataDir}/.env' 0600 ${cfg.user} ${cfg.group} - -"
|
||||
"d '${cfg.dataDir}/tmp' 0700 ${cfg.user} ${cfg.group} 10d -"
|
||||
];
|
||||
|
||||
systemd.services = {
|
||||
ds-fr-setup = {
|
||||
description = "Demarches Simplifiees setup";
|
||||
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
path = [ pkgs.bash ds-fr ];
|
||||
after = [ "postgresql.service" ];
|
||||
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
EnvironmentFile = [ env ]
|
||||
++ (optional (cfg.secretFile != null) cfg.secretFile);
|
||||
StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr";
|
||||
LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr";
|
||||
};
|
||||
|
||||
script = ''
|
||||
[[ ! -f ${cfg.dataDir}/.initial-migration ]] \
|
||||
&& ds-fr rails db:environment:set \
|
||||
&& ds-fr rails db:schema:load \
|
||||
&& ds-fr rails db:seed \
|
||||
&& touch ${cfg.dataDir}/.initial-migration
|
||||
|
||||
ds-fr rake db:migrate
|
||||
ds-fr rake after_party:run
|
||||
'';
|
||||
};
|
||||
|
||||
ds-fr-work = {
|
||||
description = "Demarches Simplifiees work service";
|
||||
|
||||
wantedBy = [ "multi-user.target" "ds-fr.service" ];
|
||||
after = [ "network.target" "ds-fr-setup.service" ];
|
||||
requires = [ "ds-fr-setup.service" ];
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${ds-fr}/bin/ds-fr rails jobs:work";
|
||||
EnvironmentFile = [ env ]
|
||||
++ (optional (cfg.secretFile != null) cfg.secretFile);
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr";
|
||||
LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr";
|
||||
};
|
||||
};
|
||||
|
||||
ds-fr = {
|
||||
description = "Demarches Simplifiees web service";
|
||||
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" "ds-fr-setup.service" ];
|
||||
requires = [ "ds-fr-setup.service" ];
|
||||
|
||||
serviceConfig = {
|
||||
ExecStart = "${ds-fr}/bin/ds-fr rails server";
|
||||
Environment = [ "RAILS_QUEUE_ADAPTER=delayed_job" ];
|
||||
EnvironmentFile = [ env ]
|
||||
++ (optional (cfg.secretFile != null) cfg.secretFile);
|
||||
User = cfg.user;
|
||||
Group = cfg.group;
|
||||
StateDirectory = mkIf (cfg.dataDir == "/var/lib/ds-fr") "ds-fr";
|
||||
LogsDirectory = mkIf (cfg.logDir == "/var/log/ds-fr") "ds-fr";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
services.postgresql = {
|
||||
enable = true;
|
||||
|
||||
ensureDatabases = [ "ds-fr" ];
|
||||
|
||||
ensureUsers = optional (cfg.user == "ds-fr") {
|
||||
name = "ds-fr";
|
||||
ensurePermissions = { "DATABASE \"ds-fr\"" = "ALL PRIVILEGES"; };
|
||||
};
|
||||
|
||||
extraPlugins = with config.services.postgresql.package.pkgs; [ postgis ];
|
||||
};
|
||||
|
||||
users.users = mkIf (cfg.user == "ds-fr") {
|
||||
ds-fr = {
|
||||
inherit (cfg) group;
|
||||
|
||||
isSystemUser = true;
|
||||
home = cfg.package;
|
||||
};
|
||||
};
|
||||
|
||||
users.groups.${cfg.group} = { };
|
||||
|
||||
services.nginx = {
|
||||
enable = true;
|
||||
|
||||
virtualHosts.${cfg.settings.APP_HOST} = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
root = "${cfg.package}/public/";
|
||||
|
||||
locations."/".tryFiles = "$uri @proxy";
|
||||
locations."@proxy" = { proxyPass = "http://127.0.0.1:3000"; };
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
}
|
129
machines/compute01/ds-fr/package/default.nix
Normal file
129
machines/compute01/ds-fr/package/default.nix
Normal file
|
@ -0,0 +1,129 @@
|
|||
{ lib, stdenv, fetchFromGitHub, fetchYarnDeps, yarn, fixup_yarn_lock, nodejs, ruby_3_2
|
||||
, bundlerEnv, logDir ? "/var/log/ds-fr", dataDir ? "/var/lib/ds-fr"
|
||||
, initialDeploymentDate ? "17941030" }:
|
||||
|
||||
let
|
||||
pname = "ds-fr";
|
||||
version = "2023-09-21-01";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "demarches-simplifiees";
|
||||
repo = "demarches-simplifiees.fr";
|
||||
rev = "2023-09-21-01";
|
||||
hash = "sha256-4HGnv3atCkftK4AbmlYSj2BwDfgZ0jRREYqd1WhJbv0=";
|
||||
};
|
||||
|
||||
rubyEnv = bundlerEnv {
|
||||
name = "env-${pname}";
|
||||
gemdir = ./rubyEnv;
|
||||
ruby = ruby_3_2;
|
||||
gemset = (import ./rubyEnv/gemset.nix) // {
|
||||
bundler = {
|
||||
groups = [ "default" ];
|
||||
platforms = [ ];
|
||||
source = {
|
||||
remotes = [ "https://rubygems.org" ];
|
||||
sha256 = "deeQ3fNwcSiGSO/yeB2yoTniRq2gHW8WueprXoPX6Jk=";
|
||||
type = "gem";
|
||||
};
|
||||
version = "2.3.11";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
dsModules = stdenv.mkDerivation {
|
||||
pname = "${pname}-modules";
|
||||
inherit src version;
|
||||
|
||||
offlineCache = fetchYarnDeps {
|
||||
yarnLock = "${src}/yarn.lock";
|
||||
hash = "sha256-c2al1GBgSaUOT3veq5u3Wpj3Y+SfoiFxt97vppSD67s=";
|
||||
};
|
||||
|
||||
buildInputs = [ rubyEnv ];
|
||||
nativeBuildInputs = [ fixup_yarn_lock nodejs yarn rubyEnv.wrappedRuby ];
|
||||
|
||||
RAILS_ENV = "production";
|
||||
NODE_ENV = "dev";
|
||||
|
||||
patches = [
|
||||
# Disable functionnalities as we only precompile assets
|
||||
./patches/build.patch
|
||||
];
|
||||
|
||||
OTP_SECRET_KEY = "precompile_placeholder";
|
||||
SECRET_KEY_BASE = "precompile_placeholder";
|
||||
APP_HOST = "precompile_placeholder";
|
||||
|
||||
buildPhase = ''
|
||||
export HOME=$(mktemp -d)
|
||||
yarn config --offline set yarn-offline-mirror $offlineCache
|
||||
fixup_yarn_lock yarn.lock
|
||||
yarn install --offline --frozen-lockfile --ignore-platform --ignore-scripts --no-progress --non-interactive
|
||||
|
||||
patchShebangs node_modules/
|
||||
patchShebangs bin/
|
||||
|
||||
bin/rake assets:precompile
|
||||
|
||||
yarn cache clean --offline
|
||||
rm -rf node_modules/
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out/public
|
||||
cp -r public/* $out/public
|
||||
'';
|
||||
};
|
||||
|
||||
in stdenv.mkDerivation {
|
||||
name = "demarches-simplifiees.fr-${version}";
|
||||
|
||||
inherit src;
|
||||
|
||||
buildInputs = [ rubyEnv ];
|
||||
propagatedBuildInputs = [ rubyEnv.wrappedRuby ];
|
||||
|
||||
patches = [
|
||||
./patches/replay_routing_engine_for_a_cloned_procedure.patch
|
||||
./patches/smtp_settings.patch
|
||||
./patches/garage.patch
|
||||
./patches/secrets-fc.patch
|
||||
];
|
||||
|
||||
buildPhase = ''
|
||||
rm -rf public
|
||||
ln -s ${dsModules}/public/ public
|
||||
|
||||
patchShebangs bin/
|
||||
|
||||
rm -rf log
|
||||
ln -s ${logDir} log
|
||||
ln -s ${dataDir}/tmp tmp
|
||||
|
||||
for f in $(ls lib/tasks/deployment/); do
|
||||
[[ ! ${initialDeploymentDate} < $f ]] \
|
||||
&& rm lib/tasks/deployment/$f;
|
||||
done;
|
||||
|
||||
echo "Removed unused data migrations"
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out
|
||||
cp -r * $out/
|
||||
'';
|
||||
|
||||
passthru = {
|
||||
inherit rubyEnv;
|
||||
ruby = rubyEnv.wrappedRuby;
|
||||
};
|
||||
|
||||
meta = with lib; {
|
||||
description = "Dématérialiser et simplifier les démarches administratives";
|
||||
homepage =
|
||||
"https://github.com/demarches-simplifiees/demarches-simplifiees.fr";
|
||||
license = licenses.agpl3Only;
|
||||
maintainers = with maintainers; [ thubrecht ];
|
||||
};
|
||||
}
|
64
machines/compute01/ds-fr/package/patches/build.patch
Normal file
64
machines/compute01/ds-fr/package/patches/build.patch
Normal file
|
@ -0,0 +1,64 @@
|
|||
diff --git a/config/environments/production.rb b/config/environments/production.rb
