diff options
| author | Star Rauchenberger <fefferburbia@gmail.com> | 2024-12-07 13:31:31 -0500 |
|---|---|---|
| committer | Star Rauchenberger <fefferburbia@gmail.com> | 2024-12-07 13:31:31 -0500 |
| commit | b5afc0cf9db8d50d1d95fc2c2fe8b451f8825b46 (patch) | |
| tree | 95ea3dfc7d0aa75be20f4e6f7cfe099b96805c21 /config | |
| parent | eb41f85dd46b4d224aa3f3bc2c05d577ac50625f (diff) | |
| download | thoughts-b5afc0cf9db8d50d1d95fc2c2fe8b451f8825b46.tar.gz thoughts-b5afc0cf9db8d50d1d95fc2c2fe8b451f8825b46.tar.bz2 thoughts-b5afc0cf9db8d50d1d95fc2c2fe8b451f8825b46.zip | |
Moved secret base, Akismet, Sendgrid, and database keys into credentials
Diffstat (limited to 'config')
| -rw-r--r-- | config/akismet.yml | 6 | ||||
| -rw-r--r-- | config/credentials.yml.enc | 1 | ||||
| -rw-r--r-- | config/credentials/production.yml.enc | 1 | ||||
| -rw-r--r-- | config/database.yml | 31 | ||||
| -rw-r--r-- | config/deploy.rb | 2 | ||||
| -rw-r--r-- | config/environments/production.rb | 5 | ||||
| -rw-r--r-- | config/initializers/akismet.rb | 4 | ||||
| -rw-r--r-- | config/mail.yml | 12 | ||||
| -rw-r--r-- | config/secrets.yml | 32 |
9 files changed, 42 insertions, 52 deletions
| diff --git a/config/akismet.yml b/config/akismet.yml deleted file mode 100644 index 581aa7b..0000000 --- a/config/akismet.yml +++ /dev/null | |||
| @@ -1,6 +0,0 @@ | |||
| 1 | production: | ||
| 2 | api_key: "" | ||
| 3 | app_url: "" | ||
| 4 | development: | ||
| 5 | api_key: "" | ||
| 6 | app_url: "" | ||
| diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc new file mode 100644 index 0000000..90d7ee5 --- /dev/null +++ b/config/credentials.yml.enc | |||
| @@ -0,0 +1 @@ | |||
| KrLA+ftWWLuC9JQBmExf5RXFOqp9q+CZCY6DJ8d0sgVUQXxcDToVqntxRRsqrTHvJ48xmRUgA4OmXUI1ZE3JtJQOuRmQHJf3bMtSlXDOzQTgNeIyzH3++Kcss3dIeM2+gnT8wxE2y6Tj2+KyB4tJGMeX1elSFK41rGz4zQzYVva3MVNKUmD1wV9p28sxtUSkDbiFxa2tDLGddor3Nqf7n4nuBLxpU4G1b7lhsAAQ4MYALvll0q3Uk54vEqyoiWEDC0fzqi1eWH/MQjcY6h6tXKEgElrXekx8N3agScXS50n2OzGx2ZbW99AwD0DxY6v1PtlAuW2OwEPFPvYaTu5cfsfaAJ5NKEMN4ahkHAerZpuJuoYgPOmnoM+mUZVPkaUWTRFkPBFRomrXtZ6e6OTAi/6Tnq9r/PAgpK9xeK0t8B2g0EpY/1FGvoByC0GDrzF2iJZg79y7B5xqhP9APrkTSJLCiNB3IdWwc2n45U6lPqt8ew1s9uxHQ5M9olBOkXnTDsj2--XBeKpE20qGij/dTL--9IG+AQxUdaR/ZcaUQ/cRvQ== \ No newline at end of file | |||
| diff --git a/config/credentials/production.yml.enc b/config/credentials/production.yml.enc new file mode 100644 index 0000000..57fa6de --- /dev/null +++ b/config/credentials/production.yml.enc | |||
| @@ -0,0 +1 @@ | |||
| or84evW/EFy7dAsGJwX/FWF21rQir51D4PkJnaAsA9SUbrHFnMl5kQI4U6r8TBlIhCZjwZQN7Xw0tYe8D0EXjZCTdIyIMOPj0HKpP4XI0lPxSlMOZnQ7LSM2RxtIOIlKc9fdRQ1ouPxg7/yTTtyn625ma+UcWo+wFlGG+EGBD+PXAyVIMTR68Km/3A3/emLfGixG9ciDywHTz4b0FtzD8Y2eqZngn27zNmj5b4pMBa/UcbaQ8XS+oiwVfdndMnimmW2SoWm5tnCZyTpH+qxuYOu3mPyUUTHvnTTEkwTD4/qgpfJR1NnDmT+sspj5WqxLBvX2dgYZX1C/rlC/YocNyaMq5roBTM83yASridFNd+1tUohIhk5e/eIOrGFXnX1p6xNScEA+jYgdDiBsYjrOqhUw9jjk4y8EqToGo9UzJkWveWVUz6Iox9QdS/02e69hWO0tGC0CrEXqxZTabUA5cHrJpiZrafLLrnklYMpUhB/xtBFRQ0g3OeKX+l0wg5WbeI4L1RMT5Q5s36fwMMS9pMdYXhUAwkjAFBnMVvZYsP6K4mZzW4WrSVmMiY5VEOu9OPaLCOoFjOjRmp4W0yqlJm8NxRe1YrPKYG1X--vcDrrozJjl+FVmdV--Wcf7sEHiw54/Tv1iLM9e/A== \ No newline at end of file | |||
