A modern Rails 8 application for managing streamers and streaming sources with both a RESTful API and a real-time collaborative admin interface. Features JWT authentication, role-based authorization, real-time updates with Hotwire and ActionCable, and comprehensive deployment automation.
- Features
- Technology Stack
- Getting Started
- Architecture
- Admin Interface
- API Documentation
- Testing
- Deployment
- Development
- Contributing
- Dual Authentication: JWT for API, session-based for admin interface
- Real-time Collaboration: Cell-level locking for concurrent editing with presence tracking
- Role-Based Access Control: Three-tier role system (default, editor, admin)
- Streamer Management: Track content creators across multiple platforms
- Stream Management: Full CRUD with smart continuation logic (30-minute window)
- Timestamp System: Event annotations across multiple streams
- Platform Support: TikTok, Facebook, Twitch, YouTube, Instagram, Other
- Advanced Filtering: By status, user, platform, pin state, and archival status
- WebSocket Support: ActionCable for real-time updates
- Rate Limiting: Comprehensive request throttling via Rack::Attack
- Health Monitoring: Kubernetes-ready health check endpoints
- API Documentation: Interactive OpenAPI/Swagger documentation
- Feature Flags: Flipper-based feature management
- Smart Caching: Redis-backed with 90-minute expiration
- Automated Deployment: GitHub Actions CI/CD pipeline
- Cost Optimization: Scheduled power management for 67% cost savings
- Security Hardened: SSL, CORS, CSP headers, fail2ban
- 100% Docker: Fully containerized development and production
- Framework: Rails 8.0.x (API + Admin)
- Language: Ruby 3.3.6
- Database: PostgreSQL 17
- Cache/Sessions: Redis 7
- Web Server: Puma with multi-worker support
- JavaScript: Hotwire (Turbo + Stimulus) with esbuild
- CSS: Tailwind CSS 3.x
- Real-time: ActionCable WebSockets
- Build Tools: Node.js 20, Yarn
- API Auth: JWT with 24-hour expiration
- Admin Auth: Devise with bcrypt
- Authorization: Pundit policies
- Rate Limiting: Rack::Attack
- CORS: Rack::Cors
- Containerization: Docker & Docker Compose
- CI/CD: GitHub Actions (free tier)
- Deployment: DigitalOcean Droplet ($6/month)
- Proxy: Nginx with SSL/TLS
- Monitoring: Health checks, optional Sentry
- Testing: RSpec, FactoryBot, SimpleCov (high coverage)
- API Mocking: WebMock, VCR
- Code Quality: RuboCop, Brakeman
- Debugging: Better Errors, Bullet (N+1)
- Docker and Docker Compose (required)
- Git for version control
- A text editor (VS Code, etc.)
Important: This project runs exclusively in Docker containers. Never use system Ruby or Bundler.
- Clone the repository
git clone https://github.com/yourusername/streamsource.git
cd streamsource- Copy environment file
cp .env.example .env- Start the application
docker compose up -d- View logs (optional)
docker compose logs -f webThe application will automatically:
- Create and migrate the database
- Seed sample data including an admin user
- Build JavaScript and CSS assets
- Start the Rails server
- Access the application
- API:
http://localhost:3000 - Admin Interface:
http://localhost:3000/admin - API Documentation:
http://localhost:3000/api-docs - Feature Flags:
http://localhost:3000/admin/feature_flags
Admin User (development only):
- Email:
admin@example.com - Password:
Password123!
See Environment Variables Documentation for comprehensive configuration options.
Key variables:
SECRET_KEY_BASE- Required for productionDATABASE_URL- PostgreSQL connectionREDIS_URL- Redis connectionAPPLICATION_HOST- Your domain name
- User - Authentication with roles (default, editor, admin)
- Streamer - Content creators with normalized names
- StreamerAccount - Platform-specific accounts with auto-generated URLs
- Stream - Streaming sessions with smart continuation logic
- Timestamp - Event annotations linked to streams
- Removed Models: Notes and StreamUrl were removed for simplicity
- Smart Continuation: Streams within 30 minutes are considered continuous
- Real-time Collaboration: Redis-backed cell locking prevents conflicts
- Feature Flags: Gradual rollout and A/B testing support
- Zero-downtime Deployment: Symlink-based with automatic rollback
The admin interface supports multiple users editing simultaneously:
- Cell-level locking: Click to edit, automatic lock acquisition
- Presence tracking: See who's editing what in real-time
- Color coding: Each user gets a unique color
- Auto-unlock: 5-second timeout or disconnect releases locks
- Conflict prevention: Can't edit locked cells
/admin/streams- Stream management with filters and search/admin/streamers- Streamer and account management/admin/timestamps- Event tracking across streams/admin/users- User and role management/admin/feature_flags- Toggle features via Flipper UI
Cmd/Ctrl + K- Quick searchEscape- Close modalsTab- Navigate form fields
Access Swagger UI at http://localhost:3000/api-docs for interactive API exploration.
