Merge pull request #2 from warpc/906-remove-private-data

[refs #906]: remove private data

.gitignore

@@ -17,3 +17,6 @@ public/downloads/*
 .sass-cache/
 dump.rdb
 crash.log
+config/newrelic.yml
+config/deploy/*.rb
+config/deploy.rb

app/models/key_pair.rb

@@ -5,7 +5,7 @@ class KeyPair < ActiveRecord::Base
 
   attr_accessor :fingerprint
   attr_accessible :public, :secret, :repository_id
-  attr_encrypted :secret, :key => APP_CONFIG['secret_key']
+  attr_encrypted :secret, :key => APP_CONFIG['keys']['key_pair_secret_key']
 
   validates :repository_id, :user_id, :presence => true
   validates :secret, :public, :presence => true, :length => { :maximum => 10000 }, :on => :create

config/application.yml.sample

@@ -0,0 +1,57 @@
+common: &common
+  project_name: ABF
+  repo_project_name: ABF
+  anonymous_access: true
+  file_store_url: 'http://file-store.rosalinux.ru'
+  distr_types: ['mdv', 'rhel', 'nau5']
+  abf_worker:
+    publish_workers_count: 2
+  keys:
+    key_pair_secret_key: 'key_pair_secret_key'
+    airbrake_api_key: 'airbrake_api_key'
+    devise_pepper: 'devise_pepper'
+    secret_token: 'secret_token'
+
+  wiki_formats:
+    markdown:  "Markdown"
+    textile:   "Textile"
+    # rdoc:      "RDoc"
+    org:       "Org-mode"
+    # creole:    "Creole"
+    # mediawiki: "MediaWiki"
+  feedback:
+    email:
+      - 'test@example.com'
+      - 'test1@example.com'
+    # or
+    # email: 'test@example.com'
+
+    # optional parameters
+    cc:
+      - 'test2@example.com' # or like email
+    bcc:
+      - 'test3@example.com' # or like email
+    subject_prefixes: # or one line
+      - 'from_feedback'
+    subject_postfixes: # or one line
+      - 'sample_postfix'
+  shell_user: 'git'
+
+development:
+  <<: *common
+  root_path: /var/rosa
+  git_path: /var/rosa
+  do-not-reply-email: do-not-reply@localhost
+
+production:
+  <<: *common
+  root_path: /share
+  git_path: /mnt/gitstore
+  do-not-reply-email: do-not-reply@abf.rosalinux.ru
+  mailer_https_url: false
+
+test:
+  <<: *common
+  root_path: "use Rails.root/tmp/test_root in spec"
+  git_path: "use Rails.root/tmp/test_root in spec"
+  do-not-reply-email: do-not-reply@localhost

