WIP JPEG avatars

refs #174

.env.example

@@ -1,6 +1,23 @@
 # PRIMARY_DOMAIN=kosmos.org
 # AKKOUNTS_DOMAIN=accounts.example.com
 
+# Generate this using `rails secret`
+# SECRET_KEY_BASE=
+
+# Generate these using `rails db:encryption:init`
+# (Optional, needed for LndHub integration)
+# ENCRYPTION_PRIMARY_KEY=
+# ENCRYPTION_KEY_DERIVATION_SALT=
+
+# The default backend is SQLite
+# DB_ADAPTER=postgresql
+# PG_HOST=localhost
+# PG_PORT=5432
+# PG_DATABASE=akkounts
+# PG_DATABASE_QUEUE=akkounts_queue
+# PG_USERNAME=akkounts
+# PG_PASSWORD=
+
 # SMTP_SERVER=smtp.example.com
 # SMTP_PORT=587
 # SMTP_LOGIN=accounts
@@ -20,8 +37,12 @@
 
 # LDAP_HOST=localhost
 # LDAP_PORT=389
+# LDAP_USE_TLS=false
+# LDAP_UID_ATTR=cn
+# LDAP_BASE="ou=kosmos.org,cn=users,dc=kosmos,dc=org"
+# LDAP_ADMIN_USER="cn=Directory Manager"
 # LDAP_ADMIN_PASSWORD=passthebutter
-# LDAP_SUFFIX='dc=kosmos,dc=org'
+# LDAP_SUFFIX="dc=kosmos,dc=org"
 
 # REDIS_URL='redis://localhost:6379/1'
 

.env.test

@@ -1,6 +1,9 @@
 PRIMARY_DOMAIN=kosmos.org
 AKKOUNTS_DOMAIN=accounts.kosmos.org
 
+ENCRYPTION_PRIMARY_KEY=YhNLBgCFMAzw5dV3gISxnGrhNDMQwRdn
+ENCRYPTION_KEY_DERIVATION_SALT=h28g16MRZ1sghF2jTCos1DiLZXUswinR
+
 REDIS_URL='redis://localhost:6379/0'
 
 BTCPAY_PUBLIC_URL='https://btcpay.example.com'
@@ -21,7 +24,8 @@ LNDHUB_PUBLIC_KEY='024cd3be18617f39cf645851e3ba63f51fc13f0bb09e3bb25e6fd4de55648
 NOSTR_PRIVATE_KEY='7c3ef7e448505f0615137af38569d01807d3b05b5005d5ecf8aaafcd40323cea'
 NOSTR_PUBLIC_KEY='bdd76ce2934b2f591f9fad2ebe9da18f20d2921de527494ba00eeaa0a0efadcf'
 
-RS_STORAGE_URL='https://storage.kosmos.org'
 RS_REDIS_URL='redis://localhost:6379/1'
+RS_STORAGE_URL='https://storage.kosmos.org'
+RS_AKKOUNTS_DOMAIN=localhost
 
 WEBHOOKS_ALLOWED_IPS='10.1.1.23'

Gemfile

@@ -4,7 +4,7 @@ git_source(:github) { |repo| "https://github.com/#{repo}.git" }
 # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
 gem 'rails', '~> 8.0'
 # Use Puma as the app server
-gem 'puma', '~> 4.1'
+gem 'puma', '~> 6.6'
 # View components
 gem "view_component"
 # Asset bundler
@@ -19,17 +19,12 @@ gem "turbo-rails"
 gem "stimulus-rails"
 # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
 gem 'jbuilder', '~> 2.7'
-# Use Redis adapter to run Action Cable in production
-# gem 'redis', '~> 4.0'
 # Use Active Model has_secure_password
 gem 'bcrypt', '~> 3.1'
 
 # Configuration
 gem 'dotenv-rails'
 
-# Security
-gem 'lockbox'
-
 # Authentication
 gem 'warden'
 gem 'devise', '~> 4.9.0'
@@ -53,8 +48,8 @@ gem 'down'
 gem 'aws-sdk-s3', require: false
 
 # Background/scheduled jobs
-gem 'sidekiq', '< 7'
-gem 'sidekiq-scheduler'
+gem 'solid_queue'
+gem "mission_control-jobs"
 
 # Monitoring
 gem "sentry-ruby"
@@ -65,6 +60,7 @@ gem 'discourse_api'
 gem "lnurl"
 gem 'manifique', '~> 1.1.0'
 gem 'nostr', '~> 0.6.0'
+gem "redis", "~> 5.4"
 
 group :development, :test do
   # Use sqlite3 as the database for Active Record

Gemfile.lock

@@ -244,7 +244,6 @@ GEM
       rb-inotify (~> 0.9, >= 0.9.10)
     lnurl (1.1.1)
       bech32 (~> 1.1)
-    lockbox (2.0.1)
     logger (1.7.0)
     loofah (2.24.0)
       crass (~> 1.0.2)
@@ -265,6 +264,16 @@ GEM
     mini_mime (1.1.5)
     mini_portile2 (2.8.8)
     minitest (5.25.5)
+    mission_control-jobs (1.0.2)
+      actioncable (>= 7.1)
+      actionpack (>= 7.1)
+      activejob (>= 7.1)
+      activerecord (>= 7.1)
+      importmap-rails (>= 1.2.1)
+      irb (~> 1.13)
+      railties (>= 7.1)
+      stimulus-rails
+      turbo-rails
     multipart-post (2.4.1)
     net-http (0.6.0)
       uri
@@ -315,7 +324,7 @@ GEM
       date
       stringio
     public_suffix (6.0.1)
-    puma (4.3.12)
+    puma (6.6.0)
       nio4r (~> 2.0)
     raabro (1.4.0)
     racc (1.8.1)
@@ -375,7 +384,10 @@ GEM
       logger
     rdoc (6.13.1)
       psych (>= 4.0.0)
-    redis (4.8.1)
+    redis (5.4.0)
+      redis-client (>= 0.22.0)
+    redis-client (0.24.0)
+      connection_pool
     regexp_parser (2.10.0)
     reline (0.6.1)
       io-console (~> 0.5)
@@ -424,8 +436,6 @@ GEM
     ruby-vips (2.2.3)
       ffi (~> 1.12)
       logger
-    rufus-scheduler (3.9.2)
-      fugit (~> 1.1, >= 1.11.1)
     sanitize (7.0.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.16.8)
@@ -436,14 +446,6 @@ GEM
     sentry-ruby (5.23.0)
       bigdecimal
       concurrent-ruby (~> 1.0, >= 1.0.2)
-    sidekiq (6.5.12)
-      connection_pool (>= 2.2.5, < 3)
-      rack (~> 2.0)
-      redis (>= 4.5.0, < 5)
-    sidekiq-scheduler (5.0.6)
-      rufus-scheduler (~> 3.2)
-      sidekiq (>= 6, < 8)
-      tilt (>= 1.4.0, < 3)
     solargraph (0.54.2)
       backport (~> 1.2)
       benchmark (~> 0.4)
@@ -463,6 +465,13 @@ GEM
       tilt (~> 2.0)
       yard (~> 0.9, >= 0.9.24)
       yard-solargraph (~> 0.1)
+    solid_queue (1.1.5)
+      activejob (>= 7.1)
+      activerecord (>= 7.1)
+      concurrent-ruby (>= 1.3.1)
+      fugit (~> 1.11.0)
+      railties (>= 7.1)
+      thor (~> 1.3.1)
     sqlite3 (2.6.0)
       mini_portile2 (~> 2.8.0)
     sqlite3 (2.6.0-arm64-darwin)
@@ -541,24 +550,24 @@ DEPENDENCIES
   letter_opener_web
   listen (~> 3.2)
   lnurl
-  lockbox
   manifique (~> 1.1.0)
+  mission_control-jobs
   net-ldap
   nostr (~> 0.6.0)
   pagy (~> 6.0, >= 6.0.2)
   pg (~> 1.5)
   propshaft
-  puma (~> 4.1)
+  puma (~> 6.6)
   rails (~> 8.0)
   rails-controller-testing
   rails-settings-cached (~> 2.8.3)
+  redis (~> 5.4)
   rqrcode (~> 2.0)
   rspec-rails
   sentry-rails
   sentry-ruby
-  sidekiq (< 7)
-  sidekiq-scheduler
   solargraph
+  solid_queue
   sqlite3 (>= 2.1)
   stimulus-rails
   turbo-rails

