Anubis proxy whitelist #246

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

elohanlon merged 3 commits into main from anubis-proxy-whitelist

Sep 25, 2025

Gemfile.lock

-Original file line number
+Diff line change
@@ Expand Up / @@ -165,7 +165,7 @@ GEM @@
           activerecord (>= 5.a)
           database_cleaner-core (~> 2.0.0)
         database_cleaner-core (2.0.1)
-        date (3.3.3)
+        date (3.4.1)
         deprecation (1.1.0)
           activesupport
         devise (4.9.2)
@@ Expand Down @@

config/environments/deployed.rb

-Original file line number
+Diff line change
@@ -0,0 +1,92 @@
+    Rails.application.configure do
+      # Settings specified here will take precedence over those in config/application.rb.
+      # Code is not reloaded between requests.
+      config.cache_classes = true
+      # Eager load code on boot. This eager loads most of Rails and
+      # your application in memory, allowing both thread web servers
+      # and those relying on copy on write to perform better.
+      # Rake tasks automatically ignore this option for performance.
+      config.eager_load = true
+      # Full error reports are disabled and caching is turned on.
+      config.consider_all_requests_local       = false
+      config.action_controller.perform_caching = true
+      # Enable Rack::Cache to put a simple HTTP cache in front of your application
+      # Add `rack-cache` to your Gemfile before enabling this.
+      # For large-scale production use, consider using a caching reverse proxy like nginx, varnish or squid.
+      # config.action_dispatch.rack_cache = true
+      # Disable Rails's static asset server (Apache or nginx will already do this).
+      config.serve_static_files = false
+      # Compress JavaScripts and CSS.
+      config.assets.js_compressor = :uglifier
+      # config.assets.css_compressor = :sass
+      # Do not fallback to assets pipeline if a precompiled asset is missed.
+      config.assets.compile = false
+      # Generate digests for assets URLs.
+      config.assets.digest = true
+      # Version of your assets, change this if you want to expire all your assets.
+      config.assets.version = '1.0'
+      # Specifies the header that your server uses for sending files.
+      # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
+      # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
+      # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
+      # config.force_ssl = true
+      # Set to :debug to see everything in the log.
+      config.log_level = :error
+      # Prepend all log lines with the following tags.
+      # config.log_tags = [ :subdomain, :uuid ]
+      # Use a different logger for distributed setups.
+      # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
+      # Use a different cache store in production.
+      # config.cache_store = :mem_cache_store
+      # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+      # config.action_controller.asset_host = "http://assets.example.com"
+      # Precompile additional assets.
+      # application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
+      # config.assets.precompile += %w( search.js )
+      # Ignore bad email addresses and do not raise email delivery errors.
+      # Set this to true and configure the email server for immediate delivery to raise delivery errors.
+      # config.action_mailer.raise_delivery_errors = false
+      config.action_mailer.delivery_method = :sendmail
+      config.action_mailer.sendmail_settings = {
+        :location       => '/usr/sbin/sendmail',
+        :arguments      => '-i -t'
+      }
+      # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
+      # the I18n.default_locale when a translation can not be found).
+      config.i18n.fallbacks = true
+      # Send deprecation notices to registered listeners.
+      config.active_support.deprecation = :notify
+      # Disable automatic flushing of the log to improve performance.
+      # config.autoflush_log = false
+      # Use default logging formatter so that PID and timestamp are not suppressed.
+      config.log_formatter = ::Logger::Formatter.new
+      config.action_dispatch.trusted_proxies = [
+        # Add 127.0.0.1 as a trusted proxy so that the X-Forwarded-For value set by Anubis (or any other internal proxy)
+        # is whitelisted for use by the request.remote_ip IP-determining mechanism.
+        IPAddr.new('127.0.0.1')
+      ]
+    end

