How to use credentials.yml.enc introduced in Rails 5.2

Rails 5.2 does not generate config / secrets.yml when creating a new app It seems that config / credentials.yml.enc is now generated instead.

If you are already operating with an older version of Rails in a production environment and want to upgrade to Rails 5.2 It seems that the mechanism of config / credentials.yml.enc is used instead of config / secrets.yml.

Up to Rails 5.2, there seems to be a way to use the conventional config / secrets.yml etc. I thought about upgrading Rails 6 and introduced config / credentials.yml.enc. I will post it as a memorandum.

1. Generate and configure credentials.yml.enc and master.key

Since credentials.yml.enc cannot be edited directly from the editor, create and edit by specifying the editor in the terminal.

$ EDITOR=vim bundle exec credentials:edit

By the way, if you set the following in .bash_profile etc., you do not need to specify EDITOR = "vim".

$ echo 'export EDITOR="vim"' >> ~/.bash_profile
$ source ~/.bash_profile

$ bundle exec credentials:edit

Running the above command will generate config / credentials.yml.enc and config / master.key. Be sure to add config / master.key to .gitignore because it is not managed by git.


# Ignore master key for decrypting credentials and more.

Modify the generated config / credentials.yml.enc as follows.


# aws:
#   access_key_id: 123
#   secret_access_key: 345

# Used as the base secret for all MessageVerifiers in Rails, including the one protecting cookies.

--This time, set only secret_key. AWS settings will remain as they are, so leave them commented out --If you enter aws access_key_id, secret_access_key, or other API key on the above screen, it will be encrypted and saved. --No problem if you enter directly without using environment variables --No single or double quotes required

Since credentials are used in the production environment, set the following variable to true in config / environments / production.rb.


config.require_master_key = true

2. Automatic deployment by Capistrano

It cannot be deployed unless master.key is placed in shared / config of the production environment. Transfer config / master.key to the production server with scp command etc.

$ scp -i ~/.ssh/example.pem config/master.key [email protected]:/var/www/AppName/shared/config/master.key

ex. /var/www/AppName/shared/config/master.key

Alternatively, set the RAILS_MASTER_KEY environment variable in the bash file of the production server. Capistrano is not loaded even if you write it in .bash_profile, so you need to write it in ~ / .bashrc. Export config / master.key as RAILS_MASTER_KEY. In other words, set the following in .bashrc.


Next, specify a symbolic link in the configuration file at the time of deployment with config / deploy.rb.

set :linked_files, fetch(:linked_files, []).push('config/master.key')

3. If you can deploy using Capistrano, you're done.

$ bundle exec cap production deploy

Recommended Posts

How to use credentials.yml.enc introduced in Rails 5.2
How to use custom helpers in rails
How to use MySQL in Rails tutorial
[Rails] How to use enum
[Rails] How to use select boxes in Ransack
[Rails] How to use enum
[Rails] How to use validation
[Rails] How to use authenticate_user!
[Rails] How to use "kaminari"
[Rails] How to use PostgreSQL in Vagrant environment
[Rails] How to use Scope
[Rails] How to use gem "devise"
How to use Lombok in Spring
[Rails] How to use devise (Note)
[Rails] How to use flash messages
[Rails] How to write in Japanese
[Rails] How to use Active Storage
How to introduce jQuery in Rails 6
How to use classes in Java?
[Introduction to Rails] How to use render
How to install Swiper in Rails
How to implement search functionality in Rails
How to change app name in rails
[Ruby on Rails] How to use CarrierWave
How to use named volume in docker-compose.yml
[Rails] How to use rails console with docker
How to insert a video in Rails
[Rails] How to use ActiveRecord :: Bitemporal (BiTemporalDataModel)
[Rails] How to use the map method
How to use Docker in VSCode DevContainer
[rails] How to configure routing in resources
[Ruby on Rails] How to use redirect_to
How to implement ranking functionality in Rails
[Note] How to use Rails 6 Devise + cancancan
[Ruby on Rails] How to use kaminari
How to use environment variables in RubyOnRails
[Rails] How to use video_tag to display videos
Understand in 5 minutes !! How to use Docker
[Rails] How to use helper method, confimartion
How to use ExpandableListView in Android Studio
How to write the view when Vue is introduced in Rails?
How to use Map
How to write Rails
How to use rbenv
How to use letter_opener_web
How to use with_option
How to use fields_for
How to use java.util.logging
How to use map
How to use collection_select
How to use active_hash! !!
How to use MapStruct
How to use hidden_field_tag
How to use TreeSet
How to uninstall Rails
[How to use label]
How to use identity
Use images in Rails
How to use JUnit 5
How to use Dozer.mapper
How to use Gradle