README.md

@@ -57,7 +57,7 @@ Running the test suite:
 Running the test suite with Docker Compose requires overriding the Rails
 environment:
 
-    docker-compose run -e "RAILS_ENV=test" web rspec
+    docker-compose exec -e "RAILS_ENV=test" web rspec
 
 ### Docker Compose
 

app/controllers/admin/lightning_controller.rb

@@ -4,7 +4,7 @@ class Admin::LightningController < Admin::BaseController
   def index
     @current_section = :lightning
 
-    @users = User.pluck(:cn, :ou, :ln_account)
+    @users = User.pluck(:cn, :ou, :lndhub_username)
     @accounts = LndhubAccount.with_balances.order(balance: :desc).to_a
 
     @ln = {}

app/controllers/lnurlpay_controller.rb

@@ -37,7 +37,7 @@ class LnurlpayController < ApplicationController
       pubkey: Setting.lndhub_public_key,
       customData: [{
         customKey: "696969",
-        customValue: @user.ln_account
+        customValue: @user.lndhub_username
       }]
     }
   end

app/controllers/services/lightning_controller.rb

@@ -9,7 +9,7 @@ class Services::LightningController < ApplicationController
   before_action :lndhub_fetch_balance
 
   def index
-    @wallet_setup_url = "lndhub://#{current_user.ln_account}:#{current_user.ln_password}@#{ENV['LNDHUB_PUBLIC_URL']}"
+    @wallet_setup_url = "lndhub://#{current_user.lndhub_username}:#{current_user.lndhub_password}@#{ENV['LNDHUB_PUBLIC_URL']}"
   end
 
   def transactions

app/controllers/webhooks_controller.rb

@@ -5,7 +5,7 @@ class WebhooksController < ApplicationController
   before_action :process_payload
 
   def lndhub
-    @user = User.find_by!(ln_account: @payload[:user_login])
+    @user = User.find_by!(lndhub_username: @payload[:user_login])
 
     if @zap = @user.zaps.find_by(payment_request: @payload[:payment_request])
       settled_at = Time.parse(@payload[:settled_at])

app/jobs/create_ldap_user_job.rb

@@ -4,7 +4,7 @@ class CreateLdapUserJob < ApplicationJob
   def perform(username:, domain:, email:, hashed_pw:, confirmed: false)
     dn = "cn=#{username},ou=#{domain},cn=users,dc=kosmos,dc=org"
     attr = {
-      objectclass: ["top", "account", "person", "extensibleObject"],
+      objectclass: ["top", "account", "person", "inetOrgPerson", "extensibleObject"],
       cn: username,
       sn: username,
       uid: username,

app/jobs/create_lndhub_account_job.rb

@@ -2,12 +2,12 @@ class CreateLndhubAccountJob < ApplicationJob
   queue_as :default
 
   def perform(user)
-    return if user.ln_account.present? && user.ln_password.present?
+    return if user.lndhub_username.present? && user.lndhub_password.present?
 
     lndhub = LndhubV2.new
     credentials = lndhub.create_account
 
-    user.update! ln_account: credentials["login"],
-                 ln_password: credentials["password"]
+    user.update! lndhub_username: credentials["login"],
+                 lndhub_password: credentials["password"]
   end
 end

app/jobs/remote_storage_expire_authorization_job.rb

@@ -3,8 +3,6 @@ class RemoteStorageExpireAuthorizationJob < ApplicationJob
 
   def perform(rs_auth_id)
     rs_auth = RemoteStorageAuthorization.find rs_auth_id
-    return unless rs_auth.expire_at.nil? || rs_auth.expire_at <= DateTime.now
-
     rs_auth.destroy!
   end
 end

app/models/lndhub_user.rb

@@ -6,7 +6,7 @@ class LndhubUser < LndhubBase
                       foreign_key: "user_id"
 
   belongs_to :user, class_name: "User",
-                    primary_key: "ln_account",
+                    primary_key: "lndhub_username",
                     foreign_key: "login"
 
   def balance

app/models/remote_storage_authorization.rb

@@ -69,11 +69,19 @@ class RemoteStorageAuthorization < ApplicationRecord
     end
 
     def remove_token_expiry_job
-      queue = Sidekiq::Queue.new(RemoteStorageExpireAuthorizationJob.queue_name)
-      queue.each do |job|
-        next unless job.display_class == "RemoteStorageExpireAuthorizationJob"
-        job.delete if job.display_args == [id]
-      end
+      job_class = RemoteStorageExpireAuthorizationJob
+      job_args = [id]
+
+      query = SolidQueue::Job.where(class_name: job_class.to_s)
+
+      case ActiveRecord::Base.connection.adapter_name.downcase
+      when /sqlite/
+        query.where("json_extract(arguments, '$.arguments') = ?", job_args.to_json)
+      when /postgres/
+        query.where("CAST(arguments AS jsonb)->>'arguments' = ?", job_args.to_json)
+      else
+        raise "Unsupported database adapter"
+      end.destroy_all
     end
 
     def find_or_create_web_app

app/models/user.rb

@@ -23,7 +23,7 @@ class User < ApplicationRecord
   has_many :zaps
 
   has_one  :lndhub_user, class_name: "LndhubUser", inverse_of: "user",
-                         primary_key: "ln_account", foreign_key: "login"
+                         primary_key: "lndhub_username", foreign_key: "login"
 
   has_many :accounts, through: :lndhub_user
 
@@ -66,7 +66,7 @@ class User < ApplicationRecord
   # Encrypted database columns
   #
 
