8
10

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 5 years have passed since last update.

credentials.yml.enc やめたい…

Posted at

概要

Rails5.2でconfig/secrets.ymlの代わりに入ったconfig/credentials.yml.encだが
環境毎に変える機能がなかったりして、外部APIへの接続情報をstaging系とproduction系で分ける、みたいなことができない。

また、Deviseが何をするにもsecret_keyを要求するせいで、
master.keyを作り直そうとして、master.keyとcredentials.yml.encを削除してから
bin/rails credentials:editを叩くとエラーを吐いてしまい、スタックしてしまう。

もういっそ、Rails5.1時代のsecrets.ymlと同じ状態で使いたい。

結果

こうなりました。
ちゃんとENVも展開されます。

config/application.rb
module XXXXX
  class Application < Rails::Application
    # Initialize configuration defaults for originally generated Rails version.
    config.load_defaults 5.2

    config.require_master_key = false
    config.x.secrets = ActiveSupport::InheritableOptions.new(config_for(:secrets))
    config.secret_token = config.x.secrets.secret_key_base
  end
end
config/secrets.yml
# Be sure to restart your server when you modify this file.

# Your secret key is used for verifying the integrity of signed cookies.
# If you change this key, all old signed cookies will become invalid!

# Make sure the secret is at least 30 characters and all random,
# no regular words or you'll be exposed to dictionary attacks.
# You can use `rails secret` to generate a secure secret key.

# Make sure the secrets in this file are kept private
# if you're sharing your code publicly.

# Shared secrets are available across all environments.

# shared:
#   api_key: a1B2c3D4e5F6

# Environmental secrets are only available for that specific environment.

development:
  secret_key_base: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

test:
  secret_key_base: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

# Do not keep production secrets in the unencrypted secrets file.
# Instead, either read values from the environment.
# Or, use `bin/rails secrets:setup` to configure encrypted secrets
# and move the `production:` environment over there.

production:
  secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>

secretの部分は

$ bin/rails secret

で生成すること。

8
10
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
8
10

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?