config/deploy.rb

@@ -1,126 +0,0 @@
-# -*- encoding : utf-8 -*-
-require 'cape'
-require 'capistrano_colors'
-
-set :default_environment, {
-  'LANG' => 'en_US.UTF-8'
-}
-
-#set :rake, "#{rake} --trace"
-
-require 'rvm/capistrano'
-require 'bundler/capistrano'
-require 'airbrake/capistrano'
-
-set :whenever_command, "bundle exec whenever"
-# require "whenever/capistrano"
-
-require 'capistrano/ext/multistage'
-set :default_stage, "staging"
-# set :stages, %w(production staging pingwinsoft) # auto readed
-
-# main details
-ssh_options[:forward_agent] = true
-default_run_options[:pty] = true
-
-set :application, "rosa_build"
-set(:deploy_to) { "/srv/#{application}" }
-set :user, "rosa"
-set :use_sudo, false
-set :keep_releases, 3
-
-set :scm, :git
-set :repository,  "git@github.com:warpc/rosa-build.git"
-set :deploy_via,  :remote_cache
-
-require './lib/recipes/nginx'
-require './lib/recipes/unicorn'
-#require './lib/recipes/bluepill'
-set :workers_count, 4
-require './lib/recipes/resque'
-
-namespace :deploy do
-  task :symlink_all, :roles => :app do
-    run "mkdir -p #{fetch :shared_path}/config"
-
-    # Setup DB
-    run "cp -n #{fetch :release_path}/config/database.yml.sample #{fetch :shared_path}/config/database.yml"
-    run "ln -nfs #{fetch :shared_path}/config/database.yml #{fetch :release_path}/config/database.yml"
-
-    # Setup application
-    run "cp -n #{fetch :release_path}/config/application.yml.sample #{fetch :shared_path}/config/application.yml"
-    run "ln -nfs #{fetch :shared_path}/config/application.yml #{fetch :release_path}/config/application.yml"
-
-    # It will survive downloads folder between deployments
-    run "mkdir -p #{fetch :shared_path}/downloads"
-    run "ln -nfs #{fetch :shared_path}/downloads/ #{fetch :release_path}/public/downloads"
-  end
-
-  task :symlink_pids, :roles => :app do
-    run "cd #{fetch :shared_path}/tmp && ln -nfs ../pids pids"
-  end
-
-  # Speed up precompile (http://www.bencurtis.com/2011/12/skipping-asset-compilation-with-capistrano )
-  # namespace :assets do
-  #   task :precompile, :roles => :web, :except => { :no_release => true } do
-  #     from = source.next_revision(current_revision)
-  #     if capture("cd #{latest_release} && #{source.local.log(from)} app/assets/ lib/assets/ vendor/assets/  | wc -l").to_i > 0
-  #       run "cd #{latest_release} && #{rake} RAILS_ENV=#{rails_env} #{asset_env} assets:precompile"
-  #     else
-  #       logger.info "Skipping asset pre-compilation because there were no asset changes"
-  #     end
-  #   end
-  # end
-end
-
-after "deploy:finalize_update", "deploy:symlink_all"
-after "deploy:update_code", "deploy:migrate"
-after "deploy:setup", "deploy:symlink_pids"
-
-# Bluepill
-#after "deploy:restart", "bluepill:restart" # "bluepill:processes:restart_dj" # "bluepill:restart"
-#after "deploy:start", "bluepill:start"
-#after "deploy:stop", "bluepill:stop"
-
-# Resque
-after "deploy:stop",    "resque:stop"
-after "deploy:start",   "resque:start"
-after "deploy:restart", "resque:restart"
-
-after "deploy:restart", "deploy:cleanup"
-
-namespace :rake_tasks do
-  Cape do
-    mirror_rake_tasks 'db:seeds'
-  end
-end
-
-namespace :update do
-  desc "Copy remote production shared files to localhost"
-  task :shared do
-    run_locally "rsync --recursive --times --rsh=ssh --compress --human-readable --progress #{user}@#{domain}:#{shared_path}/shared_contents/uploads public/uploads"
-  end
-
-  desc "Dump remote production postgresql database, rsync to localhost"
-  task :postgresql do
-    get("#{current_path}/config/database.yml", "tmp/database.yml")
-
-    remote_settings = YAML::load_file("tmp/database.yml")[rails_env]
-    local_settings = YAML::load_file("config/database.yml")["development"]
-
-
-    run "export PGPASSWORD=#{remote_settings["password"]} && pg_dump --host=#{remote_settings["host"]} --port=#{remote_settings["port"]} --username #{remote_settings["username"]} --file #{current_path}/tmp/#{remote_settings["database"]}_dump -Fc #{remote_settings["database"]}"
-
-    run_locally "rsync --recursive --times --rsh=ssh --compress --human-readable --progress #{user}@#{domain}:#{current_path}/tmp/#{remote_settings["database"]}_dump tmp/"
-
-    run_locally "dropdb -U #{local_settings["username"]} --host=#{local_settings["host"]} --port=#{local_settings["port"]} #{local_settings["database"]}"
-    run_locally "createdb -U #{local_settings["username"]} --host=#{local_settings["host"]} --port=#{local_settings["port"]} -T template0 #{local_settings["database"]}"
-    run_locally "pg_restore -U #{local_settings["username"]} --host=#{local_settings["host"]} --port=#{local_settings["port"]} -d #{local_settings["database"]} tmp/#{remote_settings["database"]}_dump"
-  end
-
-  desc "Dump all remote data to localhost"
-  task :all do
-    # update.shared
-    update.postgresql
-  end
-end