-  has_encrypted :ln_login, :ln_password
+  encrypts :lndhub_password
 
   # Include default devise modules. Others available are:
   # :confirmable, :lockable, :timeoutable, :trackable and :omniauthable
@@ -159,6 +159,25 @@ class User < ApplicationRecord
     @display_name ||= ldap_entry[:display_name]
   end
 
+  def avatar
+    @avatar ||= LdapManager::FetchAvatar.call(cn: cn)
+  end
+
+  def avatar_base64
+    @avatar_base64 ||= begin
+      if avatar.present?
+        Rails.logger.debug { "Avatar data size: #{avatar.size}" }
+        Base64.strict_encode64(avatar)
+      else
+        Rails.logger.error { "Avatar data is empty or nil" }
+        return nil
+      end
+    rescue StandardError => e
+      Rails.logger.error { "Failed to encode avatar: #{e.message}" }
+      nil
+    end
+  end
+
   def nostr_pubkey
     @nostr_pubkey ||= ldap_entry[:nostr_key]
   end
@@ -186,10 +205,6 @@ class User < ApplicationRecord
     ZBase32.encode(Digest::SHA1.digest(cn))
   end
 
-  def avatar
-    @avatar_base64 ||= LdapManager::FetchAvatar.call(cn: cn)
-  end
-
   def services_enabled
     ldap_entry[:services_enabled] || []
   end

app/services/ldap_manager/fetch_avatar.rb

@@ -10,7 +10,33 @@ module LdapManager
       filter     = Net::LDAP::Filter.eq("cn", @cn)
 
       entry = client.search(base: treebase, filter: filter, attributes: attributes).first
-      entry.try(:jpegPhoto) ? entry.jpegPhoto.first : nil
+
+      if entry&.jpegPhoto
+        binary_data = entry.jpegPhoto.first # Use first value (binary)
+        Rails.logger.debug { "Fetched jpegPhoto size: #{binary_data.bytesize}" }
+        create_tempfile(binary_data)
+      else
+        Rails.logger.debug { "No jpegPhoto found for cn=#{@cn}, ou=#{@ou}" }
+        nil
+      end
+    end
+
+    def create_tempfile(binary_data)
+      tempfile = Tempfile.new(['image', '.jpg'])
+      tempfile.binmode
+      tempfile.write(binary_data)
+      tempfile.rewind
+
+      Rails.logger.debug { "Storing debug file for cn=#{@cn}, size=#{tempfile.size}" }
+
+      data = tempfile.read
+
+      debug_file_path = "#{Rails.root}/tmp/avatar-fetched.jpg"
+      debug_file = File.open(debug_file_path, 'wb')
+      debug_file.write(data)
+      debug_file.close
+
+      data
     end
   end
 end

app/services/ldap_manager/update_avatar.rb

@@ -8,20 +8,30 @@ module LdapManager
     end
 
     def call
-      replace_attribute @dn, :jpegPhoto, @img_data
+      Rails.logger.debug { "Storing jpegPhoto for dn=#{@dn}, size=#{@img_data.bytesize}" }
+      result = replace_attribute @dn, :jpegPhoto, @img_data
+      Rails.logger.debug { "LDAP replace_attribute result: #{result}" }
+      result
     end
 
     private
 
     def process(file)
       processed = ImageProcessing::Vips
-        .resize_to_fill(512, 512)
+        .resize_to_fill(256, 256)
         .source(file)
         .convert("jpeg")
         .saver(strip: true)
         .call
 
-      Base64.strict_encode64 processed.read
+      data = processed.read
+
+      debug_file_path = "#{Rails.root}/tmp/avatar-processed.jpg"
+      debug_file = File.open(debug_file_path, 'wb')
+      debug_file.write(data)
+      debug_file.close
+
+      data
     end
   end
 end

app/services/lndhub.rb

@@ -33,7 +33,10 @@ class Lndhub < ApplicationService
   end
 
   def authenticate(user)
-    credentials = post "auth?type=auth", { login: user.ln_account, password: user.ln_password }
+    credentials = post "auth?type=auth", {
+      login: user.lndhub_username,
+      password: user.lndhub_password
+    }
     self.auth_token = credentials["access_token"]
     self.auth_token
   end

app/views/admin/users/show.html.erb

@@ -276,7 +276,7 @@
       </thead>
       <tbody>
         <tr>
-          <td><%= @user.ln_account %></td>
+          <td><%= @user.lndhub_username %></td>
           <td><%= number_with_delimiter @lndhub_user.balance %> sats</td>
           <td><%= number_with_delimiter @lndhub_user.sum_incoming %> sats</td>
           <td><%= number_with_delimiter @lndhub_user.sum_outgoing %> sats</td>
@@ -285,7 +285,7 @@
       </tbody>
     </table>
     <% else %>
-      <p>No LndHub user found for account <strong class="font-mono"><%= @user.ln_account %></strong>.
+      <p>No LndHub user found for account <strong class="font-mono"><%= @user.lndhub_username %></strong>.
     <% end %>
   </section>
   <% end %>

app/views/settings/_profile.html.erb

@@ -20,7 +20,7 @@
       </button>
     </p>
     <p class="text-sm text-gray-500">
-      Your user address for Chat and Lightning Network.
+      Your account's address on the Internet
     </p>
   </div>
   <%= form_for(@user, url: setting_path(:profile), html: { :method => :put }) do |f| %>
@@ -40,9 +40,10 @@
         Default profile picture
       </p>
       <div class="flex items-center gap-6">
-        <% if current_user.avatar.present? %>
+        <% unless current_user.avatar.nil? %>
         <p class="flex-none">
-          <%= image_tag "data:image/jpeg;base64,#{current_user.avatar}", class: "h-24 w-24 rounded-lg" %>
+          <%= image_tag "data:image/jpeg;base64,#{current_user.avatar_base64}",
+                class: "h-24 w-24 rounded-lg" %>
         </p>
         <% end %>
         <div class="grow">

bin/jobs

@@ -0,0 +1,6 @@
+#!/usr/bin/env ruby
+
+require_relative "../config/environment"
+require "solid_queue/cli"
+
+SolidQueue::Cli.start(ARGV)

config/application.rb

@@ -47,11 +47,15 @@ module Akkounts
       g.stylesheets         false
     end
 
-    config.active_job.queue_adapter = :sidekiq
+    config.active_job.queue_adapter = :solid_queue
+    config.mission_control.jobs.http_basic_auth_enabled = false
 
     config.action_mailer.deliver_later_queue_name = nil # use "default" queue
 
     # The default includes webp, which requires webp support everywhere
     config.active_storage.web_image_content_types = %w[image/png image/jpeg image/gif]
+
+    config.active_record.encryption.primary_key = ENV["ENCRYPTION_PRIMARY_KEY"]
+    config.active_record.encryption.key_derivation_salt = ENV["ENCRYPTION_KEY_DERIVATION_SALT"]
   end
 end

