x/web-app-template
Archived
Template
2
0
Fork 0
Code Issues 13 Pull Requests 4 Actions Packages Activity

feat(observability): #360 remove umami to reduce complexity #361

Merged
tim merged 1 commits from 360-remove-umami into prod 2024-12-31 11:05:31 +00:00
Conversation 0 Commits 1 Files Changed 6 +12 -18
6 changed files with 12 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Readme.md
View File

@@ -9,7 +9,7 @@ stackFAST includes everything you need to build your App. Focus yourself on deve
The blueprint contains the following features: The blueprint contains the following features:
- Authentication: Users can login, logout, register and reset their password. For increased security TOTP is available aswell. - Authentication: Users can login, logout, register and reset their password. For increased security TOTP is available aswell.
- Observability: The stack contains an Grafana+Prometheus instance for basic monitoring. You are able to add alerts and get notified on your phone. For web analytics umami is included, which is an lighweight self hosted alternative to google analytics. - Observability: The stack contains an Grafana+Prometheus instance for basic monitoring. You are able to add alerts and get notified on your phone.
- Mail: You are able to send mail with SMTP. You still need an external Mail Server, but a guide on how to set that up with a custom domain is included. - Mail: You are able to send mail with SMTP. You still need an external Mail Server, but a guide on how to set that up with a custom domain is included.
- SSL: This is included by using traefik as reverse proxy. It handles SSL certificates automatically. Furthermore all services are accessible through subdomains. Best thing is, you can add your more with 3 lines of code - SSL: This is included by using traefik as reverse proxy. It handles SSL certificates automatically. Furthermore all services are accessible through subdomains. Best thing is, you can add your more with 3 lines of code
- Actual Stack: SSG SvelteKit + Tailwindcss + DaisyUI + GO Backend for easy and fast feature development - Actual Stack: SSG SvelteKit + Tailwindcss + DaisyUI + GO Backend for easy and fast feature development

6
handler/middleware/security_headers.go
View File

@@ -15,14 +15,14 @@ func SecurityHeaders(serverSettings *types.Settings) func(http.Handler) http.Han
w.Header().Set("Access-Control-Allow-Methods", "GET, POST, DELETE") w.Header().Set("Access-Control-Allow-Methods", "GET, POST, DELETE")
w.Header().Set("Content-Security-Policy", w.Header().Set("Content-Security-Policy",
"default-src 'none'; "+ "default-src 'none'; "+
"script-src 'self' https://umami.me-fit.eu; "+ "script-src 'self'; "+
"connect-src 'self' https://umami.me-fit.eu; "+ "connect-src 'self'; "+
"img-src 'self'; "+ "img-src 'self'; "+
"style-src 'self'; "+ "style-src 'self'; "+
"form-action 'self'; "+ "form-action 'self'; "+
"frame-ancestors 'none'; ", "frame-ancestors 'none'; ",
) )
w.Header().Set("Cross-Origin-Resource-Policy", "same-site") // same-site, as same origin prohibits umami w.Header().Set("Cross-Origin-Resource-Policy", "same-origin")
w.Header().Set("Cross-Origin-Opener-Policy", "same-origin") w.Header().Set("Cross-Origin-Opener-Policy", "same-origin")
w.Header().Set("Cross-Origin-Embedder-Policy", "require-corp") w.Header().Set("Cross-Origin-Embedder-Policy", "require-corp")
w.Header().Set("Permissions-Policy", "geolocation=(), camera=(), microphone=(), interest-cohort=()") w.Header().Set("Permissions-Policy", "geolocation=(), camera=(), microphone=(), interest-cohort=()")