|
||||
index 16d8c8e84..6262b8782 100644
|
||||
--- a/config/environments/production.rb
|
||||
+++ b/config/environments/production.rb
|
||||
@@ -118,7 +118,7 @@ Rails.application.configure do
|
||||
# the I18n.default_locale when a translation cannot be found).
|
||||
config.i18n.fallbacks = true
|
||||
|
||||
- config.active_storage.service = ENV.fetch("ACTIVE_STORAGE_SERVICE").to_sym
|
||||
+ config.active_storage.service = ENV.fetch("ACTIVE_STORAGE_SERVICE", 'local').to_sym
|
||||
|
||||
# Send deprecation notices to registered listeners.
|
||||
config.active_support.deprecation = :notify
|
||||
@@ -174,5 +174,5 @@ Rails.application.configure do
|
||||
# The Content-Security-Policy is NOT in Report-Only mode
|
||||
config.content_security_policy_report_only = false
|
||||
|
||||
- config.lograge.enabled = ENV['LOGRAGE_ENABLED'] == 'enabled'
|
||||
+ config.lograge.enabled = ENV.fetch('LOGRAGE_ENABLED', 'disabled') == 'enabled'
|
||||
end
|
||||
|
||||
diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb
|
||||
index 135495216..4d4bcf8dc 100644
|
||||
--- a/config/initializers/content_security_policy.rb
|
||||
+++ b/config/initializers/content_security_policy.rb
|
||||
@@ -23,7 +23,7 @@ Rails.application.config.content_security_policy do |policy|
|
||||
connect_whitelist = ["wss://*.crisp.chat", "*.crisp.chat", "app.franceconnect.gouv.fr", "openmaptiles.geo.data.gouv.fr", "openmaptiles.github.io", "tiles.geo.api.gouv.fr", "wxs.ign.fr"]
|
||||
connect_whitelist << ENV.fetch('APP_HOST')
|
||||
connect_whitelist << "*.amazonaws.com" if Rails.configuration.active_storage.service == :amazon
|
||||
- connect_whitelist += [URI(ENV["SENTRY_DSN_JS"]).host, URI(ENV["SENTRY_DSN_RAILS"]).host].compact.uniq
|
||||
+ connect_whitelist += [URI(ENV.fetch("SENTRY_DSN_JS", '')).host, URI(ENV.fetch("SENTRY_DSN_RAILS", '')).host].compact.uniq
|
||||
connect_whitelist << URI(DS_PROXY_URL).host if DS_PROXY_URL.present?
|
||||
connect_whitelist << URI(API_ADRESSE_URL).host if API_ADRESSE_URL.present?
|
||||
connect_whitelist << URI(API_EDUCATION_URL).host if API_EDUCATION_URL.present?
|
||||
@@ -39,7 +39,7 @@ Rails.application.config.content_security_policy do |policy|
|
||||
# Everything else: allow us
|
||||
# Add the error source in the violation notification
|
||||
default_whitelist = ["fonts.gstatic.com", "in-automate.sendinblue.com", "player.vimeo.com", "app.franceconnect.gouv.fr", "*.crisp.chat", "crisp.chat", "*.crisp.help", "*.sibautomation.com", "sibautomation.com", "data"]
|
||||
- default_whitelist += [URI(ENV["SENTRY_DSN_JS"]).host, URI(ENV["SENTRY_DSN_RAILS"]).host].compact.uniq
|
||||
+ default_whitelist += [URI(ENV.fetch("SENTRY_DSN_JS", '')).host, URI(ENV.fetch("SENTRY_DSN_RAILS", '')).host].compact.uniq
|
||||
default_whitelist << URI(DS_PROXY_URL).host if DS_PROXY_URL.present?
|
||||
policy.default_src(:self, :data, :blob, :report_sample, *default_whitelist)
|
||||
|
||||
diff --git a/config/initializers/mailcatcher.rb b/config/initializers/mailcatcher.rb
|
||||
index 8b931f704..dbeceb4ec 100644
|
||||
--- a/config/initializers/mailcatcher.rb
|
||||
+++ b/config/initializers/mailcatcher.rb
|
||||
@@ -1,4 +1,4 @@
|
||||
-if ENV.fetch('MAILCATCHER_ENABLED') == 'enabled'
|
||||
+if ENV.fetch('MAILCATCHER_ENABLED', 'disabled') == 'enabled'
|
||||
ActiveSupport.on_load(:action_mailer) do
|
||||
module Mailcatcher
|
||||
class SMTP < ::Mail::SMTP; end
|
||||
|
||||
diff --git a/config/initializers/mailtrap.rb b/config/initializers/mailtrap.rb
|
||||
index 6d1faa04b..658673ed1 100644
|
||||
--- a/config/initializers/mailtrap.rb
|
||||
+++ b/config/initializers/mailtrap.rb
|
||||
@@ -1,4 +1,4 @@
|
||||
-if ENV.fetch('MAILTRAP_ENABLED') == 'enabled'
|
||||
+if ENV.fetch('MAILTRAP_ENABLED', 'disabled') == 'enabled'
|
||||
ActiveSupport.on_load(:action_mailer) do
|
||||
module Mailtrap
|
||||
class SMTP < ::Mail::SMTP; end
|
16
machines/compute01/ds-fr/package/patches/garage.patch
Normal file
16
machines/compute01/ds-fr/package/patches/garage.patch
Normal file
|
@ -0,0 +1,16 @@
|
|||
diff --git a/config/storage.yml b/config/storage.yml
|
||||
index d2b2d241f..1b2744504 100644
|
||||
--- a/config/storage.yml
|
||||
+++ b/config/storage.yml
|
||||
@@ -19,3 +19,11 @@ amazon:
|
||||
secret_access_key: <%= ENV.fetch("S3_SECRET_ACCESS_KEY", "") %>
|
||||
region: <%= ENV.fetch("S3_REGION", "") %>
|
||||
bucket: <%= ENV.fetch("S3_BUCKET", "") %>
|
||||
+garage:
|
||||
+ service: S3
|
||||
+ access_key_id: <%= ENV.fetch("S3_ACCESS_KEY_ID", "") %>
|
||||
+ secret_access_key: <%= ENV.fetch("S3_SECRET_ACCESS_KEY", "") %>
|
||||
+ region: <%= ENV.fetch("S3_REGION", "garage") %>
|
||||
+ bucket: <%= ENV.fetch("S3_BUCKET", "") %>
|
||||
+ endpoint: <%= ENV.fetch("S3_ENDPOINT", "") %>
|
||||
+ force_path_style: <%= ENV.fetch("S3_FORCE_PATH_STYLE", "").present? %>
|
|
@ -0,0 +1,35 @@
|
|||
diff --git a/lib/tasks/deployment/20230613114744_replay_routing_engine_for_a_cloned_procedure.rake b/lib/tasks/deployment/20230613114744_replay_routing_engine_for_a_cloned_procedure.rake
|
||||
index 9d4f3a284..04d62a63b 100644
|
||||
--- a/lib/tasks/deployment/20230613114744_replay_routing_engine_for_a_cloned_procedure.rake
|
||||
+++ b/lib/tasks/deployment/20230613114744_replay_routing_engine_for_a_cloned_procedure.rake
|
||||
@@ -4,18 +4,18 @@ namespace :after_party do
|
||||
puts "Running deploy task 'replay_routing_engine_for_a_cloned_procedure'"
|
||||
|
||||
# Put your task implementation HERE.
|
||||
- dossiers = Procedure
|
||||
- .find(76266)
|
||||
- .dossiers
|
||||
- .en_construction
|
||||
-
|
||||
- progress = ProgressReport.new(dossiers.count)
|
||||
-
|
||||
- dossiers.find_each do |dossier|
|
||||
- RoutingEngine.compute(dossier)
|
||||
- progress.inc
|
||||
- end
|
||||
- progress.finish
|
||||
+ # dossiers = Procedure
|
||||
+ # .find(76266)
|
||||
+ # .dossiers
|
||||
+ # .en_construction
|
||||
+ #
|
||||
+ # progress = ProgressReport.new(dossiers.count)
|
||||
+ #
|
||||
+ # dossiers.find_each do |dossier|
|
||||
+ # RoutingEngine.compute(dossier)
