I have log_level that has a default of 'info'. But I see emails that are sent being logged. How can I turn this off only for emails?
This is inside my config/application.rb:
# See everything in the log (default is :info)
# config.log_level = :debug
If you put this in your environment.rb file, emails should not be logged:
ActionMailer::Base.logger = nil
Related
I'm fairly new to Rails 4 and am experimenting with Devise and ldap_authenticatable and I see something that I'm not sure is right. When I authenticate to my Active Directory Devise works fine and stores the user in the MySQL database as expected. However, I seem to lose the user params and can't tell which user just authenticated. user_signed_in? returns false but if I hit the login link I get the message "already signed in" current_user is nil and set_user fails because params(:id) is nil. Seems like something is broken here but I'm not sure what the norm is as far as Devise setting or keeping user params alive.
Any ideas or helpful information?
User Model:
class User < ActiveRecord::Base
# Include default devise modules. Others available are:
# :confirmable, :lockable, :timeoutable and :omniauthable
devise :ldap_authenticatable, :trackable, :validatable
before_save :get_ldap_attrs
def get_ldap_attrs
self.firstname = Devise::LDAP::Adapter.get_ldap_param(self.email, 'givenName')
self.lastname = Devise::LDAP::Adapter.get_ldap_param(self.email, 'sn')
self.login = Devise::LDAP::Adapter.get_ldap_param(self.email, 'sAMAccountName')
self.email = Devise::LDAP::Adapter.get_ldap_param(self.email,'mail').first
self.studentid = Devise::LDAP::Adapter.get_ldap_param(self.email, 'title')
end
end
----
ldap.yaml
## Authorizations
# Uncomment out the merging for each environment that you'd like to include.
# You can also just copy and paste the tree (do not include the "authorizations") to each
# environment if you need something different per enviornment.
authorizations: &AUTHORIZATIONS
allow_unauthenticated_bind: false
group_base: ou=groups,dc=kentshill,dc=org
## Requires config.ldap_check_group_membership in devise.rb be true
# Can have multiple values, must match all to be authorized
required_groups:
# If only a group name is given, membership will be checked against "uniqueMember"
#- ########################
#- #######################
# If an array is given, the first element will be the attribute to check against, the second the group name
#- ["moreMembers", "cn=users,ou=groups,dc=test,dc=com"]
## Requires config.ldap_check_attributes in devise.rb to be true
## Can have multiple attributes and values, must match all to be authorized
require_attribute:
objectClass: inetOrgPerson
authorizationRole: postsAdmin
## Environment
development:
host: address
port: 636
attribute: mail
base: DN
admin_user: fqn user with privs
admin_password: password
ssl: true
# <<: *AUTHORIZATIONS
test:
host: localhost
port: 3389
attribute: cn
base: ou=people,dc=test,dc=com
admin_user: cn=admin,dc=test,dc=com
admin_password: admin_password
ssl: simple_tls
# <<: *AUTHORIZATIONS
production:
host: localhost
port: 636
attribute: cn
base: ou=people,dc=test,dc=com
admin_user: cn=admin,dc=test,dc=com
admin_password: admin_password
ssl: start_tls
# <<: *AUTHORIZATIONS
----------------
Devise initializer
# Use this hook to configure devise mailer, warden hooks and so forth.
# Many of these configuration options can be set straight in your model.
Devise.setup do |config|
# ==> LDAP Configuration
config.ldap_logger = true
config.ldap_create_user = true
config.ldap_update_password = true
#config.ldap_config = "#{Rails.root}/config/ldap.yml"
