doubleunion / arooo

Membership management for hacker/makerspaces
GNU General Public License v3.0
66 stars 55 forks source link
hackerspace rails

Arooo - A Room Of One's Own

Ruby CI Ruby lint security Open Source Helpers

Welcome :rocket::rocket::rocket:✨✨

This is a membership application app written by members of Double Union, a feminist hacker/makerspace for nonbinary people and women in San Francisco.

This app is named after a famous Virginia Woolf essay, A Room of One's Own. You can learn more about it on Wikipedia!

Also, here is a puppy that is saying "arooo":

A puppy howling

What does arooo do?

The application supports three levels of membership: members, key members, and voting members, where any member can see and comment on an application, but only voting members can vote. Membership coordinators can set whether the app is accepting applications, accept or reject individual applications, manage membership levels, and review dues status.

You can see screenshots of the system here: see our Arooo announcement post.

How to run it and contribute

We welcome contributions from anyone! Please see our Contributing Guide for an overview of how to help, including how to set up your development environment and run the application.

Production maintainer / SRE guide

Rails console - heroku

You only need this if you are deploying code, checking changes, or maintaining a production instance of arooo

Set up heroku commandline client: https://devcenter.heroku.com/articles/heroku-cli

Staging: $ heroku run rails console --remote staging

Production: $ heroku run rails console --remote production

Bugsnag

www.bugsnag.com is a heroku plugin that records errors in the production app. This is helpful for debugging. For bugsnag access, ask someone with access to the board@ section of 1Password to log into bugsnag and send you an email invite to create an account. Thank you to Bugsnag for their OSS program :)

Deploying and Heroku access

This section only pertains if you have heroku & deployment access. Only maintainers have heroku access and can deploy.

If you are a DU member, see https://docs.google.com/document/d/19LbIYB2RDy-17UXuQx6wLgKp2EdLdqj-pg1cm3EpSb8/edit for more information on getting permission.

Both staging and production Heroku environments are connected to this GitHub repo, making it possible to deploy directly through the Heroku UI. To deploy:

Database migrations will run automatically during the release process on Heroku. This is controlled by the release directive in our Procfile.

If you prefer to do deploys from the command line, here are the steps:

  1. Add Heroku remotes to your .git/config (type git remote --help for more instructions on how to configure git remote.)

    [remote "production"]
     url = git@heroku.com:du-arooo.git
     fetch = +refs/heads/*:refs/remotes/heroku/*
    [remote "staging"]
     url = git@heroku.com:doubleunion-staging.git
     fetch = +refs/heads/*:refs/remotes/heroku/*
  2. Pull down the latest code from main

    git checkout main
    git pull --rebase origin main
  3. If CI tests are passing, push to the staging environment

    git checkout main
    git pull --rebase origin main
    git push staging main
  4. If needed, perform rake tasks or set ENV variable settings on staging

  5. Test staging!

    username: doubleunion
    password: meritocracyisajoke
  6. After confirming that the code works on staging, push it to production!

    git checkout main
    git pull --rebase origin main
    git push production main
  7. If needed, perform rake tasks or set ENV variable settings on production

Environment variable configuration

As of February 2023, the environment variables set in Arooo's production environment are:

# Amazon credentials. Used for email sending, and possibly other stuff.
AWS_ACCESS_KEY_ID
AWS_REGION
AWS_SECRET_ACCESS_KEY

# Error reporting
BUGSNAG_KEY

# Postgres database
DATABASE_URL

# For GitHub OAuth
GITHUB_CLIENT_KEY
GITHUB_CLIENT_SECRET

# For Google OAuth
GOOGLE_CLIENT_ID
GOOGLE_CLIENT_SECRET

# Same as DATABASE_URL
HEROKU_POSTGRESQL_RED_URL

# To receive dues payments via Stripe
STRIPE_PUBLISHABLE_KEY
STRIPE_SECRET_KEY
STRIPE_SIGNING_SECRET

# General Rails and Heroku configuration
CANONICAL_HOST: app.doubleunion.org
HOST_URL: app.doubleunion.org
LANG: en_US.UTF-8
RACK_ENV: production
RAILS_ENV: production
SECRET_TOKEN

You can get the current values from Heroku, either via the web UI, under Settings > Reveal Config Vars, or using the Heroku CLI: heroku config --app du-aroo.

In your local development environment, you can set these variables in config/application.yaml.

TODO: It would be great to document these variables further, and figure out which ones are still needed.

Email

This app sends emails via the Amazon SES service. Look for the config.action_mailer.delivery_method in production.rb for the precise configuration details.

If you need more information about our AWS setup, board members have AWS Console access.

Staging

Currently neither github nor google auth works on staging- we should get this working again so we can actually test.

The basic-auth login is found in https://dashboard.heroku.com/apps/doubleunion-staging/settings under BASIC_AUTH_NAME/BASIC_AUTH_PASSWORD

Security

To report a security vulnerability with Arooo, see SECURITY.md. Thank you!

License

Copyright (C) 2014 Double Union

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

See the LICENSE.txt file for the full license.