config/credentials.yml.enc

@@ -1 +0,0 @@
-tmI5vm7qZhaigr52jEBVWkRdj+EE+9OmPh3vWXC7kA/OHuuucpr7SodychuMkQDPLM0BLk88LFsqvRIR+mqnLWpRC+P9aeUFE6ohxSWzcAd7Y4sgxUD8zpCRPndrwTw0hxXXj1WZSYeWn4BoAB34aV+gYen2MajZF3a95hJGtS5yjgWxvLVkQQKqRDfykkfX6fCS0BPo5X7sT7m4xwCATD/D4219wajm5W3TIdkriHtwt28ZLspaRWA5e0UkzKf8+/Gaj2CrW7UWcvew8R93zQ5RA2/Sp3sDTVN+kLz9I9Q095lQC0ywCAEFYHeKmc2tjrzqRaAAWu06xmWLqGIg21G+A/UU9lUJOkIpxQACWoOfS2IoXR1nXhgXMopkz3aCBXDxKw554v4H2QyOceOsuRf2C685ibMqzQkKMmJ4tcbiOJL77DUc08JTjB8Dq4Ohr8sMzXbV/hATevjYoRP0XarLekqhLv90ZLuIVY16DwB0CzACeNBKeKbeLqJF51upRRWgi+gTbYpV04yUwnXdyssF8mydWocgihrTryBi8F6PsuhBGcaYdP+0yibnGxDCC4x2rupbBfMj2OIX7pYzgtIHB3Eo954Y+bCoggqbE/Qrb9VVXNMgtKgLt8EGWU2tg6wl9QicitIq87uLDAade93zTn6rmcKPywjMDo6jbVIs653ZdUhiKdHGdpnJccbgQ/iLSPB1umNnCeaEX5jM+K9zBvl7ZMCdSk1YIQ==--ekKumqLiSlVJNwMe--K/ecXmmMT1x+WnIXMbHBDw==

config/credentials/test.key

@@ -1 +0,0 @@
-6b101c9addbfa5f959b5859f756bc9d7

config/credentials/test.yml.enc

@@ -1 +0,0 @@
-vqH5By5qFLImVjdlWj+7FwGg8APKnr/AEd7WqekG7L0vNA32WGBpwS1uGzs02LIcATRwGj8DyJxiBOB/w9z8cwoO+t6Woi5hAnOSCQwFWKLT0dZq7jgtT8pxK0Yu/Nf91PEFN1rc/8ZFy2KKVpbtMbMPyivT38e/ctBZD/lHrWkndvLXYvFVhqWjUnDOGbhwl/U0RZgqBBjvlm3B0JkQfiN8VXPlCJL2Cd8kd0+MpRCRTgtcxA==--OdVXnDP7OhzJxCsP--+8SI6IFIeXyDxXb+WpqhIQ==

config/database.yml

@@ -1,21 +1,37 @@
 default: &default
-  adapter: sqlite3
+  adapter: <%= ENV["DB_ADAPTER"] || "sqlite3" %>
   pool: <%= ENV["DB_POOL"] || ENV['MAX_THREADS'] || 5 %>
   timeout: 5000
+<% if ENV["DB_ADAPTER"] == "postgresql" %>
+  host: <%= ENV["PG_HOST"] || 'localhost' %>
+  port: <%= ENV["PG_PORT"] || 5432 %>
+  username: <%= ENV["PG_USERNAME"] || 'akkounts' %>
+  password: <%= ENV["PG_PASSWORD"] %>
+<% end %>
+
+<% if ENV["LNDHUB_PG_HOST"].present? %>
+lndhub: &lndhub
+  adapter: postgresql
+  database_tasks: false
+  host: <%= ENV["LNDHUB_PG_HOST"] %>
+  port: <%= ENV["LNDHUB_PG_PORT"] || 5432 %>
+  database: <%= ENV["LNDHUB_PG_DATABASE"] || 'lndhub' %>
+  username: <%= ENV["LNDHUB_PG_USERNAME"] || 'lndhub' %>
+  password: <%= ENV["LNDHUB_PG_PASSWORD"] %>
+<% end %>
 
 development:
   primary:
     <<: *default
-    database: db/development.sqlite3
-  lndhub:
+    database: <%= ENV["DB_ADAPTER"] == "postgresql" ? ENV["PG_DATABASE"] : "db/development.sqlite3" %>
+  queue:
     <<: *default
-    adapter: postgresql
-    database_tasks: false
-    host: <%= ENV["LNDHUB_PG_HOST"] || 'localhost' %>
-    port: <%= ENV["LNDHUB_PG_PORT"] || 5432 %>
-    database: <%= ENV["LNDHUB_PG_DATABASE"] || 'lndhub' %>
-    username: <%= ENV["LNDHUB_PG_USERNAME"] || 'lndhub' %>
-    password: <%= ENV["LNDHUB_PG_PASSWORD"] %>
+    database: <%= ENV["DB_ADAPTER"] == "postgresql" ? ENV["PG_DATABASE_QUEUE"] : "db/development_queue.sqlite3" %>
+    migrations_paths: db/queue_migrate
+<% if ENV["LNDHUB_PG_HOST"].present? %>
+  lndhub:
+    <<: *lndhub
+<% end %>
 
 # Warning: The database defined as "test" will be erased and
 # re-generated from your development database when you run "rake".
@@ -32,18 +48,12 @@ test:
 production:
   primary:
     <<: *default
-    adapter: postgresql
-    database: akkounts
-    port: 5432
-    host: <%= Rails.application.credentials.postgres[:host] rescue nil %>
-    username: <%= Rails.application.credentials.postgres[:username] rescue nil %>
-    password: <%= Rails.application.credentials.postgres[:password] rescue nil %>
-  lndhub:
+    database: <%= ENV["DB_ADAPTER"] == "postgresql" ? ENV["PG_DATABASE"] : "db/production.sqlite3" %>
+  queue:
     <<: *default
-    adapter: postgresql
-    database_tasks: false
-    host: <%= ENV["LNDHUB_PG_HOST"] || 'localhost' %>
-    port: <%= ENV["LNDHUB_PG_PORT"] || 5432 %>
-    database: <%= ENV["LNDHUB_PG_DATABASE"] || 'lndhub' %>
-    username: <%= ENV["LNDHUB_PG_USERNAME"] || 'lndhub' %>
-    password: <%= ENV["LNDHUB_PG_PASSWORD"] %>
+    database: <%= ENV["DB_ADAPTER"] == "postgresql" ? ENV["PG_DATABASE_QUEUE"] : "db/production_queue.sqlite3" %>
+    migrations_paths: db/queue_migrate
+<% if ENV["LNDHUB_PG_HOST"].present? %>
+  lndhub:
+    <<: *lndhub
+<% end %>

config/environments/development.rb

@@ -54,6 +54,9 @@ Rails.application.configure do
   # Highlight code that enqueued background job in logs.
   config.active_job.verbose_enqueue_logs = true
 