config.ldap_check_group_membership = false
#config.ldap_check_group_membership_without_admin = false
config.ldap_check_attributes = false
config.ldap_use_admin_to_bind = true
config.ldap_ad_group_check = false
# The secret key used by Devise. Devise uses this key to generate
# random tokens. Changing this key will render invalid all existing
# confirmation, reset password and unlock tokens in the database.
# Devise will use the `secret_key_base` on Rails 4+ applications as its `secret_key`
# by default. You can change it below and use your own secret key.
# config.secret_key = 'ead157a98cc1402f93c717c537225a807971f381bdb51063b22d9979b39e0db385493e0d392999152597ce52baf327d97ffc9a59371ea3258cd8f5fc6d158b75'
# ==> Mailer Configuration
# Configure the e-mail address which will be shown in Devise::Mailer,
# note that it will be overwritten if you use your own mailer class
# with default "from" parameter.
config.mailer_sender = 'please-change-me-at-config-initializers-devise#example.com'
# Configure the class responsible to send e-mails.
# config.mailer = 'Devise::Mailer'
# ==> ORM configuration
# Load and configure the ORM. Supports :active_record (default) and
# :mongoid (bson_ext recommended) by default. Other ORMs may be
# available as additional gems.
require 'devise/orm/active_record'
config.ldap_auth_username_builder = Proc.new() { |attribute, login, ldap| login }
# config.warden do |manager|
# manager.default_strategies(:scope => :user).unshift :ldap_authenticatable
# end
# ==> Configuration for any authentication mechanism
# Configure which keys are used when authenticating a user. The default is
# just :email. You can configure it to use [:username, :subdomain], so for
# authenticating a user, both parameters are required. Remember that those
# parameters are used only when authenticating and not when retrieving from
# session. If you need permissions, you should implement that in a before filter.
# You can also supply a hash where the value is a boolean determining whether
# or not authentication should be aborted when the value is not present.
config.authentication_keys = [:email]
# Configure parameters from the request object used for authentication. Each entry
# given should be a request method and it will automatically be passed to the
# find_for_authentication method and considered in your model lookup. For instance,
# if you set :request_keys to [:subdomain], :subdomain will be used on authentication.
# The same considerations mentioned for authentication_keys also apply to request_keys.
# config.request_keys = []
# Configure which authentication keys should be case-insensitive.
# These keys will be downcased upon creating or modifying a user and when used
# to authenticate or find a user. Default is :email.
config.case_insensitive_keys = [:email]
"config/initializers/devise.rb" 280L, 13721C
Rails 3.2.12, ruby 1.9.3
We allow users to specify the company they are with using a subdomain, like mycompany.example.com, but we redirect to the canonical example.com and need to remember that the user is from mycompany.
We have our environment set up so the config.session_store contains :domain => 'example.com (an alternative that also works is :domain => :all, :tld_length => 2) and this is supposed to work to allow sharing of session information between subdomains. There are a number of great posts, such as this one: Share session (cookies) between subdomains in Rails?
But before the redirect I am sending session.inspect to the log, and it's clearly getting a different session (two separate session ids, etc.). So the most basic issue is that I cannot use the session to remember the mycompany part before I strip it off.
I can work around that, but there are a number of cases where the same user will be from multiple companies (and part of this is our support team who needs to be able to switch companies).
I have tried this on Chrome and Safari on OS X. I am using "pow" so my local development environment has a domain like example.dev which helps rule out several issues (vs. normal localhost:3000 server).
Am I missing something? Is it indeed possible to share a cookie across domains?
