Heroku template tweaks #4116
Merged
Heroku template tweaks #4116
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Added MMCONNECT stuff per #4190. |
Didn't get any feedback either way on this change after multiple enquiries, so going ahead with simplification here. If anyone sorely misses any of these items from the default form, can always put them back in. Also added SHOW_PLUGINS, as it's a useful starter setting.
PieterGit
requested changes
Jan 11, 2019
|
@unsoluble I would include all the environment variables that the code uses. So follow Python Zen: "Explicit is better than implicit.". I'm fine with merging this for 0.11 @jpcunningh or @sulkaharo can you als 👍 or 👎 this for 0.11? |
There are many vars that are in the code that weren't ever in the setup template. I think as an initial onboarding tool it should remain fairly lean. If folks think we should be presenting every var up front, that should probably come with a re-work of the template into an Essential/Advanced sort of layout if possible (but definitely not happening for this release). |
PieterGit
requested changes
Jan 26, 2019
PieterGit
approved these changes
Feb 2, 2019
Merged
sulkaharo
added a commit
that referenced
this pull request
Feb 7, 2019
Draft release notes for upcoming 0.11 release (currently release candidate phase). # Changes Over 360 commits, 89 files changed, +8,428 / −6,569 lines of changes (full list of changes here: https://github.com/nightscout/cgm-remote-monitor/pull/4022/commits ) ## New features - Fully secure by default out of the box. Unsecure access via http is not allowed anymore by default. This might force you to re-authenticate with your `API_SECRET` or token if you were using unsecure access. (@PieterGit ) - No outdated packages with vulnerabilities are being used anymore (@PieterGit ) - Add Week to Week report (@jpcunningh, #4123 ) - Add Loopalyzer report to analyse looping. Visualize your loop (@lixgbg, #3629 #4235 ) - Add predictions support to Day to Day report (@lixgbg, #3179 ) - Add cgm sensor stop to Careportal (@jpcunningh, #4060) ## Removed features - remove `mqtt` module, because it had a security issue and was not used - remove `sgvdata` module, because it had a security issue, added a lot of complexity and wasn't needed (@PieterGit ). Replacement implementation for CSV and TSV export (@sulkaharo ). ## Improvements - Fix MongoDB database insert handling. Log error on inserts and don't crash in case the MongoDB disk is full or MongoDB quota is reached (@sulkaharo and @jpcunningh) - Upgrade packages to recent version, fixing all known security issues with dependencies (@PieterGit) - Redirect redirect HTTP to HTTPS and implement HSTS (@jweismann, @PieterGit, #4044 and #4010 and #4253 ) - Technical improvement: Migrate from `uglify-js` to `terser-webpack-plugin` (@PieterGit) - Streamlined Heroku deployment template with more descriptive text and more appropriate defaults for new users (@unsoluble, #4116 ) ## Bug fixes - Fix CGM voltageb battery warning level to match xDrip+ (@jpcunningh, #3954 ) - Fix daylight saving and reloading bug in profile editor, (@DigitalDan1, @Kywalh #4029 and #4074 ) - Reduce the amount of Profile Switch treatments being loaded to fix UI slowdown and Nightscout home screen losing AAPS data from >3 hours ago, (@sulkaharo, @vickster1, #4055 ) - Upgrade to [share2nightscout 0.2.0](https://github.com/nightscout/share2nightscout-bridge/releases/tag/0.2.0). Prevent Nightscout server crashes in case Dexcom server does not respond (@PieterGit, @veryfancy) - Fix UI so pills are updated immediately after new data is loaded (@sulkaharo) - Fixes to If-Modified-Since HTTP header handling for BG data (@sulkaharo) ## Documentation and language updates - Language updates for Danish, Dutch, German, Hebrew, Norwegian, Russian - New languages: Japanese, Turkish - Update