|
||||
+ # progress.inc
|
||||
+ # end
|
||||
+ # progress.finish
|
||||
|
||||
# Update task as completed. If you remove the line below, the task will
|
||||
# run with every deploy (or every time you call after_party:run).
|
39
machines/compute01/ds-fr/package/patches/secrets-fc.patch
Normal file
39
machines/compute01/ds-fr/package/patches/secrets-fc.patch
Normal file
|
@ -0,0 +1,39 @@
|
|||
diff --git a/config/secrets.yml b/config/secrets.yml
|
||||
index 866fa6159..6fd49ee59 100644
|
||||
--- a/config/secrets.yml
|
||||
+++ b/config/secrets.yml
|
||||
@@ -23,10 +23,10 @@ defaults: &defaults
|
||||
identifier: <%= ENV['FC_PARTICULIER_ID'] %>
|
||||
secret: <%= ENV['FC_PARTICULIER_SECRET'] %>
|
||||
redirect_uri: https://<%= ENV['APP_HOST'] %>/france_connect/particulier/callback
|
||||
- authorization_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/api/v1/authorize
|
||||
- token_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/api/v1/token
|
||||
- userinfo_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/api/v1/userinfo
|
||||
- logout_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/api/v1/logout
|
||||
+ authorization_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/ui/oauth2
|
||||
+ token_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/oauth2/token
|
||||
+ userinfo_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/oauth2/openid/demarches_dgn/userinfo
|
||||
+ logout_endpoint: <%= ENV['FC_PARTICULIER_BASE_URL'] %>/oauth2/token/revoke
|
||||
agent_connect:
|
||||
identifier: <%= ENV['AGENT_CONNECT_ID'] %>
|
||||
secret: <%= ENV['AGENT_CONNECT_SECRET'] %>
|
||||
diff --git a/app/services/france_connect_service.rb b/app/services/france_connect_service.rb
|
||||
index 31b2491c4..fd3d80530 100644
|
||||
--- a/app/services/france_connect_service.rb
|
||||
+++ b/app/services/france_connect_service.rb
|
||||
@@ -23,11 +23,15 @@ class FranceConnectService
|
||||
|
||||
def self.retrieve_user_informations_particulier(code)
|
||||
client = FranceConnectParticulierClient.new(code)
|
||||
+ Rails.logger.fatal("Client: #{client.inspect}")
|
||||
+ Rails.logger.fatal("Client token: #{client.access_token!(client_auth_method: :secret).userinfo!.inspect}")
|
||||
|
||||
user_info = client.access_token!(client_auth_method: :secret)
|
||||
.userinfo!
|
||||
.raw_attributes
|
||||
|
||||
+ Rails.logger.fatal("Info: #{user_info.inspect}")
|
||||
+
|
||||
FranceConnectInformation.new(
|
||||
gender: user_info[:gender],
|
||||
given_name: user_info[:given_name],
|
14
machines/compute01/ds-fr/package/patches/smtp_settings.patch
Normal file
14
machines/compute01/ds-fr/package/patches/smtp_settings.patch
Normal file
|
@ -0,0 +1,14 @@
|
|||
diff --git a/config/environments/production.rb b/config/environments/production.rb
|
||||
index 16d8c8e84..e0326d26d 100644
|
||||
--- a/config/environments/production.rb
|
||||
+++ b/config/environments/production.rb
|
||||
@@ -86,7 +86,8 @@ Rails.application.configure do
|
||||
user_name: ENV.fetch("SMTP_USER"),
|
||||
password: ENV.fetch("SMTP_PASS"),
|
||||
authentication: ENV.fetch("SMTP_AUTHENTICATION"),
|
||||
- enable_starttls_auto: ENV.fetch("SMTP_TLS").present?
|
||||
+ enable_starttls_auto: ENV.fetch("SMTP_TLS").present?,
|
||||
+ ssl: ENV.fetch("SMTP_SSL").present?
|
||||
}
|
||||
elsif ENV['SENDMAIL_ENABLED'] == 'enabled'
|
||||
config.action_mailer.delivery_method = :sendmail
|
144
machines/compute01/ds-fr/package/rubyEnv/Gemfile
Normal file
144
machines/compute01/ds-fr/package/rubyEnv/Gemfile
Normal file
|
@ -0,0 +1,144 @@
|
|||
source 'https://rubygems.org'
|
||||
|
||||
gem 'rails', '~> 7.0.5' # allows update to security fixes at any time
|
||||
|
||||
gem 'aasm'
|
||||
gem 'acsv'
|
||||
gem 'active_link_to' # Automatically set a class on active links
|
||||
gem 'active_model_serializers'
|
||||
gem 'activestorage-openstack'
|
||||
gem 'active_storage_validations'
|
||||
gem 'addressable'
|
||||
gem 'administrate'
|
||||
gem 'administrate-field-enum' # Allow using Field::Enum in administrate
|
||||
gem 'after_party'
|
||||
gem 'anchored'
|
||||
gem "aws-sdk-s3", require: false
|
||||
gem 'bcrypt'
|
||||
gem 'bootsnap', '>= 1.4.4', require: false # Reduces boot times through caching; required in config/boot.rb
|
||||
gem 'browser'
|
||||
gem 'charlock_holmes'
|
||||
gem 'chartkick'
|
||||
gem 'chunky_png'
|
||||
gem 'clamav-client', require: 'clamav/client'
|
||||
gem 'daemons'
|
||||
gem 'deep_cloneable' # Enable deep clone of active record models
|
||||
gem 'delayed_cron_job' # Cron jobs
|
||||
gem 'delayed_job_active_record'
|
||||
gem 'delayed_job_web'
|
||||
gem 'devise' # Gestion des comptes utilisateurs
|
||||
gem 'devise-i18n'
|
||||
gem 'devise-two-factor'
|
||||
gem 'discard'
|
||||
gem 'dotenv-rails', require: 'dotenv/rails-now' # dotenv should always be loaded before rails
|
||||
gem 'dry-monads'
|
||||
gem 'elastic-apm'
|
||||
gem 'flipper'
|
||||
gem 'flipper-active_record'
|
||||
gem 'flipper-ui'
|
||||
gem 'fugit'
|
||||
gem 'geocoder'
|
||||
gem 'geo_coord', require: "geo/coord"
|
||||
gem 'gon'
|
||||
gem 'graphql'
|
||||
gem 'graphql-batch'
|
||||
gem 'graphql-rails_logger'
|
||||
gem 'groupdate'
|
||||
gem 'haml-rails'
|
||||
gem 'hashie'
|
||||
gem 'http_accept_language'
|
||||
gem 'i18n_data'
|
||||
gem 'i18n-tasks', require: false
|
||||
gem 'iban-tools'
|
||||
gem 'image_processing'
|
||||
gem 'invisible_captcha'
|
||||
gem 'json_schemer'
|
||||
gem 'jwt'
|
||||
gem 'kaminari'
|
||||
gem 'listen' # Required by ActiveSupport::EventedFileUpdateChecker
|
||||
gem 'lograge'
|
||||
gem 'logstash-event'
|
||||
gem 'mailjet', require: false
|
||||
gem 'matrix' # needed by prawn and not default in ruby 3.1
|
||||
gem 'mini_magick'
|
||||
gem 'net-imap', require: false # See https://github.com/mikel/mail/pull/1439
|
||||
gem 'net-pop', require: false # same
|
||||
gem 'net-smtp', require: false # same
|
||||
gem 'openid_connect'
|
||||
gem 'parsby'
|
||||
gem 'pg'
|