9
handler/render.go
View File

@@ -12,13 +12,10 @@ import (
) )
type Render struct { type Render struct {
settings *types.Settings
} }
func NewRender(settings *types.Settings) *Render { func NewRender() *Render {
return &Render{ return &Render{}
settings: settings,
}
} }
func (render *Render) RenderWithStatus(r *http.Request, w http.ResponseWriter, comp templ.Component, status int) { func (render *Render) RenderWithStatus(r *http.Request, w http.ResponseWriter, comp templ.Component, status int) {
@@ -41,7 +38,7 @@ func (render *Render) RenderLayout(r *http.Request, w http.ResponseWriter, slot
func (render *Render) RenderLayoutWithStatus(r *http.Request, w http.ResponseWriter, slot templ.Component, user *types.User, status int) { func (render *Render) RenderLayoutWithStatus(r *http.Request, w http.ResponseWriter, slot templ.Component, user *types.User, status int) {
userComp := render.getUserComp(user) userComp := render.getUserComp(user)
layout := template.Layout(slot, userComp, render.settings.Environment) layout := template.Layout(slot, userComp)
render.RenderWithStatus(r, w, layout, status) render.RenderWithStatus(r, w, layout, status)
} }

2
main.go
View File

@@ -113,7 +113,7 @@ func createHandler(d *sql.DB, serverSettings *types.Settings) http.Handler {
authService := service.NewAuthImpl(authDb, randomService, clockService, mailService, serverSettings) authService := service.NewAuthImpl(authDb, randomService, clockService, mailService, serverSettings)
workoutService := service.NewWorkoutImpl(workoutDb, randomService, clockService, mailService, serverSettings) workoutService := service.NewWorkoutImpl(workoutDb, randomService, clockService, mailService, serverSettings)
render := handler.NewRender(serverSettings) render := handler.NewRender()
indexHandler := handler.NewIndex(authService, render) indexHandler := handler.NewIndex(authService, render)
authHandler := handler.NewAuth(authService, render) authHandler := handler.NewAuth(authService, render)
workoutHandler := handler.NewWorkout(workoutService, authService, render) workoutHandler := handler.NewWorkout(workoutService, authService, render)

6
main_test.go
View File

@@ -82,15 +82,15 @@ func TestIntegrationSecurityHeader(t *testing.T) {
value = resp.Header.Get("Content-Security-Policy") value = resp.Header.Get("Content-Security-Policy")
assert.Equal(t, "default-src 'none'; "+ assert.Equal(t, "default-src 'none'; "+
"script-src 'self' https://umami.me-fit.eu; "+ "script-src 'self'; "+
"connect-src 'self' https://umami.me-fit.eu; "+ "connect-src 'self'; "+
"img-src 'self'; "+ "img-src 'self'; "+
"style-src 'self'; "+ "style-src 'self'; "+
"form-action 'self'; "+ "form-action 'self'; "+
"frame-ancestors 'none';", value) "frame-ancestors 'none';", value)
value = resp.Header.Get("Cross-Origin-Resource-Policy") value = resp.Header.Get("Cross-Origin-Resource-Policy")
assert.Equal(t, "same-site", value) assert.Equal(t, "same-origin", value)
value = resp.Header.Get("Cross-Origin-Opener-Policy") value = resp.Header.Get("Cross-Origin-Opener-Policy")
assert.Equal(t, "same-origin", value) assert.Equal(t, "same-origin", value)

5
template/layout.templ
View File

@@ -1,6 +1,6 @@
package template package template
templ Layout(slot templ.Component, user templ.Component, environment string) { templ Layout(slot templ.Component, user templ.Component) {
<!DOCTYPE html> <!DOCTYPE html>
<html lang="en"> <html lang="en">
@@ -10,9 +10,6 @@ templ Layout(slot templ.Component, user templ.Component, environment string) {
<link rel="icon" href="/static/favicon.svg" /> <link rel="icon" href="/static/favicon.svg" />
<link rel="stylesheet" href="/static/css/tailwind.css" /> <link rel="stylesheet" href="/static/css/tailwind.css" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
if environment == "prod" {
<script defer src="https://umami.me-fit.eu/script.js" data-website-id="3c8efb09-44e4-4372-8a1e-c3bc675cd89a"></script>
}
<meta name="htmx-config" content='{ <meta name="htmx-config" content='{
"includeIndicatorStyles": false, "includeIndicatorStyles": false,
"selfRequestsOnly": true, "selfRequestsOnly": true,