Chris Oliver

Great questions!

1. SSL is coming really soon. I decided to launch without it just to get it out the door. If you're not embarassed by your first version of your product right? :) Both custom certs and Lets Encrypt will be coming in the next couple weeks.
2. Pretty much full permissions on your server. Each server gets a unique SSH key that is added to the server and since I have to install packages and everything it needs root access to do all that.
3. SSH keys, environment variables, etc are all encrypted in Hatch using attr_encrypted. They're stored on your server using rbenv-vars so that Ruby can pick it up when your Rails app loads.
4. I don't know that I'll be building easy migration to other places, but for the most part this is the same going in or out of Hatch. You pretty much just need to move your database in or out of your server to the other provider. If you were coming from Heroku, you'd move their PG database to the one on your server and vice versa if you want to go to Heroku.

PG::UndefinedTable: ERROR: relation "users" does not exist

Looks like maybe you're missing a migration to create the users table somewhere?

Awesome! :)

I believe for that, you can either override the deploy:assets:precompile task with an empty task, or you can also possibly remove the web role from the server line in config/deploy/production.rb. That may also disable some other things that run on the web role, but I don't remember what those might be so it might be the best solution for an api-only app.

Yep your code looks right. I think that git ls-remote is fine because Capistrano actually clones your full repo to the server (all the branches) and then when it does a "git archive branch | tar" command later to make the new release folder, it will grab the branch there. I don't think this step is gonna be the problem, so it might actually be using the right branch.

Hey @disqus_FdxDeiCXJb:disqus! I'm not sure how you've got it setup, but if you set the branch in your Capistrano config, that should do the trick. You can either do it in config/deploy.rb globally (it defaults to master) or inside each of the stages like config/deploy/production.rb. It's usually just set :branch, "mybranch"

All the other config options are listed here: http://capistranorb.com/doc...

This isn't too bad. You would probably be well served to move your code for creating the individual events to the model itself so that this logic doesn't clutter the controller.

It looks like you're on the right track. I think you can clean a lot of this up like so: https://gist.github.com/exc...

This is untested, but I think the only issue with this would be that you would need to probably skip that first event in the recurring loop as it probably would duplicate the initial event.

A lot of deciding to do it yourself or to use a frontend framework is going to come down to the problems you're trying to solve. You get both the client side changes and the server side rendering that's good for SEO in one fell swoop here. A frontend framework adds a lot of complexity, but depending on what you're trying to do, it can be there either approach.

So what are some things that are your most complex bits to implement client side?

Yessir, I think that would do it. 🤘

You can create separate css files by adding this to your config/application.rb:

config.assets.precompile += ['admin.js', 'admin.css']

And then you can require them in your admin template so those files are compiled separately. It's just like making a second application.css and application.js for your admin area. These won't be compiled into your application.css or application.js by doing so (as long as you don't require them in the file).

I know Slack uses flexbox to do their layout. Something like this codepen: http://codepen.io/tutsplus/pen/XJexGg

Scrolling should be automatic if you have enough messages in the view. You can also force the scroll bar by adding overflow-y: scroll.

You'd have to look at Shrine's code for that, but if it doesn't support it yet, I'm sure it'd be very easy to add since it appears to simply be an additional header to add to requests. That would be a great open source contribution if it doesn't support it already!

PutObjectAcl lets you change the ACL of an object in S3. This may not be required, but it's useful if you want to change permissions on files ever like making them public or private. http://docs.aws.amazon.com/...

That's fantastic to hear! You might like the latest episode on fixing the Paranoia gem as I dove into the gem itself and ActiveRecord's counter caching to figure out how to fix counter caches when you're doing soft deletes. Neither of those I have seen the internals of before and it was fun to go in and figure out how they worked to go fix them. :)

Let's encrypt should write logs somewhere, or you could tack on a little bash snippet have it output top your own log file too and write the last timestamp it ran.

1. I'm not quite sure what you're asking on this one. Rephrase and try me again? :P
2. You'd have to index them combined, so you'd make a "name" attribute that was those concatenated and then search on that instead of the separate fields.

You can render any partial you want, Rails just provides a lot of helpful shortcuts when you pass in ActiveRecord objects. Here we're rendering one called app/views/posts/_likes.html.erb. Since this is being rendered inside a Post view, it looks in the posts folder for the partial file although you could specify any folder you wanted.

You have to create that partial, it's not one that will be autogenerated for you, and we do this for organization of your code. You can reuse that partial in other places if you want and it will output the same HTML.

All the final code you can find here: https://github.com/gorails-screencasts/gorails-24-liking-posts

Since this is an administrative thing, you could explicitly pass in the user id like this: masquerade_path(@user.id) which should always put the numerical ID in, or you could take a look at overriding the masquerade query to use the friendly.find that is required for friendly_id lookups. I'd probably just pass in the ID explicitly since it's only accessible to admins.

And you can make sure this is accessible only for admins by doing this if you're using CanCan or putting your own before_action in the overridden controller to authorize for only admins: https://github.com/oivoodoo...

I don't think I mentioned authorizing that url in the episode like I should have. That's an important piece!

That's a great question. I don't see any need for authentication.

I mean, worst case if someone started abusing your API, you could do some simple checking to make sure the requests came from your mobile app by verifying a user agent header specific to your app. If your API runs on SSL, then those headers should be encrypted so that no one could sniff that user agent to apply to their own requests. Same sort of thing could be done by doing a basic auth requirement for your app and hardcoding the password inside the app. Those are both probably findable if someone disassembling the app, but you'd really just want to prevent any basic abuse if that ever became a problem. Rack-attack's a useful gem to prevent too many requests from hosts as well that could be useful to keep in mind.

Most of this is all unlikely to be needed and you could roll out changes for this stuff later on too if it became a problem. Probably not something you really need to worry about too much, just like you don't worry that much about it when you're building a public website until abuse becomes a problem.

And since there's no real need to have accounts, storing preferences on the device makes perfect sense. There is a unique device ID for each phone, so you could send that over to be the identifier for storing preferences server-side if you really did need to restore preferences after a reinstall.

Well, your search in the navbar implies that it's a global search, not just for the category you're viewing. You can do searches across the different models and combine the results (maybe show the current category results first). You can see an example of this on Facebook with the global search bar, yet different categories of results (pages, people, businesses, etc).

That would definitely make for a good episode and I've wanted to do this for GoRails sometime soon anyways to search both episodes and the forum.