Pupilfirst LMS is configured by setting environment variables. The following list of environment variables are divided into Essential and Optional environment variables. All essential variables must be set for the application to function properly.
# Set to your web application's Fully Qualified Domain Name (FQDN).
# URL to PostgreSQL database.
# This will be the default email address used in the 'from' field of outbound emails.
# Languages that are available, and the default language.
# Generate this value from the command line using `rake secret`.
Sending emails with Postmark
To set up Pupilfirst to send transactional emails, you'll need to create a Postmark account, and add the
POSTMARK_API_TOKEN environment variable with your account's API token.
Before proceeding with the next step, finish Postmark's account approval process, and make sure that outbound emails (such as sign-in emails) to domains other than your own are working.
Setting up the bounce and spam complaint webhook
You can configure Pupilfirst to block sending of emails to user addresses that are hard-bouncing, or where the users have complained that messages are spam. To do so, create a webhook once you've gotten outbound mails working.
- You can create webhooks by logging into your Postmark account, and heading to Servers > Your Server > Your Message Stream > Webhooks > Add Webhook.
- The webhook should be pointed to:
- The Bounce and Spam Complaint options should be the events that are selected - there is no need to include the message content.
- Add some Basic auth credentials, and use those values to configure the
POSTMARK_HOOK_SECRETenvironment variables on Heroku.
File storage using AWS
To allow users to upload files, and to retrieve them, we'll use AWS's S3. The service has extensive documentation.
The following process is overly simplified, but is what you'll broadly need to do:
- Create a new S3 bucket to store uploaded files.
- Set up an IAM user with read & write permissions on the bucket.
- Configure Pupilfirst to use the newly created bucket using the correct credentials. Refer
Sign up for Google's Recaptcha service and generate both V3 (invisible) and V2 (visible) by supplying your application's FQDN.
Web push notifications
To enable push notifications you will have to set mandatory environment variable
You can generate the keys by running the following commands on a Rails console:
vapid_key = Webpush.generate_key
Detailed Documentation: https://github.com/zaru/webpush#generating-vapid-keys
# Bas64 encoded private key used for generating the cloudfront public key
# Cloudfront hostname
# Cloudfront public key pair ID
# An integer in seconds used to compute the expiry time for the signed URL
To enable delivery of user-uploaded files through a CDN, you will have to set Cloudfront environment variables.
- Create a Cloudfront public key to generate signed URLs with canned policy.
- Create a cloudfront distribution for accessing the private AWS S3 contents with signed URLs.
- Set up the required environment variables.
Sign in with OAuth
Warning: These instructions, for signing in with OAuth, are rough. This feature will need to be made configurable before its documentation can be expanded / re-written.
- Create OAuth apps for Google, Github, and Facebook, setting the redirect URI for each of these apps to
https://your.school.domain/users/auth/SERVICE/callback, where service is one of
- Set credentials for OAuth apps - the required environment variables and listed above, and inside
- Set the
SSO_DOMAINenvironment variable to your fully qualified domain name (
your.school.domain, for example).
Rollbar can be used to monitor both server-side and client-side errors. Because of this, two separate tokens are required:
ROLLBAR_SERVER_TOKENwith your project's
ROLLBAR_CLIENT_TOKENwith your project's
You can find both of these tokens by going to your project's Settings > Project Access Tokens.
Performance and error monitoring with New Relic
To enable performance and error monitoring with New Relic, sign up for a New Relic account and configure its credentials using the
API rate limiting
At minimum, to enable rate limiting on the API, you need to set the
REDIS_URL to a Redis connection string. The
_PERIOD keys default to 300 requests per 60 seconds.
Direct Upload to Vimeo
To enable direct uploads to a Vimeo account from the curriculum editor, add the
premium) environment variables.
Make sure that the access token has the following scopes enabled:
Note: You cannot upload private videos if your Vimeo account type is
Alerts for repeated submission rejection by bots
If you're using the API to review and reject submissions, it's possible that students may repeatedly submit values that get rejected by automation. To be notified of such events, so that you can manually intervene, set the following two environment variables to notify all human coaches in a course about a bot repeatedly rejecting submissions.
# Comma-separated IDs of bot coaches (`faculty` table) members used to review submissions.
# Every n-th rejected submission by a bot will trigger an email to all non-bot coaches in a course.
To deactivate this feature, simply avoid setting the
BOT_EVALUATOR_IDS environment variable, or set
BOT_EVALUATOR_REPEAT_REJECTION_ALERT_THRESHOLD to zero.