config/deploy/production.rb.sample

@@ -0,0 +1,10 @@
+# -*- encoding : utf-8 -*-
+require "whenever/capistrano"
+
+set :branch, "master"
+
+set :domain, "0.0.0.0"
+
+role :app, domain
+role :web, domain
+role :db,  domain, :primary => true

config/initializers/a_app_config.rb

@@ -0,0 +1,2 @@
+# -*- encoding : utf-8 -*-
+APP_CONFIG = YAML.load_file("#{Rails.root}/config/application.yml")[Rails.env]

config/initializers/airbrake.rb

@@ -0,0 +1,4 @@
+# -*- encoding : utf-8 -*-
+Airbrake.configure do |config|
+  config.api_key = APP_CONFIG['keys']['airbrake_api_key']
+end rescue nil

config/initializers/devise.rb

@@ -0,0 +1,203 @@
+# -*- encoding : utf-8 -*-
+# Use this hook to configure devise mailer, warden hooks and so forth. The first
+# four configuration values can also be set straight in your models.
+Devise.setup do |config|
+  # ==> Mailer Configuration
+  # Configure the e-mail address which will be shown in Devise::Mailer,
+  # note that it will be overwritten if you use your own mailer class with default "from" parameter.
+  config.mailer_sender = "Rosa Build <no-reply@npp-build.rosalab.ru>"
+
+  # Configure the class responsible to send e-mails.
+  # config.mailer = "Devise::Mailer"
+
+  # ==> ORM configuration
+  # Load and configure the ORM. Supports :active_record (default) and
+  # :mongoid (bson_ext recommended) by default. Other ORMs may be
+  # available as additional gems.
+  require 'devise/orm/active_record'
+
+  # ==> Configuration for any authentication mechanism
+  # Configure which keys are used when authenticating a user. The default is
+  # just :email. You can configure it to use [:username, :subdomain], so for
+  # authenticating a user, both parameters are required. Remember that those
+  # parameters are used only when authenticating and not when retrieving from
+  # session. If you need permissions, you should implement that in a before filter.
+  # You can also supply a hash where the value is a boolean determining whether
+  # or not authentication should be aborted when the value is not present.
+  config.authentication_keys = [ :login ]
+
+  # Configure parameters from the request object used for authentication. Each entry
+  # given should be a request method and it will automatically be passed to the
+  # find_for_authentication method and considered in your model lookup. For instance,
+  # if you set :request_keys to [:subdomain], :subdomain will be used on authentication.
+  # The same considerations mentioned for authentication_keys also apply to request_keys.
+  # config.request_keys = []
+
+  # Configure which authentication keys should be case-insensitive.
+  # These keys will be downcased upon creating or modifying a user and when used
+  # to authenticate or find a user. Default is :email.
+  config.case_insensitive_keys = [ :email, :uname ]
+
+  # Configure which authentication keys should have whitespace stripped.
+  # These keys will have whitespace before and after removed upon creating or
+  # modifying a user and when used to authenticate or find a user. Default is :email.
+  config.strip_whitespace_keys = [ :email, :uname ]
+
+  # Tell if authentication through request.params is enabled. True by default.
+  # config.params_authenticatable = true
+
+  # Tell if authentication through HTTP Basic Auth is enabled. False by default.
+  config.http_authenticatable = true
+
+  # If http headers should be returned for AJAX requests. True by default.
