Menu
- Rails Generate New Secret Key Base Location
- Rails Generate Secret_key_base For Staging
- Rails Generate New Secret Key Base 2017
- Rails Generate New Secret Key
Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.
Sign upAs the name implies, secretkeybase should be a secret. That's why we don't generate a secret for production in config/secrets.yml.You see that it's reading from an environment variable so you can easily set your secret on your production server, without changing the file. Rails 4.1 generates a new secrets.yml file in the config folder. By default, this file contains the application's secretkeybase, but it could also be used to store other secrets such as access keys for external APIs. The secrets added to this file are accessible via Rails.application.secrets. For example, with the following config/secrets.yml.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Comments
commented May 19, 2014
I have recently deployed an app and got internal server error because of missing production secret_key_base. After hours of testing, I managed to solve this problem with two methods: Method 1: I generated a new secret_key with rake secret and replaced it with <%= ENV['SECRET_KEY_BASE'] %> in secrets.yml . Deployed the app again and this time it worked. But I think that this method is wrong.Method 2: I generated a new secret_key with rake secret and added it to environments/production.rb like config.secret_key_base = 'd1f4810e662acf46a33960e3aa5bd0************************ , without changing secrets.yml (default is production: <%= ENV['SECRET_KEY_BASE'] %> ). Deployed the app again and it works fine.My questions:
|
commented May 19, 2014
As the name implies, secret_key_base should be a secret. That's why we don't generate a secret for production in config/secrets.yml . You see that it's reading from an environment variable so you can easily set your secret on your production server, without changing the file:If you want / need to have your secret under version control, you should definitely stick with Method 1 . That's because Method 2 just avoids the config/secrets.yml mechanism all together.Please note that we don't use GitHub for support questions. Read our contribution guidelines and please use the rails-talk mailing list for further questions. |
closed this May 19, 2014
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment
app error: Missing `secret_key_base` for 'production' environment, set this value in `config/secrets.yml` (RuntimeError)
secret_key_base
So i was using Rails 4.1 with Unicorn v4.8.2 and when i tried to deploy my app it doesn't start properly and into the unicorn.log file i found this error message: |
'app error: Missing `secret_key_base` for 'production' environment, set this value in `config/secrets.yml` (RuntimeError)' |
After a little research i found that Rails 4.1 change the way to manage the secret_key, so if we read the secrets.yml file located at exampleRailsProject/config/secrets.yml (you need to replace 'exampleRailsProject' for your project name) you will find something like this: |
# Do not keep production secrets in the repository, |
# instead read values from the environment. |
production: |
secret_key_base: <%= ENV['SECRET_KEY_BASE'] %> |
This means that rails recommends you to use an environment variable for the secret_key_base in our production server, so in order to solve this error you will need to follow this steps to create an environment variable for linux (in my case it is Ubuntu) in our production server: |
1.- In the terminal of our production server you will execute the next command: |
$ RAILS_ENV=production rake secret |
This will give a large string with letters and numbers, this is what you need, so copy that (we will refer to that code as GENERATED_CODE). |
2.1- Now if we login as root user to our server we will need to find this file and open it: |
$ vi /etc/profile |
Then we go to the bottom of the file ('SHIFT + G' for capital G in VI) |
And we will write our environment variable with our GENERATED_CODE (Press 'i' key to write in VI), be sure to be in a new line at the end of the file: |
export SECRET_KEY_BASE=GENERATED_CODE |
Having written the code we save the changes and close the file (we push 'ESC' key and then write ':x' and 'ENTER' key for save and exit in VI) |
2.2 But if we login as normal user, lets call it example_user for this gist, we will need to find one of this other files: |
$ vi ~/.bash_profile |
$ vi ~/.bash_login |
$ vi ~/.profile |
These files are in order of importance, that means that if you have the first file, then you wouldn't need to write in the others. So if you found this 2 files in your directory '~/.bash_profile' and '~/.profile' you only will have to write in the first one '~/.bash_profile', because linux will read only this one and the other will be ignored. |
Then we go to the bottom of the file ('SHIFT + G' for capital G in VI) |
And we will write our environment variable with our GENERATED_CODE (Press 'i' key to write in VI), be sure to be in a new line at the end of the file: |
export SECRET_KEY_BASE=GENERATED_CODE |
Having written the code we save the changes and close the file (we push 'ESC' key and then write ':x' and 'ENTER' key for save and exit in VI) |
3.-We can verify that our environment variable is properly set in linux with this command: |
$ printenv | grep SECRET_KEY_BASE |
or with: |
$ echo $SECRET_KEY_BASE |
When you execute this command, if everything went ok, it will show you the GENERATED_CODE that we generated before. Finally with all the configuration done you can deploy without problems your Rails app with Unicorn or other. |
Now when you close your shell terminal and login again to the production server you will have this environment variable set and ready to use it. |
And Thats it!! i hope this mini guide help you to solve this error. |
Disclaimer: i'm not a guru of linux or rails, so if you find something wrong or any error i will be glad to correct it! |
commented Jan 7, 2015
(we push 'ESC' key and then write ':x' and 'ENTER' key for save and exit in VI) when we going this way at this place ':x' and 'ENTER' for save and exit its demand the encrepted key or not save exit |
commented Aug 23, 2015
This is solution: At your app inside application.rb add this line: Public private key encryption. |
commented Jul 13, 2016 • edited
edited
TY bro that fix my problem
|
Rails Generate New Secret Key Base Location
commented Oct 28, 2016
Rails Generate Secret_key_base For Staging
config.secret_key_base = '<%= ENV['SECRET_KEY_BASE'] %>' is more secure |
Rails Generate New Secret Key Base 2017
commented Jun 6, 2017
Rails Generate New Secret Key
Add this line in config/environments/production.rb config.secret_key_base = ENV['SECRET_KEY_BASE'] |
commented Dec 29, 2017 • edited
edited
commented Sep 18, 2018
Thank you. Fixed here! |
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment