If we could set SECRET_KEY_BASE in the PUN globally (optionally generate or read a unique value per-user). I'm not sure we want to have this change between PUN invocations though.
One option is that the place to put this is in the /etc/ood/profile, prior to launching the PUN. Then no modification to config file would be required.
Would it be beneficial/desirable that PUN Rails apps share the same SECRET_KEY_BASE or would that be problematic? It could allow for easier interoperability between apps.
Would it be beneficial/desirable to have SECRET_KEY_BASE be a different value from the one committed to the repo. Yes, for security reasons; though some of the problems that SECRET_KEY_BASE is meant to protect against are not problems OOD users likely face due to our architecture.
If we could set SECRET_KEY_BASE in the PUN globally (optionally generate or read a unique value per-user). I'm not sure we want to have this change between PUN invocations though.
One option is that the place to put this is in the /etc/ood/profile, prior to launching the PUN. Then no modification to config file would be required.