config/environments/dlc_dev.rb

-Original file line number
+Diff line change
@@ -1,88 +1,11 @@
-    Rails.application.configure do
-      # Settings specified here will take precedence over those in config/application.rb.
-      # Code is not reloaded between requests.
-      config.cache_classes = true
-      # Eager load code on boot. This eager loads most of Rails and
-      # your application in memory, allowing both thread web servers
-      # and those relying on copy on write to perform better.
-      # Rake tasks automatically ignore this option for performance.
-      config.eager_load = true
-      # Full error reports are disabled and caching is turned on.
-      config.consider_all_requests_local       = false
-      config.action_controller.perform_caching = true
-      # Enable Rack::Cache to put a simple HTTP cache in front of your application
-      # Add `rack-cache` to your Gemfile before enabling this.
-      # For large-scale production use, consider using a caching reverse proxy like nginx, varnish or squid.
-      # config.action_dispatch.rack_cache = true
-      # Disable Rails's static asset server (Apache or nginx will already do this).
-      config.serve_static_files = false
+    require Rails.root.join('config/environments/deployed.rb')
-      # Compress JavaScripts and CSS.
-      config.assets.js_compressor = :uglifier
-      # config.assets.css_compressor = :sass
-      # Do not fallback to assets pipeline if a precompiled asset is missed.
-      config.assets.compile = false
-      # Generate digests for assets URLs.
-      config.assets.digest = true
-      # Version of your assets, change this if you want to expire all your assets.
-      config.assets.version = '1.0'
+    Rails.application.configure do
+      # Setting host so that url helpers can be used in mailer views.
+      config.action_mailer.default_url_options = { host: 'dlc-rails-dev1.cul.columbia.edu' }
+      # Set default host for sitemap generator
       config.default_host = 'https://dlc-dev.library.columbia.edu'
-      # Specifies the header that your server uses for sending files.
-      # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
-      # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
-      # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
-      # config.force_ssl = true
-      # Set to :debug to see everything in the log.
       config.log_level = :debug
-      # Prepend all log lines with the following tags.
-      # config.log_tags = [ :subdomain, :uuid ]
-      # Use a different logger for distributed setups.
-      # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
-      # Use a different cache store in production.
-      # config.cache_store = :mem_cache_store
-      # Enable serving of images, stylesheets, and JavaScripts from an asset server.
-      # config.action_controller.asset_host = "http://assets.example.com"
-      # Precompile additional assets.
-      # application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
-      # config.assets.precompile += %w( search.js )
-      # Ignore bad email addresses and do not raise email delivery errors.
-      # Set this to true and configure the email server for immediate delivery to raise delivery errors.
-      # config.action_mailer.raise_delivery_errors = false
-      config.action_mailer.delivery_method = :sendmail
-      config.action_mailer.sendmail_settings = {
-        :location       => '/usr/sbin/sendmail',
-        :arguments      => '-i -t'
-      }
-      config.action_mailer.default_url_options = { :host => 'dlc-rails-dev1.cul.columbia.edu' }
-      # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
-      # the I18n.default_locale when a translation can not be found).
-      config.i18n.fallbacks = true
-      # Send deprecation notices to registered listeners.
-      config.active_support.deprecation = :notify
-      # Disable automatic flushing of the log to improve performance.
-      # config.autoflush_log = false
-      # Use default logging formatter so that PID and timestamp are not suppressed.
-      config.log_formatter = ::Logger::Formatter.new
     end

config/environments/dlc_prod.rb

-Original file line number
+Diff line change
@@ -1,88 +1,9 @@
-    Rails.application.configure do
-      # Settings specified here will take precedence over those in config/application.rb.
-      # Code is not reloaded between requests.
-      config.cache_classes = true
-      # Eager load code on boot. This eager loads most of Rails and
-      # your application in memory, allowing both thread web servers
-      # and those relying on copy on write to perform better.
-      # Rake tasks automatically ignore this option for performance.
-      config.eager_load = true
-      # Full error reports are disabled and caching is turned on.
-      config.consider_all_requests_local       = false
-      config.action_controller.perform_caching = true
-      # Enable Rack::Cache to put a simple HTTP cache in front of your application
-      # Add `rack-cache` to your Gemfile before enabling this.
-      # For large-scale production use, consider using a caching reverse proxy like nginx, varnish or squid.
-      # config.action_dispatch.rack_cache = true
-      # Disable Rails's static asset server (Apache or nginx will already do this).
-      config.serve_static_files = false
+    require Rails.root.join('config/environments/deployed.rb')
-      # Compress JavaScripts and CSS.
-      config.assets.js_compressor = :uglifier
-      # config.assets.css_compressor = :sass
-      # Do not fallback to assets pipeline if a precompiled asset is missed.
-      config.assets.compile = false
-      # Generate digests for assets URLs.
-      config.assets.digest = true
-      # Version of your assets, change this if you want to expire all your assets.
-      config.assets.version = '1.0'
+    Rails.application.configure do
+      # Setting host so that url helpers can be used in mailer views.
+      config.action_mailer.default_url_options = { host: 'dlc-rails-prod1.cul.columbia.edu' }
+      # Set default host for sitemap generator
       config.default_host = 'https://dlc.library.columbia.edu'
-      # Specifies the header that your server uses for sending files.
-      # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
-      # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
-      # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
-      # config.force_ssl = true
-      # Set to :debug to see everything in the log.
-      config.log_level = :error
-      # Prepend all log lines with the following tags.
-      # config.log_tags = [ :subdomain, :uuid ]
-      # Use a different logger for distributed setups.
-      # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
-      # Use a different cache store in production.
-      # config.cache_store = :mem_cache_store
-      # Enable serving of images, stylesheets, and JavaScripts from an asset server.
-      # config.action_controller.asset_host = "http://assets.example.com"
-      # Precompile additional assets.
-      # application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
-      # config.assets.precompile += %w( search.js )
-      # Ignore bad email addresses and do not raise email delivery errors.
-      # Set this to true and configure the email server for immediate delivery to raise delivery errors.
-      # config.action_mailer.raise_delivery_errors = false
-      config.action_mailer.delivery_method = :sendmail
-      config.action_mailer.sendmail_settings = {
-        :location       => '/usr/sbin/sendmail',
-        :arguments      => '-i -t'
-      }
-      config.action_mailer.default_url_options = { :host => 'dlc-rails-prod1.cul.columbia.edu' }
-      # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
-      # the I18n.default_locale when a translation can not be found).
-      config.i18n.fallbacks = true
-      # Send deprecation notices to registered listeners.
-      config.active_support.deprecation = :notify
-      # Disable automatic flushing of the log to improve performance.
-      # config.autoflush_log = false
-      # Use default logging formatter so that PID and timestamp are not suppressed.
-      config.log_formatter = ::Logger::Formatter.new
     end