||||
gem 'phonelib'
|
||||
gem 'prawn-rails' # PDF Generation
|
||||
gem 'premailer-rails'
|
||||
gem 'puma' # Use Puma as the app server
|
||||
gem 'pundit'
|
||||
gem 'rack-attack'
|
||||
gem 'rails-i18n' # Locales par défaut
|
||||
gem 'rake-progressbar', require: false
|
||||
gem 'redcarpet'
|
||||
gem 'redis'
|
||||
gem 'rexml' # add missing gem due to ruby3 (https://github.com/Shopify/bootsnap/issues/325)
|
||||
gem 'rqrcode'
|
||||
gem 'saml_idp'
|
||||
gem 'sassc-rails' # Use SCSS for stylesheets
|
||||
gem 'sentry-delayed_job'
|
||||
gem 'sentry-rails'
|
||||
gem 'sentry-ruby'
|
||||
gem 'sib-api-v3-sdk'
|
||||
gem 'skylight'
|
||||
gem 'spreadsheet_architect'
|
||||
gem 'strong_migrations' # lint database migrations
|
||||
gem 'turbo-rails'
|
||||
gem 'typhoeus'
|
||||
gem 'ulid-ruby', require: 'ulid'
|
||||
gem 'view_component'
|
||||
gem 'vite_rails'
|
||||
gem 'warden'
|
||||
gem 'zipline'
|
||||
gem 'zxcvbn-ruby', require: 'zxcvbn'
|
||||
|
||||
group :test do
|
||||
gem 'axe-core-rspec' # accessibility rspec matchers
|
||||
gem 'capybara' # Integration testing
|
||||
gem 'capybara-email' # Access emails during integration tests
|
||||
gem 'capybara-screenshot' # Save a dump of the page when an integration test fails
|
||||
gem 'factory_bot'
|
||||
gem 'launchy'
|
||||
gem 'rack_session_access'
|
||||
gem 'rails-controller-testing'
|
||||
gem 'rspec_junit_formatter'
|
||||
gem 'rspec-retry'
|
||||
gem 'selenium-devtools'
|
||||
gem 'selenium-webdriver'
|
||||
gem 'shoulda-matchers', require: false
|
||||
gem 'timecop'
|
||||
gem 'vcr'
|
||||
gem 'webmock'
|
||||
end
|
||||
|
||||
group :development do
|
||||
gem 'brakeman', require: false
|
||||
gem 'haml-lint'
|
||||
gem 'letter_opener_web'
|
||||
gem 'memory_profiler'
|
||||
gem 'rack-mini-profiler'
|
||||
gem 'rails-erd', require: false # generates `doc/database_models.pdf`
|
||||
gem 'rubocop', require: false
|
||||
gem 'rubocop-performance', require: false
|
||||
gem 'rubocop-rails', require: false
|
||||
gem 'rubocop-rspec', require: false
|
||||
gem 'scss_lint', require: false
|
||||
gem 'stackprof'
|
||||
gem 'web-console'
|
||||
end
|
||||
|
||||
group :development, :test do
|
||||
gem 'graphql-schema_comparator'
|
||||
gem 'mina', require: false # Deploy
|
||||
gem 'pry-byebug' # Call 'byebug' anywhere in the code to stop execution and get a debugger console
|
||||
gem 'pry-rails'
|
||||
gem 'rspec-rails'
|
||||
gem 'simple_xlsx_reader'
|
||||
gem 'spring' # Spring speeds up development by keeping your application running in the background
|
||||
gem 'spring-commands-rspec'
|
||||
end
|
955
machines/compute01/ds-fr/package/rubyEnv/Gemfile.lock
Normal file
955
machines/compute01/ds-fr/package/rubyEnv/Gemfile.lock
Normal file
|
@ -0,0 +1,955 @@
|
|||
GEM
|
||||
remote: https://rubygems.org/
|
||||
specs:
|
||||
aasm (5.2.0)
|
||||
concurrent-ruby (~> 1.0)
|
||||
acsv (0.0.1)
|
||||
actioncable (7.0.7.2)
|
||||
actionpack (= 7.0.7.2)
|
||||
activesupport (= 7.0.7.2)
|
||||
nio4r (~> 2.0)
|
||||
websocket-driver (>= 0.6.1)
|
||||
actionmailbox (7.0.7.2)
|
||||
actionpack (= 7.0.7.2)
|
||||
activejob (= 7.0.7.2)
|
||||
activerecord (= 7.0.7.2)
|
||||
activestorage (= 7.0.7.2)
|
||||
activesupport (= 7.0.7.2)
|
||||
mail (>= 2.7.1)
|
||||
net-imap
|
||||
net-pop
|
||||
net-smtp
|
||||
actionmailer (7.0.7.2)
|
||||
actionpack (= 7.0.7.2)
|
||||
actionview (= 7.0.7.2)
|
||||
activejob (= 7.0.7.2)
|
||||
activesupport (= 7.0.7.2)
|
||||
mail (~> 2.5, >= 2.5.4)
|
||||
net-imap
|
||||
net-pop
|
||||
net-smtp
|
||||
rails-dom-testing (~> 2.0)
|
||||
actionpack (7.0.7.2)
|
||||
actionview (= 7.0.7.2)
|
||||
activesupport (= 7.0.7.2)
|
||||
rack (~> 2.0, >= 2.2.4)
|
||||
rack-test (>= 0.6.3)
|
||||
rails-dom-testing (~> 2.0)
|
||||
rails-html-sanitizer (~> 1.0, >= 1.2.0)
|
||||
actiontext (7.0.7.2)
|
||||
actionpack (= 7.0.7.2)
|
||||
activerecord (= 7.0.7.2)
|
||||
activestorage (= 7.0.7.2)
|
||||
activesupport (= 7.0.7.2)
|
||||
globalid (>= 0.6.0)
|
||||
nokogiri (>= 1.8.5)
|
||||
actionview (7.0.7.2)
|
||||
activesupport (= 7.0.7.2)
|
||||
builder (~> 3.1)
|
||||
erubi (~> 1.4)
|
||||
rails-dom-testing (~> 2.0)
|
||||
rails-html-sanitizer (~> 1.1, >= 1.2.0)
|
||||
active_link_to (1.0.5)
|
||||
actionpack
|
||||
addressable
|
||||
active_model_serializers (0.10.13)
|
||||
actionpack (>= 4.1, < 7.1)
|
||||
activemodel (>= 4.1, < 7.1)
|
||||
case_transform (>= 0.2)
|
||||
jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
|
||||
active_storage_validations (0.9.6)
|
||||
activejob (>= 5.2.0)
|
||||
activemodel (>= 5.2.0)
|
||||
activestorage (>= 5.2.0)
|
||||
activesupport (>= 5.2.0)
|
||||
activejob (7.0.7.2)
|
||||
activesupport (= 7.0.7.2)
|
||||
globalid (>= 0.3.6)
|
||||
activemodel (7.0.7.2)
|
||||
activesupport (= 7.0.7.2)
|
||||
activerecord (7.0.7.2)
|
||||
activemodel (= 7.0.7.2)
|
||||
activesupport (= 7.0.7.2)
|
||||
activestorage (7.0.7.2)
|
||||
actionpack (= 7.0.7.2)
|
||||
activejob (= 7.0.7.2)
|
||||
activerecord (= 7.0.7.2)
|
||||
activesupport (= 7.0.7.2)
|
||||
marcel (~> 1.0)
|
||||
mini_mime (>= 1.1.0)
|
||||
activestorage-openstack (1.6.0)
|
||||
fog-openstack (>= 1.0.9)
|
||||
marcel
|
||||
rails (>= 5.2.2)
|
||||
activesupport (7.0.7.2)
|
||||
concurrent-ruby (~> 1.0, >= 1.0.2)
|
||||
i18n (>= 1.6, < 2)
|
||||
minitest (>= 5.1)
|
||||
tzinfo (~> 2.0)
|
||||
addressable (2.8.4)
|
||||
public_suffix (>= 2.0.2, < 6.0)
|
||||
administrate (0.18.0)
|
||||
actionpack (>= 5.0)
|
||||
actionview (>= 5.0)
|
||||
activerecord (>= 5.0)
|
||||
jquery-rails (>= 4.0)
|
||||
kaminari (>= 1.0)
|
||||
sassc-rails (~> 2.1)
|
||||
selectize-rails (~> 0.6)
|
||||
administrate-field-enum (0.0.9)
|
||||
administrate (~> 0.12)
|
||||
aes_key_wrap (1.1.0)
|
||||
after_party (1.11.2)
|
||||
anchored (1.1.0)
|
||||
ast (2.4.2)
|
||||
attr_required (1.0.1)
|
||||
aws-eventstream (1.2.0)
|
||||
aws-partitions (1.826.0)
|
||||
aws-sdk-core (3.183.0)
|
||||
aws-eventstream (~> 1, >= 1.0.2)