UPDATE:
Example code called in a before_filter defined in ApplicationController:
def redirect_to_canonical_if_needed
logger.debug "Starting before_filter. session contains: #{session}"
if request.host != 'example.com'
session[:original_domain] = "Originally came from #{request.host}"
logger.debug "Redirecting, session contains: #{session}"
redirect_to 'http://example.com', :status => :moved_permanently
end
end
Setting added to config/environments/production.rb and removed from config/initializers/session_store.rb
config.session_store = { :key => 'example_session', :secret => "secret", :domain => :all, :tld_length => 2 }
or
config.session_store = { :key => 'example_session', :secret => "secret", :domain => 'example.com' }
And logging result, if I start from a fresh environment where no session exists going to the url a.example.com:
Starting before_filter, session contains: {}
Redirecting, session contains: {"session_id"=>"4de9b56fb540f7295cd3192cef07ba63", "original_domain"=>"a.example.com"}
Filter chain halted as :redirect_to_canonical_if_needed rendered or redirected
Completed 301 Moved Permanently in 2294ms (ActiveRecord: 855.7ms)
Started GET "/" for 123.456.789.123 at 2013-07-12 09:41:12 -0400
Processing by HomeController#index as HTML
Parameters: {}
Starting before_filter, session contains: {}
So the before filter fires on each new request. First request there's no session, hence the "not loaded" message. The test for need to redirect is true. I put something in the session and it gets an id and what I put in it. I do the redirect. New request occurs on the root domain, before filter fires again, and here's the issue: session is not initialized
This should work fine between the two I have setup the following on my dev
Application is at example.dev
I view and set a session variable at a.example.dev then visit b.example.dev and it is set as long as when (as you describe) you set domain to 'example.dev' for the session store
This code in my root controller/action does exactly what your describing
unless request.subdomain.to_s == 'another'
session[:original_domain] = request.subdomain.to_s
redirect_to 'http://another.' + request.domain.to_s
end
And viewing original_domain is available in the session
If you put the example code in I can have a look for any pitfalls
I'm using Mandrill to build a feedback form for users on the website (they fill the form and send me an e-mail).
I want to test the e-mail functionality in development. I use unicorn as a server and my local address is 0.0.0:8080
However I get a 500 server error, Net::SMTPServerBusy : Relay Access Denied
I followed the Heroku instructions step by step.
Here is m application.rb configuration:
config.action_mailer.smtp_settings = {
:address => 'smtp.mandrillapp.com',
:port => '587',
:domain => 'heroku.com',
:user_name => ENV['MANDRILL_USERNAME'],
:password => ENV['MANDRILL_APIKEY']
}
ActionMailer::Base.delivery_method = :smtp
I followed the instructions on mandrill/heroku web page to set up.
I have a .env file set up with a MANDRILL_USERNAME and my MANDRILL_APIKEY
Here is my ActionMailer file:
class FeedbackMailer < ActionMailer::Base
default :from => ""
default :to => "xxx#stanford.edu"
default :subject => "feedback about xxx"
def send_feedback(message)
#debugger
#message = message
mail(:from => message[:sender_email])
end
end
Any help would be appreciated.
I can confirm e-mails get sent in production.
If all of your settings are working in production but not locally, there are a couple of possibilities:
How are you loading the variables from .env to ENV? It's possible the environment variables aren't getting loaded as expected locally. If you hard code the credentials locally, does it work?
You could be running in to an issue with the port or outbound SMTP traffic being blocked. Consider trying port 2525, as it may be less likely to be blocked by local ISPs. Port 465 with SSL enabled may also work even if your ISP is blocking other SMTP traffic
I am trying to upload data to amazon s3 bucket.
I am using aws-s3 gem for this purpose.
I am giving right access key and secure key but still not able to execute S3Object.store/Bucket calls, though the connection is established. They return with error "AWS::S3::SignatureDoesNotMatch: The request signature we calculated does not match the signature you provided. Check your key and signing method."
Interestingly I am running another rails app with paperclip plugin to upload images to S3, and that is working like a charm! with same access key and secure key.
I have tried referencing some links mentioning same problem but to no luck.
[ https://forums.aws.amazon.com/thread.jspa?threadID=16020&tstart=0 ]
Any pointers/help/suggestions would be great. :)
I just got this problem because I did not supply the correct region in the request.
