search

arlindohall / home-library

Rails app for managing personal books in a home library collection
0 stars 0 forks source link

Remove credentials file (currently in dotfiles) #12

Open arlindohall opened 1 year ago

arlindohall commented 1 year ago

Background

This project should run easily with the server setup logic in my dotfiles repo. Part of that is making the whole thing run on docker with as few files mapped as possible. I already (I think) set it up to pull the secret key base as an env variable, but I think if I pass in the master key instead it can encrypt the secret key base... or maybe it's the other way around?

I remember googling about it but I lost the links and forgot what the plan was. The below section is old and I don't remember what it means.

Ultimately the purpose of this is so that the thing runs in docker and can be wrapped with a script and still get the needed secret keys to be consistent between deployments to the same server.

Description

Remove the credentials file, pass in secret_key_base as an environment variable, and remove master.key if possible.

While doing this, add the docker-run.rb script back and have the dot files repo that consumes it copy it to the current directory.

arlindohall commented 3 months ago

Resources for the right way to do this... use master.key and environment variables on the deployment platform...

A comprehensive examination of Rails Secrets, Credentials, and Secret Key Base · GitHub

Containerizing a Ruby on Rails Application for Development with Docker Compose | DigitalOcean

Getting Started · Fly Docs

Environment Configuration · Fly Docs