- Get a token:
curl -X POST http://localhost:3000/api/v1/users/login \
-H "Content-Type: application/json" \
-d '{"email": "user@example.com", "password": "Password123!"}'- Use the token:
curl -H "Authorization: Bearer YOUR_JWT_TOKEN" \
http://localhost:3000/api/v1/streamsGET /api/v1/streams- List with pagination and filtersPOST /api/v1/streams- Create new streamPATCH /api/v1/streams/:id- Update streamPUT /api/v1/streams/:id/pin- Pin important streamsPOST /api/v1/streams/:id/archive- Archive old streams
- Full CRUD operations
- Automatic platform URL generation
- Account management
- Link events to multiple streams
- Priority levels
- Time-based queries
Connect to /cable for real-time updates:
- Stream status changes
- Collaborative editing events
- Live notifications (when enabled)
# Run all tests with coverage
docker compose exec web bin/test
# Run specific test file
docker compose exec web bin/test spec/models/stream_spec.rb
# Run with specific pattern
docker compose exec web bin/test spec/controllers/api- Models: 100% coverage with edge cases
- Controllers: All endpoints tested
- Policies: Authorization rules verified
- Integration: Full request/response cycles
- WebSockets: ActionCable channels tested
GitHub Actions runs on every push:
- Full test suite with PostgreSQL and Redis
- Security scanning with Brakeman
- Dependency audit
- Automatic deployment on main branch
See DigitalOcean Deployment Guide for detailed instructions.
Quick Deploy (after initial setup):
make deploy HOST=your-droplet-ip- Droplet: $6/month (Basic plan)
- Automated Shutdown: 16 hours/day = 67% savings
- Total Cost: ~$6/month vs $27/month for always-on
- Push to main branch → Tests run → Auto-deploy
- Manual deployment: Actions tab → Run workflow
- Scheduled power: Auto on/off via cron
Required secrets:
DROPLET_HOST- Server IP/domainDEPLOY_SSH_KEY- Deployment keyDO_API_TOKEN- For power managementDROPLET_ID- Droplet identifier
# Rails console
docker compose exec web bin/rails console
# Database tasks
docker compose exec web bin/rails db:migrate
docker compose exec web bin/rails db:seed
# Asset compilation
docker compose exec web yarn build
docker compose exec web yarn build:css
# Linting
docker compose exec web bundle exec rubocop -A
# View logs
docker compose logs -f web- Create feature flag in Flipper UI
- Write tests first (TDD)
- Implement feature behind flag
- Test locally with flag enabled
- Deploy and test in production
- Gradually enable for users
- Follow Rails conventions
- Thin controllers, fat models
- Service objects for complex logic
- Policy objects for authorization
- Comprehensive tests
- Clear documentation
/health- Basic health check/health/live- Kubernetes liveness/health/ready- Readiness probe/metrics- Prometheus metrics (when enabled)
- Structured JSON logs with Lograge
- Request IDs for tracing
- Performance metrics included
- Error tracking ready (Sentry)
- Average response time: <100ms
- WebSocket latency: <50ms
- Database queries optimized
- N+1 queries prevented
- SSL/TLS enforced in production
- CORS configured for API access
- CSP headers prevent XSS
- Rate limiting prevents abuse
- SQL injection prevented by ActiveRecord
- CSRF protection for web interface
- Secure headers via middleware
- Regular dependency updates via Dependabot
- Security scanning in CI pipeline
- Secrets rotation recommended
- Audit logs for sensitive actions
- Encrypted credentials in Rails
- Fork the repository
- Create feature branch (
git checkout -b feature/amazing-feature) - Write comprehensive tests
- Ensure all tests pass
- Follow code style guidelines
- Update relevant documentation
- Commit with clear messages
- Push to branch (
git push origin feature/amazing-feature) - Open Pull Request with description
# Fork and clone
git clone https://github.com/yourusername/streamsource.git
cd streamsource
# Start development environment
docker compose up -d
# Run tests
docker compose exec web bin/test
# Make changes and testContainer won't start
- Check Docker is running
- Ensure ports 3000, 5432, 6379 are free
- Run
docker compose logs webfor errors
Database errors
- Run
docker compose exec web bin/rails db:reset - Check DATABASE_URL in .env
Asset compilation fails
- Run
docker compose exec web yarn install - Check Node/Yarn versions
Tests failing
- Ensure test database exists
- Run
docker compose exec web bin/rails db:test:prepare
This project is licensed under the MIT License - see the LICENSE file for details.
- Documentation: Check
/docsfolder - Issues: GitHub Issues for bug reports
- Discussions: GitHub Discussions for questions
- Security: Report vulnerabilities privately
Built with ❤️ using Rails 8, Hotwire, and modern web standards.