From our Discord, someone commented
> if minio's cautions about Single-Node, Single-Drive are to be taken seriously:
>
> "SNSD deployments use a zero-parity erasure coded backend that provides no
added reliability or availability beyond what the underlying storage volume
implements. These deployments are best suited for local testing and
evaluation, or for small-scale data workloads that do not have availability or
performance requirements."
MinIO was never meant as a production replacement, it was only to make it easy
for people to get started. So add a notice in the docs re this.
## Description
When a customer whose Stripe subscription is past due (within the 30 day
window after expiry time and has not been cancelled) clicks on the
subscription modal, take them to the payment portal to complete the
subscription.
## Tests
- [x] Tested web
- [x] Tested mobile
## Description
### Stripe
- Settings have been modified to "Cancel" the subscription if all
attempts to charge an invoice fails. The previous configuration was to
set the subscription to "Past Due".
### Museum
- Updated our Stripe workflow to use `PaymentBehaviorAllowIncomplete` in
case of SEPA payments
- Fixed the issue caused by us spawning unnecessary subscriptions when a
customer tried to renew their expired subscription
- Removed the email that was being sent out when a Stripe subscription
expired. We will have to run our own cron to send a notification and
perform necessary clean up. When payments fail, we will still send a
notification to intimate the customer that their account is on hold.
### Mobile
- Fixed the dialogs and error messages on the payment page
## Tests
The following cases were tested for SEPA, Credit Cards, and Credit Cards
with 3DS.
- [x] Purchase
- [x] Success
- [x] Failure
- [x] Renewal
- [x] Success
- [x] Failure
- [x] Upgrades
- [x] Success
- [x] Failure
- [x] Cancellation
- [x] Resumption post recovery
## Note
These changes are likely to break in the event of some corner cases we
haven't thought of. But this will land us in a state that is better than
where we are right now in terms of collecting payments for expired
subscriptions and those via SEPA.
On desktop, now there Help menu will have an "Ente Help" option instead of "FAQ"
(Unrelated: I noticed that user facing strings in the desktop app are not
localized).
The only place remaining after this is the sidebar on mobile
(`support_section_widget.dart`), but I wasn't sure of what string to use (and
how to add it to the localized strings for mobile) so I've left it unchanged.
## Description
- Also started storing the embedding size and version in the table. This
will come handy while comparing overall size when different compression
and serialization formats are used..
- Also, it can be used to smartly auto-download the embeddings or inform
the user about approximate size when they decide to enable indexing or
search on a particular client.
## Tests
✅ Verified that embedding fetch and store is working fine.
✅ Verified that embeddings/diff API is working fine.
- Move deployment related stuff into a separate folder
- Document the overall approach better
- Add an Nginx specific environment and service definition
- Remove the restart limiter
During recent DDoS attacks, these restart limits had to be manually
disabled. For now, disabling them in our reference copy too, will bring them
back if they are needed later.
The use case for this came up in Discord - someone is running a custom self
hosted instance where they're using MinIO as their "production S3", but it is
not local (so they don't want the clients to connect without SSL). So we need a
way to get MinIO to work, which needs path style URLs, without also disabling
the SSL.
Add a dotted arrow between museum and the hot object storage to indicate that
clients talk directly to the primary S3 storage.
This has confused some users who were trying to setup self-hosting, them not
realizing that the minio buckets need to be accessible outside the container.
The actual flow is - for both GET and PUT, museum conjures up pre-signed URLs by
talking to the S3 bucket, and vends these pre-signed URLs back to the
client. Thereafter though (unless routed via a Cloudflare worker, which is not
the case when self-hosting), the clients directly connect to this presigned URL.
Maybe too much information to convey with a single dotted arrow, but at least
it'll give a hint that there is a direct connection there somewhere.