I am using fog and Carrierwave as per the railscast here and I had to configure the region in the config/initializer for Carrierwave
CarrierWave.configure do |config|
config.fog_credentials = {
provider: 'AWS', # required
aws_access_key_id: '[redacted]', # required unless using use_iam_profile
aws_secret_access_key: '[redacted]', # required unless using use_iam_profile
# use_iam_profile: false, # optional, defaults to false
region: 'eu-central-1', # optional, defaults to 'us-east-1'
# host: 's3.example.com', # optional, defaults to nil
# endpoint: 'https://s3.example.com:8080' # optional, defaults to nil
}
config.fog_directory = 'xxx' # required
# config.fog_public = false # optional, defaults to true
# config.fog_attributes = { cache_control: "public, max-age=#{365.days.to_i}" } # optional, defaults to {}
end
interestingly fog was redirected to the correct endpoint with the correct region by amazon, however, the redirected request got the failure on the authentication, maybe a problem with fog in such a situation. Fog did give a nice warning in the log
[fog][WARNING] fog: followed redirect to calm4-files.s3.amazonaws.com, connecting to the matching region will be more performant
but to be more accurate they should say not only more performant, but it will actually work as well
We are using Nagios to monitor our network with great success. However, we have a syslog for critical application errors and while I set up check_log, it doesn't seem to work as well as monitering a device.
The issues are:
It only shows the last entry
There doesn't seem to be a way to acknowledge the critical error and
return the monitor to a good state
Is nagios the wrong tool, or are we just not setting up the service monitering right?
Here are my entries
# log file
define command{
command_name check_log
command_line $USER1$/check_log -F /var/log/applications/appcrit.log -O /tmp/appcrit.log -q ?
}
# Define the log monitering service
define service{
name logfile-check ;
use generic-service ;
check_period 24x7 ;
max_check_attempts 1 ;
normal_check_interval 5 ;
retry_check_interval 1 ;
contact_groups admins ;
notification_options w,u,c,r ;
notification_period 24x7 ;
register 0 ;
}
define service{
use logfile-check
host_name localhost
service_description CritLogFile
check_command check_log
}
For monitoring logs with Nagios, typically the log checker will return a warning only for newly discovered error messages each time it is invoked (so it must retain some state in order to know to ignore them on subsequent runs). Therefore I usually set:
max_check_attempts 1
is_volatile 1
This causes Nagios to send out the alert immeidately, but only once, and then go back to normal.
My favorite log checker is logwarn, but I'm biased because I wrote it myself after not finding any existing ones that I liked. The logwarn package includes a Nagios plugin.
Nothing in your config jumps out at me as being misconfigured.
By design, check_log will only show either an OK message, or the last log entry that triggered an alert. If you need to see multiple entries, you'll need to modify the plugin.
However, I find the fact that you're not getting recoveries somewhat odd. The way check_log works (by comparing the current log to the previous version), you should get a recovery on the very next service check. Except of course, when there have been additional matching entries added to the log since the last check.
Does forcing another service check (or several) cause it to recover?
Also, I don't intend this in a mean way, but make sure it's really malfunctioning.
Is your log getting additional matching entries in between checks, causing it not to recover? Your check is matching "?" which will match anything new in the log. Is something else (a non-error) being added to the log and inadvertently causing a match?
If none of the above are the issue, I would suggest narrowing it down by taking Nagios out of the equation. Try running check_log manually (from the command line, but as the same user as nagios), and with a different oldlog. It should go something like this -
run check with a new "oldlog" - get initialization message
run check - check OK
make change to log
run check - check fails
run check - check OK
If this doesn't work, then you know to focus on the log, the oldlog, and how the check_log is doing the check.
If it works, then it points more towards a problem with your nagios configuration.
There is a Nagios plugin that you can use to check the log files: it's called check_logfiles and it's used to scan the lines of a file for regular expressions.