+  # Solid Queue database
+  config.solid_queue.connects_to = { database: { writing: :queue } }
+
   # Suppress logger output for asset requests.
   # config.assets.quiet = true
 

config/environments/production.rb

@@ -54,8 +54,9 @@ Rails.application.configure do
   # Replace the default in-process memory cache store with a durable alternative.
   # config.cache_store = :mem_cache_store
 
-  # Replace the default in-process and non-durable queuing backend for Active Job.
-  # config.active_job.queue_adapter = :resque
+  # Solid Queue database
+  config.solid_queue.connects_to = { database: { writing: :queue } }
+
   # E-mail settings, adapted from https://github.com/mastodon/mastodon
 
   outgoing_email_address = ENV.fetch('SMTP_FROM_ADDRESS', 'accounts@localhost')

config/initializers/devise.rb

@@ -45,7 +45,7 @@ Devise.setup do |config|
   # Configure the e-mail address which will be shown in Devise::Mailer,
   # note that it will be overwritten if you use your own mailer class
   # with default "from" parameter.
-  config.mailer_sender = 'accounts@kosmos.org'
+  config.mailer_sender = ENV["SMTP_FROM_ADDRESS"] || 'accounts@localhost'
 
   # Configure the class responsible to send e-mails.
   # config.mailer = 'Devise::Mailer'

config/initializers/devise_rails8_patch.rb

@@ -0,0 +1,11 @@
+# See https://alvincrespo.hashnode.dev/rails-8s-lazy-route-loading-devise
+# TODO remove when Devise is fixed
+require 'devise'
+Devise # make sure it's already loaded
+
+module Devise
+  def self.mappings
+    Rails.application.try(:reload_routes_unless_loaded)
+    @@mappings
+  end
+end

config/initializers/sidekiq.rb

@@ -1,5 +0,0 @@
-require_relative "../../app/models/setting"
-
-Sidekiq.configure_server do |config|
-  config.redis = { url: Setting.redis_url }
-end

config/ldap.yml

@@ -28,11 +28,11 @@ authorizations: &AUTHORIZATIONS
 development:
   host: <%= ENV["LDAP_HOST"] || "localhost" %>
   port: <%= ENV["LDAP_PORT"] || "389" %>
-  attribute: cn
-  base: <%= ENV["LDAP_BASE"] || "ou=kosmos.org,cn=users,dc=kosmos,dc=org" %>
-  admin_user: "cn=Directory Manager"
-  admin_password: <%= ENV["LDAP_ADMIN_PASSWORD"] %>
   ssl: <%= ENV["LDAP_USE_TLS"] || "false" %>
+  attribute: <%= ENV["LDAP_UID_ATTR"] || "cn" %>
+  base: <%= ENV["LDAP_BASE"] || "ou=kosmos.org,cn=users,dc=kosmos,dc=org" %>
+  admin_user: <%= ENV["LDAP_ADMIN_USER"] || "cn=Directory Manager" %>
+  admin_password: <%= ENV["LDAP_ADMIN_PASSWORD"] %>
   # <<: *AUTHORIZATIONS
 
 test:
@@ -46,11 +46,11 @@ test:
   # <<: *AUTHORIZATIONS
 
 production:
-  host: ldap.kosmos.local
-  port: 389
-  attribute: cn
-  base: ou=kosmos.org,cn=users,dc=kosmos,dc=org
-  admin_user: <%= Rails.application.credentials.ldap[:username] rescue nil %>
-  admin_password: <%= Rails.application.credentials.ldap[:password] rescue nil %>
-  # ssl: false
+  host: <%= ENV["LDAP_HOST"] || "localhost" %>
+  port: <%= ENV["LDAP_PORT"] || "389" %>
+  ssl: <%= ENV["LDAP_USE_TLS"] || "false" %>
+  attribute: <%= ENV["LDAP_UID_ATTR"] || "cn" %>
+  base: <%= ENV["LDAP_BASE"] || "ou=kosmos.org,cn=users,dc=kosmos,dc=org" %>
+  admin_user: <%= ENV["LDAP_ADMIN_USER"] || "cn=Directory Manager" %>
+  admin_password: <%= ENV["LDAP_ADMIN_PASSWORD"] %>
   # <<: *AUTHORIZATIONS

config/queue.yml

@@ -0,0 +1,21 @@
+default: &default
+  dispatchers:
+    - polling_interval: 1
+      batch_size: 500
+  workers:
+    - queues: "*"
+      threads: 3
+      processes: <%= ENV.fetch("JOB_CONCURRENCY", 1) %>
+      polling_interval: 0.1
+
+development:
+  <<: *default
+  workers:
+    - queues: "*"
+      threads: 1
+
+test:
+  <<: *default
+
+production:
+  <<: *default

config/recurring.yml

@@ -0,0 +1,10 @@
+# production:
+#   periodic_cleanup:
+#     class: CleanSoftDeletedRecordsJob
+#     queue: background
+#     args: [ 1000, { batch_size: 500 } ]
+#     schedule: every hour
+#   periodic_command:
+#     command: "SoftDeletedRecord.due.delete_all"
+#     priority: 2
+#     schedule: at 5am every day

config/routes.rb

@@ -1,5 +1,3 @@
-require 'sidekiq/web'
-
 Rails.application.routes.draw do
   devise_for :users, controllers: {
     confirmations: 'users/confirmations',
@@ -123,7 +121,7 @@ Rails.application.routes.draw do
   end
 
   authenticate :user, ->(user) { user.is_admin? } do
-    mount Sidekiq::Web, at: '/sidekiq'
+    mount MissionControl::Jobs::Engine, at: "/jobs"
     mount Flipper::UI.app(Flipper), at: '/flipper'
   end
 

db/migrate/20250506125412_add_lndhub_password_to_users.rb

@@ -0,0 +1,6 @@
+class AddLndhubPasswordToUsers < ActiveRecord::Migration[8.0]
+  def change
+    add_column :users, :lndhub_username, :string
+    add_column :users, :lndhub_password, :text
+  end
+end

db/migrate/20250506125947_migrate_lockbox_data.rb

@@ -0,0 +1,11 @@
+class MigrateLockboxData < ActiveRecord::Migration[8.0]
+  def up
+    User.find_each do |user|
+      ln_account = user.ln_account
+      ln_password = user.ln_password
+      user.lndhub_username = ln_account
+      user.lndhub_password = ln_password
+      user.save!
+    end
+  end
+end

db/migrate/20250506154628_remove_ln_fields_from_users.rb

@@ -0,0 +1,6 @@
+class RemoveLnFieldsFromUsers < ActiveRecord::Migration[8.0]
+  def change
+    remove_column :users, :ln_account
+    remove_column :users, :ln_password_ciphertext
+  end
+end