|
||||
aws-partitions (~> 1, >= 1.651.0)
|
||||
aws-sigv4 (~> 1.5)
|
||||
jmespath (~> 1, >= 1.6.1)
|
||||
aws-sdk-kms (1.71.0)
|
||||
aws-sdk-core (~> 3, >= 3.177.0)
|
||||
aws-sigv4 (~> 1.1)
|
||||
aws-sdk-s3 (1.135.0)
|
||||
aws-sdk-core (~> 3, >= 3.181.0)
|
||||
aws-sdk-kms (~> 1)
|
||||
aws-sigv4 (~> 1.6)
|
||||
aws-sigv4 (1.6.0)
|
||||
aws-eventstream (~> 1, >= 1.0.2)
|
||||
axe-core-api (4.2.1)
|
||||
capybara
|
||||
dumb_delegator
|
||||
selenium-webdriver
|
||||
virtus
|
||||
watir
|
||||
axe-core-rspec (4.2.1)
|
||||
axe-core-api
|
||||
dumb_delegator
|
||||
virtus
|
||||
axiom-types (0.1.1)
|
||||
descendants_tracker (~> 0.0.4)
|
||||
ice_nine (~> 0.11.0)
|
||||
thread_safe (~> 0.3, >= 0.3.1)
|
||||
axlsx_styler (1.1.0)
|
||||
activesupport (>= 3.1)
|
||||
caxlsx (>= 2.0.2)
|
||||
bcrypt (3.1.18)
|
||||
better_html (1.0.16)
|
||||
actionview (>= 4.0)
|
||||
activesupport (>= 4.0)
|
||||
ast (~> 2.0)
|
||||
erubi (~> 1.4)
|
||||
html_tokenizer (~> 0.0.6)
|
||||
parser (>= 2.4)
|
||||
smart_properties
|
||||
bindata (2.4.10)
|
||||
bindex (0.8.1)
|
||||
bootsnap (1.9.3)
|
||||
msgpack (~> 1.0)
|
||||
brakeman (5.4.1)
|
||||
browser (5.3.1)
|
||||
builder (3.2.4)
|
||||
byebug (11.1.3)
|
||||
capybara (3.39.2)
|
||||
addressable
|
||||
matrix
|
||||
mini_mime (>= 0.1.3)
|
||||
nokogiri (~> 1.8)
|
||||
rack (>= 1.6.0)
|
||||
rack-test (>= 0.6.3)
|
||||
regexp_parser (>= 1.5, < 3.0)
|
||||
xpath (~> 3.2)
|
||||
capybara-email (3.0.2)
|
||||
capybara (>= 2.4, < 4.0)
|
||||
mail
|
||||
capybara-screenshot (1.0.26)
|
||||
capybara (>= 1.0, < 4)
|
||||
launchy
|
||||
case_transform (0.2)
|
||||
activesupport
|
||||
caxlsx (3.1.0)
|
||||
htmlentities (~> 4.3, >= 4.3.4)
|
||||
marcel (~> 1.0)
|
||||
nokogiri (~> 1.10, >= 1.10.4)
|
||||
rubyzip (>= 1.3.0, < 3)
|
||||
charlock_holmes (0.7.7)
|
||||
chartkick (4.1.3)
|
||||
choice (0.2.0)
|
||||
chunky_png (1.4.0)
|
||||
clamav-client (3.2.0)
|
||||
coderay (1.1.3)
|
||||
coercible (1.0.0)
|
||||
descendants_tracker (~> 0.0.1)
|
||||
concurrent-ruby (1.2.2)
|
||||
connection_pool (2.4.1)
|
||||
content_disposition (1.0.0)
|
||||
crack (0.4.5)
|
||||
rexml
|
||||
crass (1.0.6)
|
||||
css_parser (1.9.0)
|
||||
addressable
|
||||
daemons (1.3.1)
|
||||
date (3.3.3)
|
||||
deep_cloneable (3.2.0)
|
||||
activerecord (>= 3.1.0, < 8)
|
||||
delayed_cron_job (0.7.4)
|
||||
delayed_job (>= 4.1)
|
||||
delayed_job (4.1.11)
|
||||
activesupport (>= 3.0, < 8.0)
|
||||
delayed_job_active_record (4.1.7)
|
||||
activerecord (>= 3.0, < 8.0)
|
||||
delayed_job (>= 3.0, < 5)
|
||||
delayed_job_web (1.4.4)
|
||||
activerecord (> 3.0.0)
|
||||
delayed_job (> 2.0.3)
|
||||
rack-protection (>= 1.5.5)
|
||||
sinatra (>= 1.4.4)
|
||||
descendants_tracker (0.0.4)
|
||||
thread_safe (~> 0.3, >= 0.3.1)
|
||||
devise (4.9.2)
|
||||
bcrypt (~> 3.0)
|
||||
orm_adapter (~> 0.1)
|
||||
railties (>= 4.1.0)
|
||||
responders
|
||||
warden (~> 1.2.3)
|
||||
devise-i18n (1.9.2)
|
||||
devise (>= 4.7.1)
|
||||
devise-two-factor (5.0.0)
|
||||
activesupport (~> 7.0)
|
||||
devise (~> 4.0)
|
||||
railties (~> 7.0)
|
||||
rotp (~> 6.0)
|
||||
diff-lcs (1.5.0)
|
||||
discard (1.2.1)
|
||||
activerecord (>= 4.2, < 8)
|
||||
domain_name (0.5.20190701)
|
||||
unf (>= 0.0.5, < 1.0.0)
|
||||
dotenv (2.7.6)
|
||||
dotenv-rails (2.7.6)
|
||||
dotenv (= 2.7.6)
|
||||
railties (>= 3.2)
|
||||
dry-cli (1.0.0)
|
||||
dry-core (1.0.0)
|
||||
concurrent-ruby (~> 1.0)
|
||||
zeitwerk (~> 2.6)
|
||||
dry-inflector (0.2.0)
|
||||
dry-monads (1.6.0)
|
||||
concurrent-ruby (~> 1.0)
|
||||
dry-core (~> 1.0, < 2)
|
||||
zeitwerk (~> 2.6)
|
||||
dumb_delegator (1.0.0)
|
||||
ecma-re-validator (0.3.0)
|
||||
regexp_parser (~> 2.0)
|
||||
elastic-apm (4.6.0)
|
||||
concurrent-ruby (~> 1.0)
|
||||
http (>= 3.0)
|
||||
ruby2_keywords
|
||||
erubi (1.12.0)
|
||||
et-orbi (1.2.4)
|
||||
tzinfo
|
||||
ethon (0.15.0)
|
||||
ffi (>= 1.15.0)
|
||||
excon (0.102.0)
|
||||
factory_bot (6.1.0)
|
||||
activesupport (>= 5.0.0)
|
||||
ffi (1.15.5)
|
||||
ffi-compiler (1.0.1)
|
||||
ffi (>= 1.0.0)
|
||||
rake
|
||||
flipper (0.26.0)
|
||||
concurrent-ruby (< 2)
|
||||
flipper-active_record (0.26.0)
|
||||
activerecord (>= 4.2, < 8)
|
||||
flipper (~> 0.26.0)
|
||||
flipper-ui (0.26.0)
|
||||
erubi (>= 1.0.0, < 2.0.0)
|
||||
flipper (~> 0.26.0)
|
||||
rack (>= 1.4, < 3)
|
||||
rack-protection (>= 1.5.3, <= 4.0.0)
|
||||
sanitize (< 7)
|
||||
fog-core (2.3.0)
|
||||
builder
|
||||
excon (~> 0.71)
|
||||
formatador (>= 0.2, < 2.0)
|
||||
mime-types
|
||||
fog-json (1.2.0)
|
||||
fog-core
|
||||
multi_json (~> 1.10)
|
||||
fog-openstack (1.1.0)
|
||||
fog-core (~> 2.1)
|
||||
fog-json (>= 1.0)
|
||||
formatador (1.1.0)
|
||||
fugit (1.4.2)
|
||||
et-orbi (~> 1.1, >= 1.1.8)
|
||||
raabro (~> 1.4)
|
||||
geo_coord (0.2.0)
|
||||
geocoder (1.6.5)
|
||||
globalid (1.2.1)
|
||||
activesupport (>= 6.1)
|
||||
gon (6.4.0)
|
||||
actionpack (>= 3.0.20)
|
||||
i18n (>= 0.7)
|
||||
multi_json
|
||||
request_store (>= 1.0)
|
||||
graphql (2.0.15)
|
||||
graphql-batch (0.5.1)
|
||||
graphql (>= 1.10, < 3)
|
||||
promise.rb (~> 0.7.2)
|
||||
graphql-rails_logger (1.2.3)
|
||||
actionpack (> 5.0)
|
||||
activesupport (> 5.0)
|
||||
railties (> 5.0)
|
||||
rouge (~> 3.0)
|
||||
graphql-schema_comparator (1.1.2)
|
||||
bundler (>= 1.14)
|
||||
graphql (>= 1.10, < 3.0)
|
||||
thor (>= 0.19, < 2.0)
|
||||
groupdate (5.2.2)
|
||||
activesupport (>= 5)
|
||||
haml (6.0.5)
|
||||
temple (>= 0.8.2)
|
||||
thor
|
||||
tilt
|
||||
haml-lint (0.999.999)
|
||||
haml_lint
|
||||
haml-rails (2.1.0)
|
||||
actionpack (>= 5.1)
|
||||
activesupport (>= 5.1)
|
||||
haml (>= 4.0.6)
|
||||
railties (>= 5.1)
|
||||
haml_lint (0.42.0)
|
||||
haml (>= 4.0, < 6.1)
|
||||
parallel (~> 1.10)
|
||||
rainbow
|
||||
rubocop (>= 0.50.0)
|
||||
sysexits (~> 1.1)
|
||||
hana (1.3.7)
|
||||
hashdiff (1.0.1)
|
||||
hashie (4.1.0)
|
||||
highline (2.0.3)
|
||||
html_tokenizer (0.0.7)
|
||||
htmlentities (4.3.4)
|
||||
http (5.1.1)