| diff --git a/config/database.yml b/config/database.yml new file mode 100644 index 0000000..78f158b --- /dev/null +++ b/config/database.yml | |||
| @@ -0,0 +1,31 @@ | |||
| 1 | # SQLite version 3.x | ||
| 2 | # gem install sqlite3 | ||
| 3 | # | ||
| 4 | # Ensure the SQLite 3 gem is defined in your Gemfile | ||
| 5 | # gem 'sqlite3' | ||
| 6 | # | ||
| 7 | default: &default | ||
| 8 | adapter: sqlite3 | ||
| 9 | pool: <%= ENV.fetch("RAILS_MAX_THREADS") { 5 } %> | ||
| 10 | timeout: 5000 | ||
| 11 | |||
| 12 | development: | ||
| 13 | <<: *default | ||
| 14 | database: db/development.sqlite3 | ||
| 15 | |||
| 16 | # Warning: The database defined as "test" will be erased and | ||
| 17 | # re-generated from your development database when you run "rake". | ||
| 18 | # Do not set this db to the same as development or production. | ||
| 19 | test: | ||
| 20 | <<: *default | ||
| 21 | database: db/test.sqlite3 | ||
| 22 | |||
| 23 | production: | ||
| 24 | adapter: mysql2 | ||
| 25 | encoding: utf8mb4 | ||
| 26 | database: thoughts | ||
| 27 | pool: 5 | ||
| 28 | username: thoughts | ||
| 29 | password: <%= Rails.application.credentials.database_password %> | ||
| 30 | collation: utf8mb4_bin | ||
| 31 | socket: /var/run/mysqld/mysqld.sock | ||
| diff --git a/config/deploy.rb b/config/deploy.rb index 7d4c284..f28894f 100644 --- a/config/deploy.rb +++ b/config/deploy.rb | |||
| @@ -21,7 +21,7 @@ set :deploy_to, "/srv/www/thoughts" | |||
| 21 | # set :pty, true | 21 | # set :pty, true |
| 22 | 22 | ||
| 23 | # Default value for :linked_files is [] | 23 | # Default value for :linked_files is [] |
| 24 | append :linked_files, "config/database.yml", "config/secrets.yml", "config/akismet.yml", "config/mail.yml" | 24 | append :linked_files, "config/master.key", "config/credentials/production.key" |
| 25 | 25 | ||
| 26 | # Default value for linked_dirs is [] | 26 | # Default value for linked_dirs is [] |
| 27 | append :linked_dirs, "log", "tmp/pids", "tmp/cache", "tmp/sockets", "public/uploads", "storage" | 27 | append :linked_dirs, "log", "tmp/pids", "tmp/cache", "tmp/sockets", "public/uploads", "storage" |
| diff --git a/config/environments/production.rb b/config/environments/production.rb index 8f8be04..901cf23 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb | |||
| @@ -14,11 +14,6 @@ Rails.application.configure do | |||
| 14 | config.consider_all_requests_local = false | 14 | config.consider_all_requests_local = false |
| 15 | config.action_controller.perform_caching = true | 15 | config.action_controller.perform_caching = true |
| 16 | 16 | ||
| 17 | # Attempt to read encrypted secrets from `config/secrets.yml.enc`. | ||
| 18 | # Requires an encryption key in `ENV["RAILS_MASTER_KEY"]` or | ||
| 19 | # `config/secrets.yml.key`. | ||
| 20 | config.read_encrypted_secrets = true | ||
| 21 | |||
| 22 | # Disable serving static files from the `/public` folder by default since | 17 | # Disable serving static files from the `/public` folder by default since |