db/queue_schema.rb

@@ -0,0 +1,141 @@
+# This file is auto-generated from the current state of the database. Instead
+# of editing this file, please use the migrations feature of Active Record to
+# incrementally modify your database, and then regenerate this schema definition.
+#
+# This file is the source Rails uses to define your schema when running `bin/rails
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
+# be faster and is potentially less error prone than running all of your
+# migrations from scratch. Old migrations may fail to apply correctly if those
+# migrations use external dependencies or application code.
+#
+# It's strongly recommended that you check this file into your version control system.
+
+ActiveRecord::Schema[8.0].define(version: 1) do
+  create_table "solid_queue_blocked_executions", force: :cascade do |t|
+    t.bigint "job_id", null: false
+    t.string "queue_name", null: false
+    t.integer "priority", default: 0, null: false
+    t.string "concurrency_key", null: false
+    t.datetime "expires_at", null: false
+    t.datetime "created_at", null: false
+    t.index ["concurrency_key", "priority", "job_id"], name: "index_solid_queue_blocked_executions_for_release"
+    t.index ["expires_at", "concurrency_key"], name: "index_solid_queue_blocked_executions_for_maintenance"
+    t.index ["job_id"], name: "index_solid_queue_blocked_executions_on_job_id", unique: true
+  end
+
+  create_table "solid_queue_claimed_executions", force: :cascade do |t|
+    t.bigint "job_id", null: false
+    t.bigint "process_id"
+    t.datetime "created_at", null: false
+    t.index ["job_id"], name: "index_solid_queue_claimed_executions_on_job_id", unique: true
+    t.index ["process_id", "job_id"], name: "index_solid_queue_claimed_executions_on_process_id_and_job_id"
+  end
+
+  create_table "solid_queue_failed_executions", force: :cascade do |t|
+    t.bigint "job_id", null: false
+    t.text "error"
+    t.datetime "created_at", null: false
+    t.index ["job_id"], name: "index_solid_queue_failed_executions_on_job_id", unique: true
+  end
+
+  create_table "solid_queue_jobs", force: :cascade do |t|
+    t.string "queue_name", null: false
+    t.string "class_name", null: false
+    t.text "arguments"
+    t.integer "priority", default: 0, null: false
+    t.string "active_job_id"
+    t.datetime "scheduled_at"
+    t.datetime "finished_at"
+    t.string "concurrency_key"
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+    t.index ["active_job_id"], name: "index_solid_queue_jobs_on_active_job_id"
+    t.index ["class_name"], name: "index_solid_queue_jobs_on_class_name"
+    t.index ["finished_at"], name: "index_solid_queue_jobs_on_finished_at"
+    t.index ["queue_name", "finished_at"], name: "index_solid_queue_jobs_for_filtering"
+    t.index ["scheduled_at", "finished_at"], name: "index_solid_queue_jobs_for_alerting"
+  end
+
+  create_table "solid_queue_pauses", force: :cascade do |t|
+    t.string "queue_name", null: false
+    t.datetime "created_at", null: false
+    t.index ["queue_name"], name: "index_solid_queue_pauses_on_queue_name", unique: true
+  end
+
+  create_table "solid_queue_processes", force: :cascade do |t|
+    t.string "kind", null: false
+    t.datetime "last_heartbeat_at", null: false
+    t.bigint "supervisor_id"
+    t.integer "pid", null: false
+    t.string "hostname"
+    t.text "metadata"
+    t.datetime "created_at", null: false
+    t.string "name", null: false
+    t.index ["last_heartbeat_at"], name: "index_solid_queue_processes_on_last_heartbeat_at"
+    t.index ["name", "supervisor_id"], name: "index_solid_queue_processes_on_name_and_supervisor_id", unique: true
+    t.index ["supervisor_id"], name: "index_solid_queue_processes_on_supervisor_id"
+  end
+
+  create_table "solid_queue_ready_executions", force: :cascade do |t|
+    t.bigint "job_id", null: false
+    t.string "queue_name", null: false
+    t.integer "priority", default: 0, null: false
+    t.datetime "created_at", null: false
+    t.index ["job_id"], name: "index_solid_queue_ready_executions_on_job_id", unique: true
+    t.index ["priority", "job_id"], name: "index_solid_queue_poll_all"
+    t.index ["queue_name", "priority", "job_id"], name: "index_solid_queue_poll_by_queue"
+  end
+
+  create_table "solid_queue_recurring_executions", force: :cascade do |t|
+    t.bigint "job_id", null: false
+    t.string "task_key", null: false
+    t.datetime "run_at", null: false
+    t.datetime "created_at", null: false
+    t.index ["job_id"], name: "index_solid_queue_recurring_executions_on_job_id", unique: true
+    t.index ["task_key", "run_at"], name: "index_solid_queue_recurring_executions_on_task_key_and_run_at", unique: true
+  end
+
+  create_table "solid_queue_recurring_tasks", force: :cascade do |t|
+    t.string "key", null: false
+    t.string "schedule", null: false
+    t.string "command", limit: 2048
+    t.string "class_name"
+    t.text "arguments"
+    t.string "queue_name"
+    t.integer "priority", default: 0
+    t.boolean "static", default: true, null: false
+    t.text "description"
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+    t.index ["key"], name: "index_solid_queue_recurring_tasks_on_key", unique: true
+    t.index ["static"], name: "index_solid_queue_recurring_tasks_on_static"
+  end
+
+  create_table "solid_queue_scheduled_executions", force: :cascade do |t|
+    t.bigint "job_id", null: false
+    t.string "queue_name", null: false
+    t.integer "priority", default: 0, null: false
+    t.datetime "scheduled_at", null: false
+    t.datetime "created_at", null: false
+    t.index ["job_id"], name: "index_solid_queue_scheduled_executions_on_job_id", unique: true
+    t.index ["scheduled_at", "priority", "job_id"], name: "index_solid_queue_dispatch_all"
+  end
+
+  create_table "solid_queue_semaphores", force: :cascade do |t|
+    t.string "key", null: false
+    t.integer "value", default: 1, null: false
+    t.datetime "expires_at", null: false
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+    t.index ["expires_at"], name: "index_solid_queue_semaphores_on_expires_at"
+    t.index ["key", "value"], name: "index_solid_queue_semaphores_on_key_and_value"
+    t.index ["key"], name: "index_solid_queue_semaphores_on_key", unique: true
+  end
+
+  add_foreign_key "solid_queue_blocked_executions", "solid_queue_jobs", column: "job_id", on_delete: :cascade
+  add_foreign_key "solid_queue_claimed_executions", "solid_queue_jobs", column: "job_id", on_delete: :cascade
+  add_foreign_key "solid_queue_failed_executions", "solid_queue_jobs", column: "job_id", on_delete: :cascade
+  add_foreign_key "solid_queue_ready_executions", "solid_queue_jobs", column: "job_id", on_delete: :cascade
+  add_foreign_key "solid_queue_recurring_executions", "solid_queue_jobs", column: "job_id", on_delete: :cascade
+  add_foreign_key "solid_queue_scheduled_executions", "solid_queue_jobs", column: "job_id", on_delete: :cascade
+end

