Missing production secret_key_base in rails

Hi,

I have asked this question on
githubhttps://github.com/rails/rails/issues/15175
.
Senny answered me to set
export SECRET_KEY_BASE =d1f4810e662acf46a33960e3aa5bd0


in your peoduction server. but I do not know how to set that. I am
deploying in openshift. I also have access to SSH via putty. I have
tried
this command in SSH but it gives an error “Invalid identifer”. Where
should
I run this command?

If using bash edit your ~/.bashrc or ~/.bash_profile and add that line,
if
using zsh edit your ~/.zshrc reload your terminal, restart your app and
you’re done

2014-05-19 1:27 GMT-07:00 Reza A. [email protected]:

On Mon, May 19, 2014 at 11:22 AM, Benjamin Iandavid R.
[email protected] wrote:

If using bash edit your ~/.bashrc or ~/.bash_profile and add that line, if
using zsh edit your ~/.zshrc reload your terminal, restart your app and
you’re done

Right, because having that information in a file called ‘secrets.yml’
would be AWFUL but having it in a file called ‘.bashrc’ is just aces.

Not to mention that when your server is started at boot time by root
it will immediately fail because your bash environment is not that
of the root user…

Sigh.

Hassan S. ------------------------ [email protected]
http://about.me/hassanschroeder
twitter: @hassan

Hey Hassan,

While I agree that having the secret key base defined in the secrets.yml
file is better, remember that this feature was introduced in Rails 4.1

How would you know if this is the case?

I made that recommendation as he stated that the answer from github was
to
set the secret keybase using export. So please dont be rude and have a
little more respect for those who aren’t as experienced as you are.

My best,
Ian

2014-05-19 13:21 GMT-07:00 Hassan S.
[email protected]:

On Mon, May 19, 2014 at 3:22 PM, Benjamin Iandavid R.
[email protected] wrote:

I made that recommendation as he stated that the answer from github was to
set the secret keybase using export. So please dont be rude and have a
little more respect for those who aren’t as experienced as you are.

My apologies, I meant neither rudeness nor disrespect.

The whole idea of loading initialization values through environment
variables in the name of “security” seems pointless to me if you’re
going to put them all in a shell init file anyway :slight_smile:

We already put our DB server passwords in a file that’s not typically
included in the app’s repository but symlinked on deploy, and I’ve
never seen anyone express any issues with that.

In any case, the .bashrc approach will be a problem if the app’s
started at boot time as a different user…

FWIW,

Hassan S. ------------------------ [email protected]
http://about.me/hassanschroeder
twitter: @hassan

Thanks for sll answers.
I have asked this question specifically for openshif service.
The answer is posted in this
questionhttp://stackoverflow.com/questions/23726110/missing-production-secret-key-base-in-rails
.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs