Fix docker-compose sometimes failing to restart the app. Puma's pidfile
was stored in /tmp, which was persisted across restarts, which caused
restarts to fail because the pidfile already existed. The fix is to
mount /tmp as a tmpfs.
Fix an issue where the New Relic agent always started in the production
environment, even when a license key wasn't configured.
Also make the New Relic agent log to stdout instead of log/newrelic_agent.log.
Use the prebuilt Docker images instead of building them locally in the
Docker Compose script. This is faster, but it means that local changes
to the code will be ignored.
* Fix installing the wrong Docker package on Ubuntu.
* Fix the package install steps asking for confirmation.
* Fix missing sudo calls in a couple places.
Fix the quickstart command in the README not working for Ubuntu 18.04.
This was because the Docker Compose file was set to version 3.7, but
Ubuntu 18.04 ships an older version of Docker Compose that only supports
version 3.4.
When a user tries to change their email, redirect them to the confirm
password page (like Github's sudo mode) instead of having them re-enter
their password on the change email page. This is the same thing we do
when a user updates their API keys. This way we have can use the same
confirm password authentication flow for everything that needs a
password.
* Show the ban length instead of the ban expiration date in ban notices.
* Fix the ban notice to not say "Your account has been temporarily
banned" when it's a permanent ban.
Show the HTTP request headers and the client IP on the /status page.
This is for debugging request headers added by reverse proxies such as
Cloudflare and Nginx, and for making sure the client IP is correctly set
by the X-Forwarded-For header.
Fix the ca-certificates package not being installed inside the base
Docker image. This caused uploads from HTTPS sites to fail because TLS
certificates couldn't be validated.
Allow specifying the location of the `config/danbooru_local_config.rb`
file with the DANBOORU_CONFIG_FILE environment variable. For example:
DANBOORU_CONFIG_FILE=/etc/danbooru/danbooru_local_config.rb bin/rails server
This is useful in Kubernetes because it lets us mount a directory
containing the config file without it clobbering everything else in the
config/ directory.
Bug: if someone ran server with RAILS_ENV=production, but tried to
access the site under http://, then logging in didn't work. This was
because we set the `secure` flag on cookies when running in the
production environment, because we assumed that in production you were
using HTTPS. If you weren't using HTTPS, then the `secure` flag
prevented session cookies from being sent under http://.
The default now is to use http:// instead of https:// for the
`canonical_url` option.
If you run a Danbooru instance, and you use HTTPS, you will have to
change the `canonical_url` config option to "https://www.mybooru.com".
There used to be about 1000 posts with a .jpeg file extension instead of
.jpg. These posts have been fixed manually, so we no longer have to
check for this any more.
Downgrade Webpack from 5.28.0 to 5.26.3. Breakage was introduced at
5.27.0. It's unclear if this is a regression of issue 12742 in Webpack
or if we're doing something else wrong.
hxxps://github.com-webpack-webpack-issues-12742
hxxps://github.com-webpack-webpack-issues-12851
Fix issue mentioned in 55980c6fb with Javascript spazzing out on Flash
posts and randomly triggering keyboard shortcuts.
The bug was calling `javascript_pack_tag` twice. This caused the
runtime Javascript chunk to be loaded twice, caused a lot of Javascript
errors that somehow resulted in keyboard shortcuts being triggered.
The fix is to combine both calls into `javascript_pack_tag "application", "flash"`.
hxxps://github.com.rails.webpacker.issues.2932
Flash is dead. It's no longer supported by browsers, it's not
well-supported by emulators, and only two Flash posts were uploaded in
the last year anyway. Old Flash files will continue to exist, but new
Flash uploads will no longer be allowed.