+  # config.http_authenticatable_on_xhr = true
+
+  # The realm used in Http Basic Authentication. "Application" by default.
+  # config.http_authentication_realm = "Application"
+
+  # It will change confirmation, password recovery and other workflows
+  # to behave the same regardless if the e-mail provided was right or wrong.
+  # Does not affect registerable.
+  # config.paranoid = true
+
+  # ==> Configuration for :database_authenticatable
+  # For bcrypt, this is the cost for hashing the password and defaults to 10. If
+  # using other encryptors, it sets how many times you want the password re-encrypted.
+  #
+  # Limiting the stretches to just one in testing will increase the performance of
+  # your test suite dramatically. However, it is STRONGLY RECOMMENDED to not use
+  # a value less than 10 in other environments.
+  config.stretches = Rails.env.test? ? 1 : 10
+
+  # Setup a pepper to generate the encrypted password.
+  config.pepper = APP_CONFIG['keys']['devise_pepper']
+
+  # ==> Configuration for :confirmable
+  # A period that the user is allowed to access the website even without
+  # confirming his account. For instance, if set to 2.days, the user will be
+  # able to access the website for two days without confirming his account,
+  # access will be blocked just in the third day. Default is 0.days, meaning
+  # the user cannot access the website without confirming his account.
+  # config.allow_unconfirmed_access_for = 2.days
+
+  # Defines which key will be used when confirming an account
+  # config.confirmation_keys = [ :email ]
+
+  # ==> Configuration for :rememberable
+  # The time the user will be remembered without asking for credentials again.
+  # config.remember_for = 2.weeks
+
+  # If true, extends the user's remember period when remembered via cookie.
+  # config.extend_remember_period = false
+
+  # Options to be passed to the created cookie. For instance, you can set
+  # :secure => true in order to force SSL only cookies.
+  # config.cookie_options = {}
+
+  # ==> Configuration for :validatable
+  # Range for password length. Default is 6..128.
+  # config.password_length = 6..128
+
+  # Email regex used to validate email formats. It simply asserts that
+  # an one (and only one) @ exists in the given string. This is mainly
+  # to give user feedback and not to assert the e-mail validity.
+  # config.email_regexp = /\A[^@]+@[^@]+\z/
+
+  # ==> Configuration for :timeoutable
+  # The time you want to timeout the user session without activity. After this
+  # time the user will be asked for credentials again. Default is 30 minutes.
+  # config.timeout_in = 30.minutes
+
+  # ==> Configuration for :lockable
+  # Defines which strategy will be used to lock an account.
+  # :failed_attempts = Locks an account after a number of failed attempts to sign in.
+  # :none            = No lock strategy. You should handle locking by yourself.
+  config.lock_strategy = :none
+
+  # Defines which key will be used when locking and unlocking an account
+  # config.unlock_keys = [ :email ]
+
+  # Defines which strategy will be used to unlock an account.
+  # :email = Sends an unlock link to the user email
+  # :time  = Re-enables login after a certain amount of time (see :unlock_in below)
+  # :both  = Enables both strategies
+  # :none  = No unlock strategy. You should handle unlocking by yourself.
+  config.unlock_strategy = :none
