From 1d242981d403f2bbb9513cf1e47fb9166b0e64af Mon Sep 17 00:00:00 2001 From: Reinier Balt Date: Mon, 22 Sep 2014 10:28:33 +0200 Subject: [PATCH] create secrets.yml per rails upgrade instructions. It uses the secret key from site.yml --- config/initializers/secret_token.rb | 12 ------------ config/secrets.yml | 8 ++++++++ config/site.yml.tmpl | 6 +++--- 3 files changed, 11 insertions(+), 15 deletions(-) delete mode 100644 config/initializers/secret_token.rb create mode 100644 config/secrets.yml diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb deleted file mode 100644 index 856a37a6..00000000 --- a/config/initializers/secret_token.rb +++ /dev/null @@ -1,12 +0,0 @@ -# Be sure to restart your server when you modify this file. - -# Your secret key is used for verifying the integrity of signed cookies. -# If you change this key, all old signed cookies will become invalid! - -# Make sure the secret is at least 30 characters and all random, -# no regular words or you'll be exposed to dictionary attacks. -# You can use `rake secret` to generate a secure secret key. - -# Make sure your secret_key_base is kept private -# if you're sharing your code publicly. -Rails.application.config.secret_key_base = SITE_CONFIG["secret_token"] || SecureRandom.hex(64) diff --git a/config/secrets.yml b/config/secrets.yml new file mode 100644 index 00000000..9aec537e --- /dev/null +++ b/config/secrets.yml @@ -0,0 +1,8 @@ +development: + secret_key_base: <%= SITE_CONFIG["secret_token"] || SecureRandom.hex(64) %> + +test: + secret_key_base: <%= SITE_CONFIG["secret_token"] || SecureRandom.hex(64) %> + +production: + secret_key_base: <%= SITE_CONFIG["secret_token"] || SecureRandom.hex(64) %> \ No newline at end of file diff --git a/config/site.yml.tmpl b/config/site.yml.tmpl index b024a885..9ef1677b 100644 --- a/config/site.yml.tmpl +++ b/config/site.yml.tmpl @@ -23,10 +23,10 @@ secure_cookies: false # Make sure the secret is at least 30 characters and all random, # no regular words or you'll be exposed to dictionary attacks. # -# if you want a nice random key, run this in rails console and copy-and-paste -# the result: +# if you want a nice random key, run this from the tracks directory and +# copy-and-paste the result: # -# SecureRandom.hex(64) +# rake secret # secret_token: "change-me"