Well, when I first deployed the board I thought it would be better to deploy it with docker rather than directly install things on the server. Now that I'm updating the version of ruby, rails, and all the dependencies I have decided better late that never. So I'm working on creating a docker image for the board even though I've already installed the newer ruby on the server (still running the older one though).
This should make updating the board much smoother in the future when there are updates to ruby and rails.
every so often, i just like to drop into this thread to thank everyone here for keeping us running. You guys rock. I'm not on the board as much anymore, but I am so glad that it is here when I want to come home.
The job change is slowing me down, but I do have a docker container for the board now and I'm deciding how best to set the needed environment variables. I'm thinking of checking in a docker compose yml template and then setting the secret values manually and setting the compose yml to be readable only by the buffista user. That does kinda bring up the issue of where to keep these values. People with access to the server can read them, of course, and that requires logging on with certificate authentication. The only other place I know they exist is in my bitwarden vault.
None of that means anything at all to me, Gud, but ....yay, like Vortex said!
I'm not sure how I feel about adding considerable additional complexity in order to fix theoretical future problems.
That's a valid point. This is a tiny project, and doing the containerizing and secrets management you do for a larger project could be complex overkill. Also, without a docker repository, deployment isn't push button.
Gud, I don’t have sudo access on the server, so I can’t do this myself. The file /etc/logrotate.d/borg needs the lines added to it:
postrotate
systemctl restart puma.service
endscript
This will prevent the disk from filling up, like it did last week.
Shoot. I need to get you the sudo password so you can do stuff like that.
I'll make those changes tonight and I can send you a link to a secure place to get the password while I'm at it. Have a bunch of errands to run at the moment.