|
||||
addressable (~> 2.8)
|
||||
http-cookie (~> 1.0)
|
||||
http-form_data (~> 2.2)
|
||||
llhttp-ffi (~> 0.4.0)
|
||||
http-accept (1.7.0)
|
||||
http-cookie (1.0.3)
|
||||
domain_name (~> 0.5)
|
||||
http-form_data (2.3.0)
|
||||
http_accept_language (2.1.1)
|
||||
httpclient (2.8.3)
|
||||
i18n (1.14.1)
|
||||
concurrent-ruby (~> 1.0)
|
||||
i18n-tasks (1.0.9)
|
||||
activesupport (>= 4.0.2)
|
||||
ast (>= 2.1.0)
|
||||
better_html (~> 1.0)
|
||||
erubi
|
||||
highline (>= 2.0.0)
|
||||
i18n
|
||||
parser (>= 2.2.3.0)
|
||||
rails-i18n
|
||||
rainbow (>= 2.2.2, < 4.0)
|
||||
terminal-table (>= 1.5.1)
|
||||
i18n_data (0.13.0)
|
||||
iban-tools (1.1.0)
|
||||
ice_nine (0.11.2)
|
||||
image_processing (1.12.2)
|
||||
mini_magick (>= 4.9.5, < 5)
|
||||
ruby-vips (>= 2.0.17, < 3)
|
||||
invisible_captcha (2.0.0)
|
||||
rails (>= 5.0)
|
||||
jmespath (1.6.2)
|
||||
jquery-rails (4.5.1)
|
||||
rails-dom-testing (>= 1, < 3)
|
||||
railties (>= 4.2.0)
|
||||
thor (>= 0.14, < 2.0)
|
||||
json (2.5.1)
|
||||
json-jwt (1.13.0)
|
||||
activesupport (>= 4.2)
|
||||
aes_key_wrap
|
||||
bindata
|
||||
json_schemer (0.2.17)
|
||||
ecma-re-validator (~> 0.3)
|
||||
hana (~> 1.3)
|
||||
regexp_parser (~> 2.0)
|
||||
uri_template (~> 0.7)
|
||||
jsonapi-renderer (0.2.2)
|
||||
jwt (2.3.0)
|
||||
kaminari (1.2.2)
|
||||
activesupport (>= 4.1.0)
|
||||
kaminari-actionview (= 1.2.2)
|
||||
kaminari-activerecord (= 1.2.2)
|
||||
kaminari-core (= 1.2.2)
|
||||
kaminari-actionview (1.2.2)
|
||||
actionview
|
||||
kaminari-core (= 1.2.2)
|
||||
kaminari-activerecord (1.2.2)
|
||||
activerecord
|
||||
kaminari-core (= 1.2.2)
|
||||
kaminari-core (1.2.2)
|
||||
launchy (2.5.0)
|
||||
addressable (~> 2.7)
|
||||
letter_opener (1.7.0)
|
||||
launchy (~> 2.2)
|
||||
letter_opener_web (1.4.0)
|
||||
actionmailer (>= 3.2)
|
||||
letter_opener (~> 1.0)
|
||||
railties (>= 3.2)
|
||||
listen (3.8.0)
|
||||
rb-fsevent (~> 0.10, >= 0.10.3)
|
||||
rb-inotify (~> 0.9, >= 0.9.10)
|
||||
llhttp-ffi (0.4.0)
|
||||
ffi-compiler (~> 1.0)
|
||||
rake (~> 13.0)
|
||||
lograge (0.11.2)
|
||||
actionpack (>= 4)
|
||||
activesupport (>= 4)
|
||||
railties (>= 4)
|
||||
request_store (~> 1.0)
|
||||
logstash-event (1.2.02)
|
||||
loofah (2.21.3)
|
||||
crass (~> 1.0.2)
|
||||
nokogiri (>= 1.12.0)
|
||||
mail (2.8.1)
|
||||
mini_mime (>= 0.1.1)
|
||||
net-imap
|
||||
net-pop
|
||||
net-smtp
|
||||
mailjet (1.6.0)
|
||||
activesupport (>= 3.1.0)
|
||||
rack (>= 1.4.0)
|
||||
rest-client (>= 2.0.0)
|
||||
marcel (1.0.2)
|
||||
matrix (0.4.2)
|
||||
memory_profiler (1.0.0)
|
||||
method_source (1.0.0)
|
||||
mime-types (3.5.1)
|
||||
mime-types-data (~> 3.2015)
|
||||
mime-types-data (3.2023.0808)
|
||||
mina (1.2.4)
|
||||
open4 (~> 1.3.4)
|
||||
rake
|
||||
mini_magick (4.11.0)
|
||||
mini_mime (1.1.5)
|
||||
mini_portile2 (2.8.4)
|
||||
minitest (5.20.0)
|
||||
msgpack (1.4.2)
|
||||
multi_json (1.15.0)
|
||||
mustermann (3.0.0)
|
||||
ruby2_keywords (~> 0.0.1)
|
||||
net-imap (0.3.7)
|
||||
date
|
||||
net-protocol
|
||||
net-pop (0.1.2)
|
||||
net-protocol
|
||||
net-protocol (0.2.1)
|
||||
timeout
|
||||
net-smtp (0.3.3)
|
||||
net-protocol
|
||||
netrc (0.11.0)
|
||||
nio4r (2.5.9)
|
||||
nokogiri (1.15.4)
|
||||
mini_portile2 (~> 2.8.2)
|
||||
racc (~> 1.4)
|
||||
open4 (1.3.4)
|
||||
openid_connect (1.3.0)
|
||||
activemodel
|
||||
attr_required (>= 1.0.0)
|
||||
json-jwt (>= 1.5.0)
|
||||
rack-oauth2 (>= 1.6.1)
|
||||
swd (>= 1.0.0)
|
||||
tzinfo
|
||||
validate_email
|
||||
validate_url
|
||||
webfinger (>= 1.0.1)
|
||||
orm_adapter (0.5.0)
|
||||
parallel (1.23.0)
|
||||
parsby (1.1.1)
|
||||
parser (3.2.2.0)
|
||||
ast (~> 2.4.1)
|
||||
pdf-core (0.9.0)
|
||||
pg (1.4.6)
|
||||
phonelib (0.6.53)
|
||||
prawn (2.4.0)
|
||||
pdf-core (~> 0.9.0)
|
||||
ttfunk (~> 1.7)
|
||||
prawn-rails (1.3.0)
|
||||
prawn
|
||||
prawn-table
|
||||
rails (>= 3.1.0)
|
||||
prawn-table (0.2.2)
|
||||
prawn (>= 1.3.0, < 3.0.0)
|
||||
premailer (1.14.2)
|
||||
addressable
|
||||
css_parser (>= 1.6.0)
|
||||
htmlentities (>= 4.0.0)
|
||||
premailer-rails (1.11.1)
|
||||
actionmailer (>= 3)
|
||||
premailer (~> 1.7, >= 1.7.9)
|
||||
promise.rb (0.7.4)
|
||||
pry (0.14.2)
|
||||
coderay (~> 1.1)
|
||||
method_source (~> 1.0)
|
||||
pry-byebug (3.10.1)
|
||||
byebug (~> 11.0)
|
||||
pry (>= 0.13, < 0.15)
|
||||
pry-rails (0.3.9)
|
||||
pry (>= 0.10.4)
|
||||
public_suffix (5.0.1)
|
||||
puma (6.3.1)
|
||||
nio4r (~> 2.0)
|
||||
pundit (2.2.0)
|
||||
activesupport (>= 3.0.0)
|
||||
raabro (1.4.0)
|
||||
racc (1.7.1)
|
||||
rack (2.2.8)
|
||||
rack-attack (6.5.0)
|
||||
rack (>= 1.0, < 3)
|
||||
rack-mini-profiler (3.0.0)
|
||||
rack (>= 1.2.0)
|
||||
rack-oauth2 (1.19.0)
|
||||
activesupport
|
||||
attr_required
|
||||
httpclient
|
||||
json-jwt (>= 1.11.0)
|
||||
rack (>= 2.1.0)
|
||||
rack-protection (3.0.5)
|
||||
rack
|
||||
rack-proxy (0.7.6)
|
||||
rack
|
||||
rack-test (2.1.0)
|
||||
rack (>= 1.3)
|
||||
rack_session_access (0.2.0)
|
||||
builder (>= 2.0.0)
|
||||
rack (>= 1.0.0)
|
||||
rails (7.0.7.2)
|
||||
actioncable (= 7.0.7.2)
|
||||
actionmailbox (= 7.0.7.2)
|
||||
actionmailer (= 7.0.7.2)
|
||||
actionpack (= 7.0.7.2)
|
||||
actiontext (= 7.0.7.2)
|
||||
actionview (= 7.0.7.2)
|
||||
activejob (= 7.0.7.2)
|
||||
activemodel (= 7.0.7.2)
|
||||
activerecord (= 7.0.7.2)
|
||||
activestorage (= 7.0.7.2)
|
||||
activesupport (= 7.0.7.2)
|
||||
bundler (>= 1.15.0)
|
||||
railties (= 7.0.7.2)
|
||||
rails-controller-testing (1.0.5)
|
||||
actionpack (>= 5.0.1.rc1)
|
||||
actionview (>= 5.0.1.rc1)
|
||||
activesupport (>= 5.0.1.rc1)
|
||||
rails-dom-testing (2.2.0)
|
||||
activesupport (>= 5.0.0)
|
||||
minitest
|
||||
nokogiri (>= 1.6)
|
||||
rails-erd (1.6.1)
|
||||
activerecord (>= 4.2)
|
||||
activesupport (>= 4.2)
|
||||
choice (~> 0.2.0)
|
||||
ruby-graphviz (~> 1.2)
|
||||
rails-html-sanitizer (1.6.0)
|
||||
loofah (~> 2.21)
|
||||
nokogiri (~> 1.14)
|
||||
rails-i18n (7.0.3)
|
||||
i18n (>= 0.7, < 2)
