Ruby-on-rails Rails:如何修复“生产环境中缺少 secret_key_base”
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/51466887/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Rails: How to fix "Missing secret_key_base for 'production' environment"
提问by Sylar
I simply can't get past the message:
我根本无法通过消息:
Missing `secret_key_base` for 'production' environment, set this string with `rails credentials:edit` (ArgumentError)
I have Rails 5.2.0, and ran
我有 Rails 5.2.0,然后跑了
EDITOR=vim rails credentials:edit
and inside:
和里面:
production:
secret_key_base: xxxxxxxxxxxxxxxxxxxxxxx
Save and, in the terminal:
保存并在终端中:
RAILS_ENV=production rails c
Am I missing something? I've restarted the server and got the same issue, but have no issue in development mode.
我错过了什么吗?我重新启动了服务器并遇到了同样的问题,但在开发模式下没有问题。
采纳答案by 7urkm3n
Keep default the secrets.ymlfile
保持默认secrets.yml文件
# config/secrets.yml
production:
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
RAILS_ENV=production SECRET_KEY_BASE=production_test_key rails c
回答by Eric Platon
Rails 5.2.0 requires an extra stage for the production environment:
Rails 5.2.0 需要一个额外的生产环境阶段:
config.require_master_key = true # in config/environments/production.rb
Without it, Rails still falls back to the legacy secret.ymlmechanism (for now).
没有它,Rails 仍然会回退到遗留secret.yml机制(目前)。
Engine Yard's Christopher Rigor has written a concise post on it. The relevant piece:
Engine Yard 的 Christopher Rigor写了一篇简明的文章。相关部分:
Reading the Credentials
If you want to use the credentials in the production environment, add the following to
config/environments/production.rbconfig.require_master_key = true
阅读凭据
如果要在生产环境中使用凭据,请将以下内容添加到
config/environments/production.rbconfig.require_master_key = true
A good read to also see up and down sides.
一个很好的阅读也可以看到上下两面。
Note: As @TomDogg found out, Rails 5.2.1 seems again different, so this answer may only apply to 5.2.0.
注意:正如@TomDogg 发现的那样,Rails 5.2.1 似乎再次不同,所以这个答案可能只适用于 5.2.0。
回答by LightMan
There are no production:development:and test:environment tags in the credentials file. Further information in this DHH's post: https://github.com/rails/rails/pull/30067
凭证文件中没有production:development:和test:环境标签。此 DHH 帖子中的更多信息:https: //github.com/rails/rails/pull/30067
So write directly
所以直接写
secret_key_base: xxxxxxxxxxxxxxxxxxxxxxx
Please don't confuse master key with the secret key base. The master key is used to open the credentials encrypted file.
请不要将主密钥与秘密密钥库混淆。主密钥用于打开凭据加密文件。
Switching back to the previous secrets system should not be the solution, nor the accepted answer.
切换回以前的秘密系统不应该是解决方案,也不是公认的答案。
回答by TomDogg
config/credentials.yml.enc:
配置/凭证.yml.enc:
development:
some_username: XXXXXXXXX
some_password: YYYYYYYYY
test:
some_username: XXXXXXXXX
some_password: YYYYYYYYY
production:
some_username: XXXXXXXXX
some_password: YYYYYYYYY
secret_key_base: ZZZZZZZZZ
# `secret_key_base:` must NOT be indented !
# It must be put at the very start of a new line.
# There is also no need for it in development or test environment,
# since there are no attacks to be expected.
Also make sure that you respect all YAML indention rules (i.e. 2 spaces only) as failing to do so my make loading of this file fail silently.
还要确保您遵守所有 YAML 缩进规则(即仅 2 个空格),因为没有这样做,我对此文件的加载会静默失败。
回答by Mike Svystun
Avoid putting secret_key_base under environment tag. Put it above it.
避免将 secret_key_base 放在环境标签下。把它放在上面。
This is wrong:
这是错误的:
production:
secret_key_base: xxxxxxxxxxxxxxxxxxxxxxx
some_other_key: xxx
Try this instead:
试试这个:
secret_key_base: xxxxxxxxxxxxxxxxxxxxxxx
production:
some_other_key: xxx
回答by Promise Preston
I experienced this same issue when working on a Rails 5.2 application in production.
在生产中处理 Rails 5.2 应用程序时,我遇到了同样的问题。
The problem is not that the secret_key_basewasn't set properly, it rather because of the Passing the environment's name as a regular argument like below is deprecated
问题不在于secret_key_base没有正确设置,而是因为不推荐将环境名称作为常规参数传递,如下所示
rails c RAILS_ENV=production
If you look at your error log generated closely from its top you will see this:
如果您仔细查看从顶部生成的错误日志,您会看到:
DEPRECATION WARNING: Passing the environment's name as a regular argument is deprecated and will be removed in the next Rails version. Please, use the -e option instead. (called from at bin/rails:9)
弃用警告:不推荐将环境名称作为常规参数传递,并将在下一个 Rails 版本中删除。请改用 -e 选项。(从 bin/rails:9 调用)
To run the rails console in a different environment, use the -e option like this:
要在不同的环境中运行 rails 控制台,请使用 -e 选项,如下所示:
rails console -e production
Note: Setting the secret_key_basein the secrets.ymlfile is not safe, as it's not a secure way of storing the key, please use the encrypted credential.ymlfile and the master keyto decrypt it.
注意:secret_key_base在secrets.yml文件中设置是不安全的,因为它不是一种安全的存储密钥的方式,请使用加密的credential.yml文件和master key来解密它。
That's all.
就这样。
I hope this helps
我希望这有帮助
回答by RWDJ
Secret_key_base isn't properly setting. It's a known issue not getting enough attention: https://github.com/rails/rails/issues/32947
Secret_key_base 设置不正确。这是一个没有得到足够重视的已知问题:https: //github.com/rails/rails/issues/32947
Generate the keys with:
生成密钥:
EDITOR=vim rails credentials:edit
Record the key.
Save in config/master.key.
记录密钥。保存在config/master.key.
SECRET_KEY_BASE=`cat config/master.key` bin/rails assets:precompile
This is the solution I came to. I really don't like how I've been forced to put it though an environment variable. If someone has more information to bring to my attention on how master.key and such work, please do comment.
这是我来的解决方案。我真的不喜欢我被迫将它放在环境变量中的方式。如果有人有更多关于 master.key 和此类工作的信息要引起我的注意,请发表评论。