Alexa documentation. Note that some Alexa improvements are postponed to Nightscout 0.12 because the Alexa plugin needs refactoring, see #4168 (comment) - Update IFTTT maker-setup.md docs (@Dave9111, @unsoluble, #4206 ) - Updated various docs, including [CONTRIBUTING](https://github.com/nightscout/cgm-remote-monitor/blob/dev/CONTRIBUTING.md) documentation # Upgrade notes - We only allow Nightscout to start with a secure Node JS. - Latest Node 8 LTS (8.15.0 or later) and Latest Node 10 LTS (10.15.1 or later) are recommended and supported. - Latest Node version on Azure (currently 10.14.0) is tolerated, but not recommended - Other versions will not start - The [rawbg](https://github.com/nightscout/cgm-remote-monitor#rawbg-raw-bg) settings are converted to a single setting tri-state variable. - We improved security and added several new environment variables such as [INSECURE_USE_HTTP and SECURE_HSTS_HEADER](https://github.com/nightscout/cgm-remote-monitor/#predefined-values-for-your-server-settings-optional) - Your site redirects to https by default. If you don't want that or use a Nginx or Apache proxy, set `INSECURE_USE_HTTP` to `true`. - We enabled [HTTP Strict Transport Security (HSTS)](https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security) headers by default, settings `SECURE_HSTS_HEADER` and `SECURE_HSTS_HEADER_*` ## Upgrade notes for Azure users We recommend Azure users consider migrating their hosting to Heroku, as we've observed Heroku users have significantly less issues with having their sites work reliably. If you want to continue using Azure, change the following configuration variables in Azure before updating to the latest Nightscout version: ``` WEBSITE_NODE_DEFAULT_VERSION=10.14.1 SCM_COMMAND_IDLE_TIMEOUT=300 ``` # Install instructions Install instructions can be found: https://github.com/nightscout/cgm-remote-monitor/blob/master/README.md#install # Contributors to this release The release coordination for this release was done by @PieterGit We would like to thank the following people for their contribution (in alphabetical order): @anderser, @apanasef, @balshor, @bewest, @blocklist_twitter, @CaroGo, @cascer1, @cluckj, @danamlewis, @Dave9111, @diabetlum, @herzogmedia, @janrpn, @jasoncalabrese, @jpcunningh, @jweismann, @kenstack, @Kywalh, @lixgbg, @LuminaryXion, @MilosKozak, @mitrei, @PaperT1D, @PieterGit, @unsoluble, @rarneson, @renegadeandy, @scottleibrand, @sulkaharo, @T-o-b-i-a-s, @tynbendad, @unsoluble, @veryfancy, @viq, @wootmasterslick (if I forgot somebody, please respond) # TODO TODO: Translations, Languages with less than 80% will be removed in a future Nightscout version. Currently the following languages are at risk: 中文(繁體) (zh_tw), Hrvatski (hr), Ελληνικά (el), 한국어 (ko) See https://gitter.im/nightscout/public?at=5bef2f34de42d46bba766f66 TODO: Fix Codacy errors, https://app.codacy.com/app/Nightscout/cgm-remote-monitor/issues?bid=2452379&filters=W3siaWQiOiJDYXRlZ29yeSIsInZhbHVlcyI6WyJFcnJvciBQcm9uZSJdfV0= TODO: test dev after all new features are merged for at least two weeks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
While deploying a bunch of test apps to work on the Heroku guide rewrite, noticed that the template text could use some tidying up and clarification.
Reworded most of the descriptions for clarity and simplicity, re-ordered the vars in the code to match the alpha sort on the presented page, set defaults where values have defaults, and added a BRIDGE_SERVER line.
I didn't remove anything, but I'm wondering if maybe we should — many of those vars are unnecessary for the vast majority of new users, and anyone who needs them will be tinkering with the vars later anyway, and can add them then. Thoughts? (I'm thinking in particular of DISABLE, INSECURE_USE_HTTP, the MAKER and PUSHOVER vars, SECURE_CSP, and the HSTS stuff.)