The following link shows how to install and configure check_logfiles for Nagios and Opsview:
https://www.opsview.com/resources/nagios-alternative/blog/syslog-monitoring-nagios-opsview
As there are many ways to achieve a goal, there is also a nice plugin from Consol available:
https://labs.consol.de/lang/en/nagios/check_logfiles/
supports regex
supports log rotation
To use it, you need a cfg file, this is an example for oracle databases
#searches = ({
tag => 'oraalerts',
options => 'sticky=28800',
logfile => '/u01/app/oracle/diag/rdbms/davmdkp/DAVMDKP1/trace/alert_DAVMDKP1.log',
criticalpatterns => [
'ORA\-0*204[^\d]', # error in reading control file
'ORA\-0*206[^\d]', # error in writing control file
'ORA\-0*210[^\d]', # cannot open control file
'ORA\-0*257[^\d]', # archiver is stuck
'ORA\-0*333[^\d]', # redo log read error
'ORA\-0*345[^\d]', # redo log write error
'ORA\-0*4[4-7][0-9][^\d]',# ORA-0440 - ORA-0485 background process failure
'ORA\-0*48[0-5][^\d]',
'ORA\-0*6[0-3][0-9][^\d]',# ORA-6000 - ORA-0639 internal errors
'ORA\-0*1114[^\d]', # datafile I/O write error
'ORA\-0*1115[^\d]', # datafile I/O read error
'ORA\-0*1116[^\d]', # cannot open datafile
'ORA\-0*1118[^\d]', # cannot add a data file
'ORA\-0*1122[^\d]', # database file 16 failed verification check
'ORA\-0*1171[^\d]', # datafile 16 going offline due to error advancing checkpoint
'ORA\-0*1201[^\d]', # file 16 header failed to write correctly
'ORA\-0*1208[^\d]', # data file is an old version - not accessing current version
'ORA\-0*1578[^\d]', # data block corruption
'ORA\-0*1135[^\d]', # file accessed for query is offline
'ORA\-0*1547[^\d]', # tablespace is full
'ORA\-0*1555[^\d]', # snapshot too old
'ORA\-0*1562[^\d]', # failed to extend rollback segment
'ORA\-0*162[89][^\d]', # ORA-1628 - ORA-1632 maximum extents exceeded
'ORA\-0*163[0-2][^\d]',
'ORA\-0*165[0-6][^\d]', # ORA-1650 - ORA-1656 tablespace is full
'ORA\-16014[^\d]', # log cannot be archived, no available destinations
'ORA\-16038[^\d]', # log cannot be archived
'ORA\-19502[^\d]', # write error on datafile
'ORA\-27063[^\d]', # number of bytes read/written is incorrect
'ORA\-0*4031[^\d]', # out of shared memory.
'No space left on device',
'Archival Error',
],
warningpatterns => [
'ORA\-0*3113[^\d]', # end of file on communication channel
'ORA\-0*6501[^\d]', # PL/SQL internal error
'ORA\-0*1140[^\d]', # follows WARNING: datafile #20 was not in online backup mode
'Archival stopped, error occurred. Will continue retrying',
]
});
I believe there's now a real Nagios plugin that monitors logs effectively.
http://support.nagios.com/forum/viewtopic.php?f=6&t=8851&p=42088&hilit=unixautomation#p42088
The home page of the Nagios plugin on that page is Nagios Log Monitor
Your [ commands.cfg file ] will contain:
define command {
command_name NagiosLogMonitor
command_line $USER1$/NagiosLogMonitor $HOSTNAME$ $ARG1$ $ARG2$ $ARG3$ $ARG4$ '$ARG5$' '$ARG6$' $ARG7$ $ARG8$ $ARG9$ $ARG10$
}
OR
define command {
command_name NagiosLogMonitor
command_line $USER1$/NagiosLogMonitor $HOSTADDRESS$ $ARG1$ $ARG2$ $ARG3$ $ARG4$ '$ARG5$' '$ARG6$' $ARG7$ $ARG8$ $ARG9$ $ARG10$
}
Your [ services.cfg file ] will look similar to:
define service {
check_command NagiosLogMonitor!logrobot!autofig!/var/log/proteus.log!15!500.html!500 Internal Server Error!1!2!-foundn
max_check_attempts 1
service_description 500_ERRORS_LOGCHECK
host_name sky.blat-01.net,sky.blat-02.net,sky.blat-03.net
use fifteen-minute-interval
}
Nagios now has a solution that integrates tightly with Nagios Core, XI, etc.
Nagios Log Server which can alert on any query on any log file on any system in your infrastructure.