+
+  # Number of authentication tries before locking an account if lock_strategy
+  # is failed attempts.
+  # config.maximum_attempts = 20
+
+  # Time interval to unlock the account if :time is enabled as unlock_strategy.
+  # config.unlock_in = 1.hour
+
+  # ==> Configuration for :recoverable
+  #
+  # Defines which key will be used when recovering the password for an account
+  # config.reset_password_keys = [ :email ]
+
+  # Time interval you can reset your password with a reset password key.
+  # Don't put a too small interval or your users won't have the time to
+  # change their passwords.
+  config.reset_password_within = 2.hours
+
+  # ==> Configuration for :encryptable
+  # Allow you to use another encryption algorithm besides bcrypt (default). You can use
+  # :sha1, :sha512 or encryptors from others authentication tools as :clearance_sha1,
+  # :authlogic_sha512 (then you should set stretches above to 20 for default behavior)
+  # and :restful_authentication_sha1 (then you should set stretches to 10, and copy
+  # REST_AUTH_SITE_KEY to pepper)
+  # config.encryptor = :sha512
+
+  # ==> Configuration for :token_authenticatable
+  # Defines name of the authentication token params key
+  config.token_authentication_key = :token
+  config.skip_session_storage = [:token_auth, :http_auth]
+
+  # ==> Scopes configuration
+  # Turn scoped views on. Before rendering "sessions/new", it will first check for
+  # "users/sessions/new". It's turned off by default because it's slower if you
+  # are using only default views.
+  # config.scoped_views = false
+
+  # Configure the default scope given to Warden. By default it's the first
+  # devise role declared in your routes (usually :user).
+  # config.default_scope = :user
+
+  # Configure sign_out behavior.
+  # Sign_out action can be scoped (i.e. /users/sign_out affects only :user scope).
+  # The default is true, which means any logout action will sign out all active scopes.
+  # config.sign_out_all_scopes = true
+
+  # ==> Navigation configuration
+  # Lists the formats that should be treated as navigational. Formats like
+  # :html, should redirect to the sign in page when the user does not have
+  # access, but formats like :xml or :json, should return 401.
+  #
+  # If you have any extra navigational formats, like :iphone or :mobile, you
+  # should add them to the navigational formats lists.
+  #
+  # The :"*/*" and "*/*" formats below is required to match Internet
+  # Explorer requests.
+  # config.navigational_formats = [:"*/*", "*/*", :html]
+
+  # The default HTTP method used to sign out a resource. Default is :delete.
+  config.sign_out_via = :delete
+
+  # ==> OmniAuth
+  # Add a new OmniAuth provider. Check the wiki for more information on setting
+  # up on your models and hooks.
+  # config.omniauth :github, 'APP_ID', 'APP_SECRET', :scope => 'user,public_repo'
+  require 'openid/store/filesystem'
+  config.omniauth :openid, :name => 'open_id' #, :store => OpenID::Store::Filesystem.new('./tmp')
+
+  # ==> Warden configuration
+  # If you want to use other strategies, that are not supported by Devise, or
+  # change the failure app, you can configure them inside the config.warden block.
+  #
+  # config.warden do |manager|
+  #   manager.failure_app   = AnotherApp
+  #   manager.intercept_401 = false
+  #   manager.default_strategies(:scope => :user).unshift :some_external_strategy
+  # end
+end