config/environments/dlc_staging.rb

-Original file line number
+Diff line change
@@ -1,88 +1,9 @@
-    Rails.application.configure do
-      # Settings specified here will take precedence over those in config/application.rb.
-      # Code is not reloaded between requests.
-      config.cache_classes = true
-      # Eager load code on boot. This eager loads most of Rails and
-      # your application in memory, allowing both thread web servers
-      # and those relying on copy on write to perform better.
-      # Rake tasks automatically ignore this option for performance.
-      config.eager_load = true
-      # Full error reports are disabled and caching is turned on.
-      config.consider_all_requests_local       = false
-      config.action_controller.perform_caching = true
-      # Enable Rack::Cache to put a simple HTTP cache in front of your application
-      # Add `rack-cache` to your Gemfile before enabling this.
-      # For large-scale production use, consider using a caching reverse proxy like nginx, varnish or squid.
-      # config.action_dispatch.rack_cache = true
-      # Disable Rails's static asset server (Apache or nginx will already do this).
-      config.serve_static_files = false
+    require Rails.root.join('config/environments/deployed.rb')
-      # Compress JavaScripts and CSS.
-      config.assets.js_compressor = :uglifier
-      # config.assets.css_compressor = :sass
-      # Do not fallback to assets pipeline if a precompiled asset is missed.
-      config.assets.compile = false
-      # Generate digests for assets URLs.
-      config.assets.digest = true
-      # Version of your assets, change this if you want to expire all your assets.
-      config.assets.version = '1.0'
+    Rails.application.configure do
+      # Setting host so that url helpers can be used in mailer views.
+      config.action_mailer.default_url_options = { host: 'dlc-rails-test1.cul.columbia.edu' }
+      # Set default host for sitemap generator
       config.default_host = 'https://dlc-staging.library.columbia.edu'
-      # Specifies the header that your server uses for sending files.
-      # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
-      # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
-      # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
-      # config.force_ssl = true
-      # Set to :debug to see everything in the log.
-      config.log_level = :error
-      # Prepend all log lines with the following tags.
-      # config.log_tags = [ :subdomain, :uuid ]
-      # Use a different logger for distributed setups.
-      # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
-      # Use a different cache store in production.
-      # config.cache_store = :mem_cache_store
-      # Enable serving of images, stylesheets, and JavaScripts from an asset server.
-      # config.action_controller.asset_host = "http://assets.example.com"
-      # Precompile additional assets.
-      # application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
-      # config.assets.precompile += %w( search.js )
-      # Ignore bad email addresses and do not raise email delivery errors.
-      # Set this to true and configure the email server for immediate delivery to raise delivery errors.
-      # config.action_mailer.raise_delivery_errors = false
-      config.action_mailer.delivery_method = :sendmail
-      config.action_mailer.sendmail_settings = {
-        :location       => '/usr/sbin/sendmail',
-        :arguments      => '-i -t'
-      }
-      config.action_mailer.default_url_options = { :host => 'dlc-rails-test1.cul.columbia.edu' }
-      # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
-      # the I18n.default_locale when a translation can not be found).
-      config.i18n.fallbacks = true
-      # Send deprecation notices to registered listeners.
-      config.active_support.deprecation = :notify
-      # Disable automatic flushing of the log to improve performance.
-      # config.autoflush_log = false
-      # Use default logging formatter so that PID and timestamp are not suppressed.
-      config.log_formatter = ::Logger::Formatter.new
     end

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Anubis proxy whitelist #246

Uh oh!

Diff view

Diff view

There are no files selected for viewing

Uh oh!