|
||||
railties (>= 6.0.0, < 8)
|
||||
railties (7.0.7.2)
|
||||
actionpack (= 7.0.7.2)
|
||||
activesupport (= 7.0.7.2)
|
||||
method_source
|
||||
rake (>= 12.2)
|
||||
thor (~> 1.0)
|
||||
zeitwerk (~> 2.5)
|
||||
rainbow (3.1.1)
|
||||
rake (13.0.6)
|
||||
rake-progressbar (0.0.5)
|
||||
rb-fsevent (0.11.2)
|
||||
rb-inotify (0.10.1)
|
||||
ffi (~> 1.0)
|
||||
redcarpet (3.6.0)
|
||||
redis (5.0.6)
|
||||
redis-client (>= 0.9.0)
|
||||
redis-client (0.14.1)
|
||||
connection_pool
|
||||
regexp_parser (2.8.1)
|
||||
request_store (1.5.0)
|
||||
rack (>= 1.4)
|
||||
responders (3.1.0)
|
||||
actionpack (>= 5.2)
|
||||
railties (>= 5.2)
|
||||
rest-client (2.1.0)
|
||||
http-accept (>= 1.7.0, < 2.0)
|
||||
http-cookie (>= 1.0.2, < 2.0)
|
||||
mime-types (>= 1.16, < 4.0)
|
||||
netrc (~> 0.8)
|
||||
rexml (3.2.5)
|
||||
rodf (1.1.1)
|
||||
builder (>= 3.0)
|
||||
dry-inflector (~> 0.1)
|
||||
rubyzip (>= 1.0)
|
||||
rotp (6.2.2)
|
||||
rouge (3.30.0)
|
||||
rqrcode (1.2.0)
|
||||
chunky_png (~> 1.0)
|
||||
rqrcode_core (~> 0.2)
|
||||
rqrcode_core (0.2.0)
|
||||
rspec-core (3.12.2)
|
||||
rspec-support (~> 3.12.0)
|
||||
rspec-expectations (3.12.3)
|
||||
diff-lcs (>= 1.2.0, < 2.0)
|
||||
rspec-support (~> 3.12.0)
|
||||
rspec-mocks (3.12.5)
|
||||
diff-lcs (>= 1.2.0, < 2.0)
|
||||
rspec-support (~> 3.12.0)
|
||||
rspec-rails (6.0.1)
|
||||
actionpack (>= 6.1)
|
||||
activesupport (>= 6.1)
|
||||
railties (>= 6.1)
|
||||
rspec-core (~> 3.11)
|
||||
rspec-expectations (~> 3.11)
|
||||
rspec-mocks (~> 3.11)
|
||||
rspec-support (~> 3.11)
|
||||
rspec-retry (0.6.2)
|
||||
rspec-core (> 3.3)
|
||||
rspec-support (3.12.0)
|
||||
rspec_junit_formatter (0.4.1)
|
||||
rspec-core (>= 2, < 4, != 2.12.0)
|
||||
rubocop (1.50.2)
|
||||
json (~> 2.3)
|
||||
parallel (~> 1.10)
|
||||
parser (>= 3.2.0.0)
|
||||
rainbow (>= 2.2.2, < 4.0)
|
||||
regexp_parser (>= 1.8, < 3.0)
|
||||
rexml (>= 3.2.5, < 4.0)
|
||||
rubocop-ast (>= 1.28.0, < 2.0)
|
||||
ruby-progressbar (~> 1.7)
|
||||
unicode-display_width (>= 2.4.0, < 3.0)
|
||||
rubocop-ast (1.28.0)
|
||||
parser (>= 3.2.1.0)
|
||||
rubocop-capybara (2.17.1)
|
||||
rubocop (~> 1.41)
|
||||
rubocop-performance (1.17.1)
|
||||
rubocop (>= 1.7.0, < 2.0)
|
||||
rubocop-ast (>= 0.4.0)
|
||||
rubocop-rails (2.19.1)
|
||||
activesupport (>= 4.2.0)
|
||||
rack (>= 1.1)
|
||||
rubocop (>= 1.33.0, < 2.0)
|
||||
rubocop-rspec (2.20.0)
|
||||
rubocop (~> 1.33)
|
||||
rubocop-capybara (~> 2.17)
|
||||
ruby-graphviz (1.2.5)
|
||||
rexml
|
||||
ruby-progressbar (1.13.0)
|
||||
ruby-vips (2.1.4)
|
||||
ffi (~> 1.12)
|
||||
ruby2_keywords (0.0.5)
|
||||
rubyzip (2.3.2)
|
||||
saml_idp (0.14.0)
|
||||
activesupport (>= 5.2)
|
||||
builder (>= 3.0)
|
||||
nokogiri (>= 1.6.2)
|
||||
rexml
|
||||
xmlenc (>= 0.7.1)
|
||||
sanitize (6.0.2)
|
||||
crass (~> 1.0.2)
|
||||
nokogiri (>= 1.12.0)
|
||||
sass (3.7.4)
|
||||
sass-listen (~> 4.0.0)
|
||||
sass-listen (4.0.0)
|
||||
rb-fsevent (~> 0.9, >= 0.9.4)
|
||||
rb-inotify (~> 0.9, >= 0.9.7)
|
||||
sassc (2.4.0)
|
||||
ffi (~> 1.9)
|
||||
sassc-rails (2.1.2)
|
||||
railties (>= 4.0.0)
|
||||
sassc (>= 2.0)
|
||||
sprockets (> 3.0)
|
||||
sprockets-rails
|
||||
tilt
|
||||
scss_lint (0.59.0)
|
||||
sass (~> 3.5, >= 3.5.5)
|
||||
selectize-rails (0.12.6)
|
||||
selenium-devtools (0.114.0)
|
||||
selenium-webdriver (~> 4.2)
|
||||
selenium-webdriver (4.10.0)
|
||||
rexml (~> 3.2, >= 3.2.5)
|
||||
rubyzip (>= 1.2.2, < 3.0)
|
||||
websocket (~> 1.0)
|
||||
sentry-delayed_job (5.9.0)
|
||||
delayed_job (>= 4.0)
|
||||
sentry-ruby (~> 5.9.0)
|
||||
sentry-rails (5.9.0)
|
||||
railties (>= 5.0)
|
||||
sentry-ruby (~> 5.9.0)
|
||||
sentry-ruby (5.9.0)
|
||||
concurrent-ruby (~> 1.0, >= 1.0.2)
|
||||
shoulda-matchers (4.5.1)
|
||||
activesupport (>= 4.2.0)
|
||||
sib-api-v3-sdk (7.4.0)
|
||||
json (~> 2.1, >= 2.1.0)
|
||||
typhoeus (~> 1.0, >= 1.0.1)
|
||||
simple_xlsx_reader (1.0.4)
|
||||
nokogiri
|
||||
rubyzip
|
||||
sinatra (3.0.5)
|
||||
mustermann (~> 3.0)
|
||||
rack (~> 2.2, >= 2.2.4)
|
||||
rack-protection (= 3.0.5)
|
||||
tilt (~> 2.0)
|
||||
skylight (6.0.1)
|
||||
activesupport (>= 5.2.0)
|
||||
smart_properties (1.17.0)
|
||||
spreadsheet_architect (4.1.0)
|
||||
axlsx_styler (>= 1.0.0, < 2)
|
||||
caxlsx (>= 2.0.2, < 4)
|
||||
rodf (>= 1.0.0, < 2)
|
||||
spring (4.1.1)
|
||||
spring-commands-rspec (1.0.4)
|
||||
spring (>= 0.9.1)
|
||||
sprockets (4.2.0)
|
||||
concurrent-ruby (~> 1.0)
|
||||
rack (>= 2.2.4, < 4)
|
||||
sprockets-rails (3.4.2)
|
||||
actionpack (>= 5.2)
|
||||
activesupport (>= 5.2)
|
||||
sprockets (>= 3.0.0)
|
||||
stackprof (0.2.21)
|
||||
strong_migrations (0.8.0)
|
||||
activerecord (>= 5.2)
|
||||
swd (1.3.0)
|
||||
activesupport (>= 3)
|
||||
attr_required (>= 0.0.5)
|
||||
httpclient (>= 2.4)
|
||||
sysexits (1.2.0)
|
||||
temple (0.8.2)
|
||||
terminal-table (3.0.2)
|
||||
unicode-display_width (>= 1.1.1, < 3)
|
||||
thor (1.2.2)
|
||||
thread_safe (0.3.6)
|
||||
tilt (2.0.11)
|
||||
timecop (0.9.4)
|
||||
timeout (0.4.0)
|
||||
ttfunk (1.7.0)
|
||||
turbo-rails (1.3.2)
|
||||
actionpack (>= 6.0.0)
|
||||
activejob (>= 6.0.0)
|
||||
railties (>= 6.0.0)
|
||||
typhoeus (1.4.0)
|
||||
ethon (>= 0.9.0)
|
||||
tzinfo (2.0.6)
|
||||
concurrent-ruby (~> 1.0)
|
||||
ulid-ruby (1.0.2)
|
||||
unf (0.1.4)
|
||||
unf_ext
|
||||
unf_ext (0.0.7.7)
|
||||
unicode-display_width (2.4.2)
|
||||
uri_template (0.7.0)
|
||||
validate_email (0.1.6)
|
||||
activemodel (>= 3.0)
|
||||
mail (>= 2.2.5)
|
||||
validate_url (1.0.13)
|
||||
activemodel (>= 3.0.0)
|
||||
public_suffix
|
||||
vcr (6.1.0)
|
||||
view_component (2.82.0)
|
||||
activesupport (>= 5.2.0, < 8.0)
|
||||
concurrent-ruby (~> 1.0)
|
||||
method_source (~> 1.0)
|
||||
virtus (2.0.0)
|
||||
axiom-types (~> 0.1)
|
||||
coercible (~> 1.0)
|
||||
descendants_tracker (~> 0.0, >= 0.0.3)
|
||||
vite_rails (3.0.14)
|
||||
railties (>= 5.1, < 8)
|
||||
vite_ruby (~> 3.0, >= 3.2.2)
|
||||
vite_ruby (3.3.1)
|
||||