config/initializers/secret_token.rb

@@ -0,0 +1,8 @@
+# -*- encoding : utf-8 -*-
+# Be sure to restart your server when you modify this file.
+
+# Your secret key for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+Rosa::Application.config.secret_token = APP_CONFIG['keys']['secret_token']

config/initializers/setup.rb

@@ -1,6 +1,4 @@
 # -*- encoding : utf-8 -*-
-APP_CONFIG = YAML.load_file("#{Rails.root}/config/application.yml")[Rails.env]
-
 Dir[Rails.root.join("lib/ext/**/*.rb")].each {|f| require f}
 require 'modules'
 require 'plugins'

config/newrelic.yml.sample

@@ -0,0 +1,227 @@
+#
+# This file configures the New Relic Agent.  New Relic monitors
+# Ruby, Java, .NET, PHP, and Python applications with deep visibility and low overhead.
+# For more information, visit www.newrelic.com.
+#
+# Generated January 26, 2012
+#
+# This configuration file is custom generated for Rosalab
+
+# Here are the settings that are common to all environments:
+common: &default_settings
+  # ============================== LICENSE KEY ===============================
+
+  # You must specify the license key associated with your New Relic
+  # account.  This key binds your Agent's data to your account in the
+  # New Relic service.
+  license_key: 'license_key'
+  
+  # Agent Enabled (Ruby/Rails Only)
+  # Use this setting to force the agent to run or not run.
+  # Default is 'auto' which means the agent will install and run only
+  # if a valid dispatcher such as Mongrel is running.  This prevents
+  # it from running with Rake or the console.  Set to false to
+  # completely turn the agent off regardless of the other settings.
+  # Valid values are true, false and auto.
+  # agent_enabled: auto
+  
+  # Application Name
+  # Set this to be the name of your application as you'd like it show
+  # up in New Relic.  New Relic will then auto-map instances of your application
+  # into a New Relic "application" on your home dashboard page. If you want
+  # to map this instance into multiple apps, like "AJAX Requests" and
+  # "All UI" then specify a semicolon-separated list of up to three
+  # distinct names.  If you comment this out, it defaults to the 
+  # capitalized RAILS_ENV (i.e., Production, Staging, etc)
+  app_name: ABF
+
+  # When "true", the agent collects performance data about your 
+  # application and reports this data to the New Relic service at
+  # newrelic.com. This global switch is normally overridden for each 
+  # environment below. (formerly called 'enabled')
+  monitor_mode: true
+
+  # Developer mode should be off in every environment but
+  # development as it has very high overhead in memory.
+  developer_mode: false
+
+  # The newrelic agent generates its own log file to keep its logging
+  # information separate from that of your application.  Specify its
+  # log level here.
+  log_level: info
+  
+  # The newrelic agent communicates with the New Relic service via http by
+  # default.  If you want to communicate via https to increase
+  # security, then turn on SSL by setting this value to true.  Note,
+  # this will result in increased CPU overhead to perform the
+  # encryption involved in SSL communication, but this work is done
+  # asynchronously to the threads that process your application code,
+  # so it should not impact response times.
+  ssl: false
+
+  # EXPERIMENTAL: enable verification of the SSL certificate sent by
+  # the server. This setting has no effect unless SSL is enabled
+  # above. This may block your application. Only enable it if the data
+  # you send us needs end-to-end verified certificates.
+  #
+  # This means we cannot cache the DNS lookup, so each request to the
+  # New Relic service will perform a lookup. It also means that we cannot
+  # use a non-blocking lookup, so in a worst case, if you have DNS
+  # problems, your app may block indefinitely.
+  # verify_certificate: true
+  
+  # Set your application's Apdex threshold value with the 'apdex_t'
+  # setting, in seconds. The apdex_t value determines the buckets used
+  # to compute your overall Apdex score. 
+  # Requests that take less than apdex_t seconds to process will be
+  # classified as Satisfying transactions; more than apdex_t seconds
+  # as Tolerating transactions; and more than four times the apdex_t
+  # value as Frustrating transactions. 
+  # For more about the Apdex standard, see
+  # http://newrelic.com/docs/general/apdex
+  apdex_t: 0.5
+
+  # Proxy settings for connecting to the New Relic server.
+  #
+  # If a proxy is used, the host setting is required.  Other settings
+  # are optional.  Default port is 8080.
+  #
+  # proxy_host: hostname
+  # proxy_port: 8080
+  # proxy_user:
+  # proxy_pass:
+
+  # Tells transaction tracer and error collector (when enabled)
+  # whether or not to capture HTTP params.  When true, frameworks can
+  # exclude HTTP parameters from being captured.
+  # Rails: the RoR filter_parameter_logging excludes parameters
+  # Java: create a config setting called "ignored_params" and set it to
+  #     a comma separated list of HTTP parameter names.
+  #     ex: ignored_params: credit_card, ssn, password 
+  capture_params: false
+
+  # Transaction tracer captures deep information about slow
