How to use credentials.yml.enc introduced in Rails 5.2

Rails 5.2 does not generate config / secrets.yml when creating a new app It seems that config / credentials.yml.enc is now generated instead.

If you are already operating with an older version of Rails in a production environment and want to upgrade to Rails 5.2 It seems that the mechanism of config / credentials.yml.enc is used instead of config / secrets.yml.

Up to Rails 5.2, there seems to be a way to use the conventional config / secrets.yml etc. I thought about upgrading Rails 6 and introduced config / credentials.yml.enc. I will post it as a memorandum.

1. Generate and configure credentials.yml.enc and master.key

Since credentials.yml.enc cannot be edited directly from the editor, create and edit by specifying the editor in the terminal.

$ EDITOR=vim bundle exec credentials:edit

By the way, if you set the following in .bash_profile etc., you do not need to specify EDITOR = "vim".

~/.bash_profile
$ echo 'export EDITOR="vim"' >> ~/.bash_profile
$ source ~/.bash_profile

$ bundle exec credentials:edit

Running the above command will generate config / credentials.yml.enc and config / master.key. Be sure to add config / master.key to .gitignore because it is not managed by git.

.gitignore

# Ignore master key for decrypting credentials and more.
/config/master.key

Modify the generated config / credentials.yml.enc as follows.

config/credentials.yml.enc

# aws:
#   access_key_id: 123
#   secret_access_key: 345

# Used as the base secret for all MessageVerifiers in Rails, including the one protecting cookies.
secret_key_base:

--This time, set only secret_key. AWS settings will remain as they are, so leave them commented out --If you enter aws access_key_id, secret_access_key, or other API key on the above screen, it will be encrypted and saved. --No problem if you enter directly without using environment variables --No single or double quotes required

Since credentials are used in the production environment, set the following variable to true in config / environments / production.rb.

config/environments/production.rb

config.require_master_key = true

2. Automatic deployment by Capistrano

It cannot be deployed unless master.key is placed in shared / config of the production environment. Transfer config / master.key to the production server with scp command etc.

$ scp -i ~/.ssh/example.pem config/master.key [email protected]:/var/www/AppName/shared/config/master.key

ex. /var/www/AppName/shared/config/master.key

Alternatively, set the RAILS_MASTER_KEY environment variable in the bash file of the production server. Capistrano is not loaded even if you write it in .bash_profile, so you need to write it in ~ / .bashrc. Export config / master.key as RAILS_MASTER_KEY. In other words, set the following in .bashrc.

~/.bashrc
export RAILS_MASTER_KEY='XXXXXXXXXXXXXXXXXXX'

Next, specify a symbolic link in the configuration file at the time of deployment with config / deploy.rb.

set :linked_files, fetch(:linked_files, []).push('config/master.key')

3. If you can deploy using Capistrano, you're done.

$ bundle exec cap production deploy

Recommended Posts

How to use credentials.yml.enc introduced in Rails 5.2
How to use MySQL in Rails tutorial
[Rails] How to use enum
[Rails] How to use select boxes in Ransack
[Rails] How to use enum
How to use rails join
How to use JQuery in js.erb of Rails6
[Rails] How to use validation
[Rails] How to use authenticate_user!
[Rails] How to use PostgreSQL in Vagrant environment
[Rails] How to use Scope
[Rails] How to use gem "devise"
How to use Lombok in Spring
[Rails] How to use devise (Note)
[Rails] How to use flash messages
How to use Ruby on Rails
How to use InjectorHolder in OpenAM
[Rails] How to use Active Storage
How to introduce jQuery in Rails 6
How to use classes in Java?
[Introduction to Rails] How to use render
How to install Swiper in Rails
Multilingual Locale in Java How to use Locale
How to change app name in rails
How to use named volume in docker-compose.yml
How to insert a video in Rails
[Rails] How to use ActiveRecord :: Bitemporal (BiTemporalDataModel)
[Rails] How to use the map method
How to use Docker in VSCode DevContainer
[rails] How to configure routing in resources
[Ruby on Rails] How to use redirect_to
How to implement ranking functionality in Rails
[Note] How to use Rails 6 Devise + cancancan
How to use environment variables in RubyOnRails
[Rails] How to use video_tag to display videos
[Rails] How to use helper method, confimartion
How to use ExpandableListView in Android Studio
How to use Map
How to write Rails
How to use with_option
How to use fields_for
How to use java.util.logging
How to use map
How to use collection_select
How to use Twitter4J
How to use MapStruct
How to use TreeSet
How to uninstall Rails
[How to use label]
How to use identity
How to use hashes
How to use Dozer.mapper
How to use Gradle
How to use org.immutables
How to use java.util.stream.Collector
How to use VisualVM
How to use Map
How to translate Rails into Japanese in general
How to separate .scss by controller in Rails
How to conditionally add html.erb class in Rails
How to implement a like feature in Rails