dry-cli (>= 0.7, < 2)
|
||||
rack-proxy (~> 0.6, >= 0.6.1)
|
||||
zeitwerk (~> 2.2)
|
||||
warden (1.2.9)
|
||||
rack (>= 2.0.9)
|
||||
watir (6.19.1)
|
||||
regexp_parser (>= 1.2, < 3)
|
||||
selenium-webdriver (>= 3.142.7)
|
||||
web-console (4.1.0)
|
||||
actionview (>= 6.0.0)
|
||||
activemodel (>= 6.0.0)
|
||||
bindex (>= 0.4.0)
|
||||
railties (>= 6.0.0)
|
||||
webfinger (1.2.0)
|
||||
activesupport
|
||||
httpclient (>= 2.4)
|
||||
webmock (3.11.2)
|
||||
addressable (>= 2.3.6)
|
||||
crack (>= 0.3.2)
|
||||
hashdiff (>= 0.4.0, < 2.0.0)
|
||||
websocket (1.2.9)
|
||||
websocket-driver (0.7.6)
|
||||
websocket-extensions (>= 0.1.0)
|
||||
websocket-extensions (0.1.5)
|
||||
xmlenc (0.8.0)
|
||||
activemodel (>= 3.0.0)
|
||||
activesupport (>= 3.0.0)
|
||||
nokogiri (>= 1.6.0, < 2.0.0)
|
||||
xmlmapper (>= 0.7.3)
|
||||
xmlmapper (0.8.1)
|
||||
nokogiri (~> 1.11)
|
||||
xpath (3.2.0)
|
||||
nokogiri (~> 1.8)
|
||||
zeitwerk (2.6.11)
|
||||
zip_tricks (5.6.0)
|
||||
zipline (1.4.1)
|
||||
actionpack (>= 6.0, < 8.0)
|
||||
content_disposition (~> 1.0)
|
||||
zip_tricks (>= 4.2.1, < 6.0)
|
||||
zxcvbn-ruby (1.2.0)
|
||||
|
||||
PLATFORMS
|
||||
ruby
|
||||
|
||||
DEPENDENCIES
|
||||
aasm
|
||||
acsv
|
||||
active_link_to
|
||||
active_model_serializers
|
||||
active_storage_validations
|
||||
activestorage-openstack
|
||||
addressable
|
||||
administrate
|
||||
administrate-field-enum
|
||||
after_party
|
||||
anchored
|
||||
aws-sdk-s3
|
||||
axe-core-rspec
|
||||
bcrypt
|
||||
bootsnap (>= 1.4.4)
|
||||
brakeman
|
||||
browser
|
||||
capybara
|
||||
capybara-email
|
||||
capybara-screenshot
|
||||
charlock_holmes
|
||||
chartkick
|
||||
chunky_png
|
||||
clamav-client
|
||||
daemons
|
||||
deep_cloneable
|
||||
delayed_cron_job
|
||||
delayed_job_active_record
|
||||
delayed_job_web
|
||||
devise
|
||||
devise-i18n
|
||||
devise-two-factor
|
||||
discard
|
||||
dotenv-rails
|
||||
dry-monads
|
||||
elastic-apm
|
||||
factory_bot
|
||||
flipper
|
||||
flipper-active_record
|
||||
flipper-ui
|
||||
fugit
|
||||
geo_coord
|
||||
geocoder
|
||||
gon
|
||||
graphql
|
||||
graphql-batch
|
||||
graphql-rails_logger
|
||||
graphql-schema_comparator
|
||||
groupdate
|
||||
haml-lint
|
||||
haml-rails
|
||||
hashie
|
||||
http_accept_language
|
||||
i18n-tasks
|
||||
i18n_data
|
||||
iban-tools
|
||||
image_processing
|
||||
invisible_captcha
|
||||
json_schemer
|
||||
jwt
|
||||
kaminari
|
||||
launchy
|
||||
letter_opener_web
|
||||
listen
|
||||
lograge
|
||||
logstash-event
|
||||
mailjet
|
||||
matrix
|
||||
memory_profiler
|
||||
mina
|
||||
mini_magick
|
||||
net-imap
|
||||
net-pop
|
||||
net-smtp
|
||||
openid_connect
|
||||
parsby
|
||||
pg
|
||||
phonelib
|
||||
prawn-rails
|
||||
premailer-rails
|
||||
pry-byebug
|
||||
pry-rails
|
||||
puma
|
||||
pundit
|
||||
rack-attack
|
||||
rack-mini-profiler
|
||||
rack_session_access
|
||||
rails (~> 7.0.5)
|
||||
rails-controller-testing
|
||||
rails-erd
|
||||
rails-i18n
|
||||
rake-progressbar
|
||||
redcarpet
|
||||
redis
|
||||
rexml
|
||||
rqrcode
|
||||
rspec-rails
|
||||
rspec-retry
|
||||
rspec_junit_formatter
|
||||
rubocop
|
||||
rubocop-performance
|
||||
rubocop-rails
|
||||
rubocop-rspec
|
||||
saml_idp
|
||||
sassc-rails
|
||||
scss_lint
|
||||
selenium-devtools
|
||||
selenium-webdriver
|
||||
sentry-delayed_job
|
||||
sentry-rails
|
||||
sentry-ruby
|
||||
shoulda-matchers
|
||||
sib-api-v3-sdk
|
||||
simple_xlsx_reader
|
||||
skylight
|
||||
spreadsheet_architect
|
||||
spring
|
||||
spring-commands-rspec
|
||||
stackprof
|
||||
strong_migrations
|
||||
timecop
|
||||
turbo-rails
|
||||
typhoeus
|
||||
ulid-ruby
|
||||
vcr
|
||||
view_component
|
||||
vite_rails
|
||||
warden
|
||||
web-console
|
||||
webmock
|
||||
zipline
|
||||
zxcvbn-ruby
|
||||
|
||||
BUNDLED WITH
|
||||
2.4.19
|
||||
|
3338
machines/compute01/ds-fr/package/rubyEnv/gemset.nix
Normal file
3338
machines/compute01/ds-fr/package/rubyEnv/gemset.nix
Normal file
File diff suppressed because it is too large
Load diff
47
machines/compute01/ds-fr/package/update.sh
Executable file
47
machines/compute01/ds-fr/package/update.sh
Executable file
|
@ -0,0 +1,47 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
version=
|
||||
gitArgs=
|
||||
|
||||
while [ "$#" -gt 0 ]; do
|
||||
i="$1"
|
||||
shift 1
|
||||
case "$i" in
|
||||
--version|-v)
|
||||
version="$1"
|
||||
shift 1
|
||||
;;
|
||||
--git-args)
|
||||
gitArgs="$gitArgs $1"
|
||||
shift 1
|
||||
;;
|
||||
*)
|
||||
echo "$0: unknown option \`$i'"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done
|
||||
|
||||
# Create a working environment
|
||||
CWD=$(pwd)
|
||||
|
||||
TMP=$(mktemp -d)
|
||||
cd "$TMP"
|
||||
|
||||
# Fetch the latest source or the required version
|
||||
gitUrl="https://github.com/demarches-simplifiees/demarches-simplifiees.fr.git"
|
||||
|
||||
if [ -n "$version" ]; then
|
||||
git clone --depth 1 --branch $version $gitUrl .
|
||||
else
|
||||
git clone --depth 1 $gitUrl .
|
||||
fi
|
||||
|
||||
# Generate gemset.nix
|
||||
nix-shell -p bundix --run "bundix -l"
|
||||
|
||||
# Copy the new files
|
||||
cp gemset.nix Gemfile Gemfile.lock "$CWD/rubyEnv/"
|
||||
|
||||
# Print the new source details
|
||||
nix-shell -p nurl --run "nurl $gitUrl $version"
|
|
@ -5,7 +5,7 @@ let
|
|||
|
||||
cert = config.security.acme.certs.${domain};
|
||||
|
||||
allowedSubDomains = [ "cloud" "git" "videos" "social" ];
|
||||
allowedSubDomains = [ "cloud" "git" "videos" "social" "demarches" ];
|
||||
in {
|
||||
services.kanidm = {
|
||||
enableServer = true;
|
||||
|
|
BIN
machines/compute01/secrets/ds_fr-secret_file
Normal file
BIN
machines/compute01/secrets/ds_fr-secret_file
Normal file
Binary file not shown.
|
@ -4,6 +4,7 @@ let
|
|||
in
|
||||
|
||||
lib.setDefault { inherit publicKeys; } [
|
||||
"ds_fr-secret_file"
|
||||
"mastodon-extra_env_file"
|
||||
"nextcloud-adminpass_file"
|
||||
"nextcloud-s3_secret_file"
|
||||
|
|
Loading…
Reference in a new issue