+  # transactions and sends this to the New Relic service once a
+  # minute. Included in the transaction is the exact call sequence of
+  # the transactions including any SQL statements issued.
+  transaction_tracer:
+  
+    # Transaction tracer is enabled by default. Set this to false to
+    # turn it off. This feature is only available at the Professional
+    # product level.
+    enabled: true
+    
+    # Threshold in seconds for when to collect a transaction
+    # trace. When the response time of a controller action exceeds
+    # this threshold, a transaction trace will be recorded and sent to
+    # New Relic. Valid values are any float value, or (default) "apdex_f",
+    # which will use the threshold for an dissatisfying Apdex
+    # controller action - four times the Apdex T value.
+    transaction_threshold: apdex_f
+ 
+    # When transaction tracer is on, SQL statements can optionally be
+    # recorded. The recorder has three modes, "off" which sends no
+    # SQL, "raw" which sends the SQL statement in its original form,
+    # and "obfuscated", which strips out numeric and string literals.
+    record_sql: obfuscated
+    
+    # Threshold in seconds for when to collect stack trace for a SQL
+    # call. In other words, when SQL statements exceed this threshold,
+    # then capture and send to New Relic the current stack trace. This is
+    # helpful for pinpointing where long SQL calls originate from.
+    stack_trace_threshold: 0.500
+
+    # Determines whether the agent will capture query plans for slow
+    # SQL queries.  Only supported in mysql and postgres.  Should be
+    # set to false when using other adapters.
+    # explain_enabled: true
+
+    # Threshold for query execution time below which query plans will not 
+    # not be captured.  Relevant only when `explain_enabled` is true.
+    # explain_threshold: 0.5
+  
+  # Error collector captures information about uncaught exceptions and
+  # sends them to New Relic for viewing
+  error_collector:
+    
+    # Error collector is enabled by default. Set this to false to turn
+    # it off. This feature is only available at the Professional
+    # product level.
+    enabled: true
+    
+    # Rails Only - tells error collector whether or not to capture a 
+    # source snippet around the place of the error when errors are View 
+    # related.
+    capture_source: true    
+    
+    # To stop specific errors from reporting to New Relic, set this property
+    # to comma-separated values.  Default is to ignore routing errors,
+    # which are how 404's get triggered.
+    ignore_errors: ActionController::RoutingError
+
+  # (Advanced) Uncomment this to ensure the CPU and memory samplers
+  # won't run.  Useful when you are using the agent to monitor an
+  # external resource
+  # disable_samplers: true
+  
+  # If you aren't interested in visibility in these areas, you can
+  # disable the instrumentation to reduce overhead.
+  #
+  # disable_view_instrumentation: true
+  # disable_activerecord_instrumentation: true
+  # disable_memcache_instrumentation: true
+  # disable_dj: true
+  
+  # Certain types of instrumentation such as GC stats will not work if 
+  # you are running multi-threaded.  Please let us know.
+  # multi_threaded = false
+
+# Application Environments
+# ------------------------------------------
+# Environment-specific settings are in this section.
+# For Rails applications, RAILS_ENV is used to determine the environment.
+# For Java applications, pass -Dnewrelic.environment <environment> to set
+# the environment.
+
+# NOTE if your application has other named environments, you should
+# provide newrelic configuration settings for these environments here.
+
+development:
+  <<: *default_settings
+  # Turn off communication to New Relic service in development mode (also
+  # 'enabled').
+  # NOTE: for initial evaluation purposes, you may want to temporarily 
+  # turn agent communication on in development mode.
+  monitor_mode: false
+
+  # Rails Only - when running in Developer Mode, the New Relic Agent will 
+  # present performance information on the last 100 transactions you have
+  # executed since starting the app server.
+  # NOTE: There is substantial overhead when running in developer mode.
+  # Do not use for production or load testing.  
+  developer_mode: true
+  
+  # Enable textmate links
+  # textmate: true
+
+test:
+  <<: *default_settings
+  # It almost never makes sense to turn on the agent when running
+  # unit, functional or integration tests or the like.
+  monitor_mode: false
+
+# Turn on the agent in production for 24x7 monitoring.  New Relic
+# testing shows an average performance impact of < 5 ms per
+# transaction, so you can leave this on all the time without
+# incurring any user-visible performance degradation.
+production:
+  <<: *default_settings
+  monitor_mode: true
+
+# Many applications have a staging environment which behaves
+# identically to production.  Support for that environment is provided
+# here.  By default, the staging environment has the agent turned on.
+staging:
+  <<: *default_settings
+  monitor_mode: true
+  app_name: ABF (Staging)