| 23 | # Apache or NGINX already handles this. | 18 | # Apache or NGINX already handles this. |
| 24 | config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? | 19 | config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? |
| diff --git a/config/initializers/akismet.rb b/config/initializers/akismet.rb index 325e48f..a0e40dc 100644 --- a/config/initializers/akismet.rb +++ b/config/initializers/akismet.rb | |||
| @@ -1,2 +1,2 @@ | |||
| 1 | Akismet.api_key = Rails.application.config_for(:akismet)[:api_key] | 1 | Akismet.api_key = Rails.application.credentials.akismet_api_key |
| 2 | Akismet.app_url = Rails.application.config_for(:akismet)[:app_url] | 2 | Akismet.app_url = Rails.application.credentials.akismet_app_url |
| diff --git a/config/mail.yml b/config/mail.yml index 3c88234..e2d15c3 100644 --- a/config/mail.yml +++ b/config/mail.yml | |||
| @@ -1,8 +1,8 @@ | |||
| 1 | production: | 1 | production: |
| 2 | smtp_settings: | 2 | smtp_settings: |
| 3 | address: "" | 3 | address: "smtp.sendgrid.com" |
| 4 | port: 25 | 4 | port: 587 |
| 5 | user_name: "" | 5 | user_name: "apikey" |
| 6 | password: "" | 6 | password: <%= Rails.application.credentials.sendgrid_api_key %> |
| 7 | authentication: "" | 7 | authentication: "plain" |
| 8 | openssl_verify_mode: "" | 8 | openssl_verify_mode: "none" |
| diff --git a/config/secrets.yml b/config/secrets.yml deleted file mode 100644 index 31946ec..0000000 --- a/config/secrets.yml +++ /dev/null | |||
| @@ -1,32 +0,0 @@ | |||
| 1 | # Be sure to restart your server when you modify this file. | ||
| 2 | |||
| 3 | # Your secret key is used for verifying the integrity of signed cookies. | ||
| 4 | # If you change this key, all old signed cookies will become invalid! | ||
| 5 | |||
| 6 | # Make sure the secret is at least 30 characters and all random, | ||
| 7 | # no regular words or you'll be exposed to dictionary attacks. | ||
| 8 | # You can use `rails secret` to generate a secure secret key. | ||
| 9 | |||
| 10 | # Make sure the secrets in this file are kept private | ||
| 11 | # if you're sharing your code publicly. | ||
| 12 | |||
| 13 | # Shared secrets are available across all environments. | ||
| 14 | |||
| 15 | # shared: | ||
| 16 | # api_key: a1B2c3D4e5F6 | ||
| 17 | |||
| 18 | # Environmental secrets are only available for that specific environment. | ||
| 19 | |||
| 20 | development: | ||
| 21 | secret_key_base: d56c163402b7f74e65934e2a5d5a0990a8120dc88c39c5ca00c143cbc1551f0d21e811cbd246c282ffc58d46286f5ae7d3231696c21772b252f137c24de0aa3f | ||
| 22 | |||
| 23 | test: | ||
| 24 | secret_key_base: 66e64fc722045f0e636e7658997477d4e265d14e5dfef59f045e3512019b38a885320274116edf354d390a6019555848a89d8a3e01a6091df83032120edff6ac | ||
| 25 | |||
| 26 | # Do not keep production secrets in the unencrypted secrets file. | ||
| 27 | # Instead, either read values from the environment. | ||
| 28 | # Or, use `bin/rails secrets:setup` to configure encrypted secrets | ||
| 29 | # and move the `production:` environment over there. | ||
| 30 | |||
| 31 | production: | ||
| 32 | secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> | ||