db/schema.rb

@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema[8.0].define(version: 2025_04_28_123317) do
+ActiveRecord::Schema[8.0].define(version: 2025_05_06_154628) do
   create_table "active_storage_attachments", force: :cascade do |t|
     t.string "name", null: false
     t.string "record_type", null: false
@@ -127,12 +127,12 @@ ActiveRecord::Schema[8.0].define(version: 2025_04_28_123317) do
     t.datetime "confirmed_at", precision: nil
     t.datetime "confirmation_sent_at", precision: nil
     t.string "unconfirmed_email"
-    t.text "ln_password_ciphertext"
-    t.string "ln_account"
     t.datetime "remember_created_at"
     t.string "remember_token"
     t.text "preferences"
     t.string "pgp_fpr"
+    t.string "lndhub_username"
+    t.text "lndhub_password"
     t.index ["email"], name: "index_users_on_email", unique: true
     t.index ["reset_password_token"], name: "index_users_on_reset_password_token", unique: true
   end

docker-compose.yml

@@ -37,43 +37,25 @@ services:
       - "3000:3000"
     environment:
       RAILS_ENV: development
+      SOLID_QUEUE_IN_PUMA: true
+      LAUNCHY_DRY_RUN: true
+      BROWSER: /dev/null
+      ENCRYPTION_PRIMARY_KEY: YhNLBgCFMAzw5dV3gISxnGrhNDMQwRdn
+      ENCRYPTION_KEY_DERIVATION_SALT: h28g16MRZ1sghF2jTCos1DiLZXUswinR
       PRIMARY_DOMAIN: kosmos.org
+      AKKOUNTS_DOMAIN: accounts.kosmos.org
       LDAP_HOST: ldap
       LDAP_PORT: 3389
       LDAP_ADMIN_PASSWORD: passthebutter
-      LDAP_USE_TLS: "false"
       REDIS_URL: redis://redis:6379/0
-      ACTIVE_STORAGE_PATH: "/akkounts/tmp/attachments"
+      ACTIVE_STORAGE_PATH: /akkounts/tmp/attachments
       RS_REDIS_URL: redis://redis:6379/1
-      RS_STORAGE_URL: "http://localhost:4567"
+      RS_STORAGE_URL: http://localhost:4567
+      RS_AKKOUNTS_DOMAIN: localhost
       S3_ENABLED: false
       NOSTR_PUBLIC_KEY: bdd76ce2934b2f591f9fad2ebe9da18f20d2921de527494ba00eeaa0a0efadcf
       NOSTR_PRIVATE_KEY: 7c3ef7e448505f0615137af38569d01807d3b05b5005d5ecf8aaafcd40323cea
-      NOSTR_RELAY_URL: "ws://strfry:7777"
-    depends_on:
-      - ldap
-      - redis
-
-  sidekiq:
-    build: .
-    command: bash -c "bundle exec sidekiq -C config/sidekiq.yml"
-    volumes:
-      - .:/akkounts
-    networks:
-      - internal_network
-    environment:
-      RAILS_ENV: development
-      PRIMARY_DOMAIN: kosmos.org
-      LDAP_HOST: ldap
-      LDAP_PORT: 3389
-      LDAP_ADMIN_PASSWORD: passthebutter
-      LDAP_USE_TLS: "false"
-      LAUNCHY_DRY_RUN: true
-      BROWSER: /dev/null
-      REDIS_URL: redis://redis:6379/0
-      RS_REDIS_URL: redis://redis:6379/1
-      RS_STORAGE_URL: "http://localhost:4567"
-      S3_ENABLED: false
+      NOSTR_RELAY_URL: ws://strfry:7777
     depends_on:
       - ldap
       - redis

spec/controllers/rs/oauth_controller_spec.rb

@@ -5,6 +5,7 @@ RSpec.describe Rs::OauthController, type: :controller do
 
   before do
     allow_any_instance_of(AppCatalog::WebApp).to receive(:update_metadata).and_return(true)
+    allow_any_instance_of(RemoteStorageAuthorization).to receive(:remove_token_expiry_job).and_return(nil)
   end
 
   describe "GET /rs/oauth/:username" do

spec/controllers/services/rs_auths_controller_spec.rb

@@ -5,6 +5,7 @@ RSpec.describe Services::RsAuthsController, type: :controller do
 
   before do
     allow_any_instance_of(AppCatalog::WebApp).to receive(:update_metadata).and_return(true)
+    allow_any_instance_of(RemoteStorageAuthorization).to receive(:remove_token_expiry_job).and_return(nil)
     allow_any_instance_of(Flipper).to receive(:enabled?).and_return(true)
   end
 

spec/factories/users.rb

@@ -6,6 +6,6 @@ FactoryBot.define do
     email { "jimmy@example.com" }
     password { "dis-muh-password" }
     confirmed_at { DateTime.now }
-    ln_account { "123456" }
+    lndhub_username { "123456" }
   end
 end

spec/features/settings/profile_spec.rb

@@ -2,18 +2,22 @@ require 'rails_helper'
 
 RSpec.describe 'Profile settings', type: :feature do
   let(:user) { create :user, cn: "mwahlberg" }
-  let(:avatar_base64) { File.read("#{Rails.root}/spec/fixtures/files/avatar-base64.txt") }
+  let(:avatar_jpeg) { File.binread("#{Rails.root}/spec/fixtures/files/taipei.jpg") }
 
   before do
+    Flipper.enable "avatar_upload"
+
     login_as user, :scope => :user
     allow(user).to receive(:display_name).and_return("Mark")
-    allow_any_instance_of(User).to receive(:dn).and_return("cn=mwahlberg,ou=kosmos.org,cn=users,dc=kosmos,dc=org")
-    allow_any_instance_of(User).to receive(:ldap_entry).and_return({
-      uid: user.cn, ou: user.ou, display_name: "Mark", pgp_key: nil
-    })
-    allow_any_instance_of(User).to receive(:avatar).and_return(avatar_base64)
 
