* Normalize Flask initialization API use.
* Use Flask-Talisman.
* Enable HSTS when HTTPS is enforced.
* More details about how CSP is formatted and write CSP directives as a string.
* Use CSP frame-ancestors directive and not X-Frame-Options for embedable endpoints.
* Add link to flask-talisman docs.
* set remember_token cookie to be HTTP-Only and Secure
* Reorganize secret key configuration to be forward thinking and backward compatible.
* monitor "schemas" queue to run refresh_schema
`refresh_schema` tasks won't run because "schemas" queue isn't consumed
with default settings.
and it cause leaking redis storage, a "schemas" list is growing with time.
this PR fix it, adds "schemas" queue to monitor by celery.
* use scheduled_worker for "schemas" queue
instead of "adhoc_worker"
Testing script on clean install of Ubuntu Desktop 16.04.1.
pip fails if not upgraded beforehand, whether "sudo" or "sudo -s" or "sudo -sH" is run.
After this modification it works perfectly from a clean install. Below are my steps if anyone should want to replicate or validate:
1. Clean install of Ubuntu 16.04.1 Desktop (on VM)
2. sudo apt-get -y install git
3. mkdir ~/git
4. cd ~/git
5. git clone https://github.com/getredash/redash
6. cd ~/git/redash/setup/ubuntu
7. chmod +x bootstrap.sh
8. nano bootstrap.sh
9. added "pip install --upgrade pip" to the script above the "pip install -U..." line.
10. Saved script.
11. sudo -H ./bootstrap.sh
Note that the "-H" is necessary in order to run the script successfully, otherwise you will run into pip ownership issues.
- Update version to 0.11.1.
- Move all apt commands to the beginning of the script and add the missing ones (lib-sasl).
- Fix the Redash Metadata data source creation command.
