mirror of
https://github.com/discourse/discourse.git
synced 2024-11-30 07:13:44 +08:00
move secret token into redis to ease install
This commit is contained in:
parent
0061fc33cd
commit
b5b22f0f36
|
@ -1,18 +1,10 @@
|
||||||
|
# We have had lots of config issues with SECRET_TOKEN to avoid this mess we are moving it to redis
|
||||||
# Definitely change this when you deploy to production. Ours is replaced by jenkins.
|
# if you feel strongly that it does not belong there use ENV['SECRET_TOKEN']
|
||||||
# This token is used to secure sessions, we don't mind shipping with one to ease test and debug,
|
|
||||||
# however, the stock one should never be used in production, people will be able to crack
|
|
||||||
# session cookies.
|
|
||||||
#
|
#
|
||||||
# Generate a new secret with "rake secret". Copy the output of that command and paste it
|
token = ENV['SECRET_TOKEN'] || $redis.get('SECRET_TOKEN')
|
||||||
# in your secret_token.rb as the value of Discourse::Application.config.secret_token:
|
unless token && token.length == 128
|
||||||
#
|
token = SecureRandom.hex(64)
|
||||||
# Discourse::Application.config.secret_token = "SET_SECRET_HERE"
|
$redis.set('SECRET_TOKEN',token)
|
||||||
|
|
||||||
if Rails.env.test? || Rails.env.development? || Rails.env == "profile"
|
|
||||||
Discourse::Application.config.secret_token = "47f5390004bf6d25bb97083fb98e7cc133ab450ba814dd19638a78282b4ca291"
|
|
||||||
else
|
|
||||||
raise "You must set a secret token in ENV['SECRET_TOKEN'] or in config/initializers/secret_token.rb" if ENV['SECRET_TOKEN'].blank?
|
|
||||||
Discourse::Application.config.secret_token = ENV['SECRET_TOKEN']
|
|
||||||
end
|
end
|
||||||
|
|
||||||
|
Discourse::Application.config.secret_token = token
|
||||||
|
|
|
@ -189,12 +189,6 @@ Edit /var/www/discourse/config/discourse.pill
|
||||||
- Ensure appropriate Bluepill.application line is uncommented
|
- Ensure appropriate Bluepill.application line is uncommented
|
||||||
- search for "host to run on" and change to current hostname
|
- search for "host to run on" and change to current hostname
|
||||||
|
|
||||||
Edit /var/www/discourse/config/initializers/secret_token.rb
|
|
||||||
|
|
||||||
- uncomment secret_token line
|
|
||||||
- replace SET_SECRET_HERE with the output from 'RAILS_ENV=production rake secret' command run from the discourse directory (`/var/www/discourse`)
|
|
||||||
- delete the lines below as per instructions in the file
|
|
||||||
|
|
||||||
Edit /var/www/discourse/config/environments/production.rb
|
Edit /var/www/discourse/config/environments/production.rb
|
||||||
- browse througn all the settings
|
- browse througn all the settings
|
||||||
- be sure to add your mail server SMTP settings so outgoing mail can be sent (we recommend [Mandrill](https://mandrillapp.com))
|
- be sure to add your mail server SMTP settings so outgoing mail can be sent (we recommend [Mandrill](https://mandrillapp.com))
|
||||||
|
|
Loading…
Reference in New Issue
Block a user