-    Flipper.enable "avatar_upload"
+    allow_any_instance_of(User).to receive(:dn)
+      .and_return("cn=mwahlberg,ou=kosmos.org,cn=users,dc=kosmos,dc=org")
+    allow_any_instance_of(User).to receive(:ldap_entry)
+      .and_return({
+        uid: user.cn, ou: user.ou, display_name: "Mark", pgp_key: nil
+      })
+    allow_any_instance_of(User).to receive(:avatar)
+      .and_return(avatar_jpeg)
   end
 
   feature "Update display name" do
@@ -71,7 +75,7 @@ RSpec.describe 'Profile settings', type: :feature do
       file_path = "#{Rails.root}/spec/fixtures/files/taipei.jpg"
 
       expect_any_instance_of(LdapManager::UpdateAvatar).to receive(:replace_attribute)
-        .with(user.dn, :jpegPhoto, avatar_base64).and_return(true)
+        .with(user.dn, :jpegPhoto, avatar_jpeg).and_return(true)
 
       visit setting_path(:profile)
       attach_file "Avatar", file_path

spec/jobs/create_ldap_user_job_spec.rb

@@ -32,7 +32,7 @@ RSpec.describe CreateLdapUserJob, type: :job do
     expect(ldap_client_mock).to have_received(:add).with(
       dn: "cn=halfinney,ou=kosmos.org,cn=users,dc=kosmos,dc=org",
       attributes: {
-        objectclass: ["top", "account", "person", "extensibleObject"],
+        objectclass: ["top", "account", "person", "inetOrgPerson", "extensibleObject"],
         cn: "halfinney",
         sn: "halfinney",
         uid: "halfinney",
@@ -51,7 +51,7 @@ RSpec.describe CreateLdapUserJob, type: :job do
     expect(ldap_client_mock).to have_received(:add).with(
       dn: "cn=halfinney,ou=kosmos.org,cn=users,dc=kosmos,dc=org",
       attributes: {
-        objectclass: ["top", "account", "person", "extensibleObject"],
+        objectclass: ["top", "account", "person", "inetOrgPerson", "extensibleObject"],
         cn: "halfinney",
         sn: "halfinney",
         uid: "halfinney",

spec/jobs/create_lndhub_account_job_spec.rb

@@ -19,14 +19,14 @@ RSpec.describe CreateLndhubAccountJob, type: :job do
       .with { |req| req.body == '{}' }
 
     user.reload
-    expect(user.ln_account).to eq("abc123")
-    expect(user.ln_password).to eq("def456")
+    expect(user.lndhub_username).to eq("abc123")
+    expect(user.lndhub_password).to eq("def456")
   end
 
   context "with existing credentials stored" do
     before do
-      user.ln_account = "foo"
-      user.ln_password = "bar"
+      user.lndhub_username = "foo"
+      user.lndhub_password = "bar"
       user.save!
     end
 
@@ -36,8 +36,8 @@ RSpec.describe CreateLndhubAccountJob, type: :job do
       expect(WebMock).to_not have_requested(:post, "http://localhost:3023/create")
 
       user.reload
-      expect(user.ln_account).to eq("foo")
-      expect(user.ln_password).to eq("bar")
+      expect(user.lndhub_username).to eq("foo")
+      expect(user.lndhub_password).to eq("bar")
     end
   end
 

spec/jobs/remote_storage_expire_authorization_job_spec.rb

@@ -5,6 +5,9 @@ RSpec.describe RemoteStorageExpireAuthorizationJob, type: :job do
     allow_any_instance_of(AppCatalog::WebApp).to(
       receive(:update_metadata).and_return(true)
     )
+    allow_any_instance_of(RemoteStorageAuthorization).to(
+      receive(:remove_token_expiry_job).and_return(nil)
+    )
 
     @user = create :user, cn: "ronald", ou: "kosmos.org"
     @rs_authorization = create :remote_storage_authorization,

spec/models/remote_storage_authorization_spec.rb

@@ -7,6 +7,7 @@ RSpec.describe RemoteStorageAuthorization, type: :model do
 
   before do
     allow_any_instance_of(AppCatalog::WebApp).to receive(:update_metadata).and_return(true)
+    allow_any_instance_of(RemoteStorageAuthorization).to receive(:remove_token_expiry_job).and_return(nil)
   end
 
   describe "#create" do

spec/models/zap_spec.rb

@@ -2,7 +2,7 @@ require 'rails_helper'
 
 RSpec.describe Zap, type: :model do
   describe "#request_event" do
-    let(:user) { create :user, cn: 'satoshi', ou: 'kosmos.org', ln_account: 'abcdefg123456' }
+    let(:user) { create :user, cn: 'satoshi', ou: 'kosmos.org', lndhub_username: 'abcdefg123456' }
     let(:zap) { create :zap, user: user }
 
     it "returns the stored request as a Nostr::Event" do

spec/requests/lnurlpay_spec.rb

@@ -25,7 +25,7 @@ RSpec.describe "/lnurlpay", type: :request do
   end
 
   context "Valid user" do
-    let(:user) { create :user, cn: 'satoshi', ou: 'kosmos.org', ln_account: 'abcdefg123456' }
+    let(:user) { create :user, cn: 'satoshi', ou: 'kosmos.org', lndhub_username: 'abcdefg123456' }
 
     before do
       login_as user, :scope => :user

spec/requests/webfinger_spec.rb

@@ -92,7 +92,7 @@ RSpec.describe "WebFinger", type: :request do
           expect(rs_link["href"]).to eql("#{Setting.rs_storage_url}/tony")
 
           oauth_url = rs_link["properties"]["http://tools.ietf.org/html/rfc6749#section-4.2"]
-          expect(oauth_url).to eql("http://accounts.kosmos.org/rs/oauth/tony")
+          expect(oauth_url).to eql("http://localhost/rs/oauth/tony")
         end
 
         it "returns CORS headers" do

spec/requests/webhooks_spec.rb

@@ -50,7 +50,7 @@ RSpec.describe "Webhooks", type: :request do
     end
 
     describe "Valid payload for incoming payment" do
-      let(:user) { create :user, ln_account: "123456abcdef" }
+      let(:user) { create :user, lndhub_username: "123456abcdef" }
       let(:payload) { JSON.parse(File.read(File.expand_path("../fixtures/lndhub/incoming.json", File.dirname(__FILE__)))) }
 
       before { user.save! } #FIXME this should not be necessary
@@ -132,7 +132,7 @@ RSpec.describe "Webhooks", type: :request do
     end
 
     describe "Valid payload for zap transaction" do
-      let(:user) { create :user, ln_account: "123456abcdef" }
+      let(:user) { create :user, lndhub_username: "123456abcdef" }
       let(:zap) { create :zap, user: user }
       let(:payload) { JSON.parse(File.read(File.expand_path("../fixtures/lndhub/incoming-zap.json", File.dirname(__FILE__)))) }
       let(:zap_receipt) {

spec/services/nostr_manager/create_zap_receipt_spec.rb

@@ -1,7 +1,7 @@
 require 'rails_helper'
 
 RSpec.describe NostrManager::CreateZapReceipt, type: :model do
-  let(:user) { create :user, ln_account: "123456abcdef" }
+  let(:user) { create :user, lndhub_username: "123456abcdef" }
   let(:zap) { create :zap, user: user }
 
   # before do

spec/services/nostr_manager/publish_zap_receipt_spec.rb

@@ -1,7 +1,7 @@
 require 'rails_helper'
 
 RSpec.describe NostrManager::PublishZapReceipt, type: :model do
-  let(:user) { create :user, ln_account: "123456abcdef" }
+  let(:user) { create :user, lndhub_username: "123456abcdef" }
   let(:zap) { create :zap, user: user }
 
   before do