Reputation: 7391
Missing `secret_key_base` for 'production' environment
I have an error Missing 'secret_key_base' for 'production' environment in my nginx error.log. When I open my secrets.yml, I see:
development:
secret_key_base: 123...
test:
secret_key_base: 321...
# Do not keep production secrets in the repository,
# instead read values from the environment.
production:
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
Where SECRET_KEY_BASE is defined? Should I add it somewhere?
As a result, nginx shows 502 Bad Gateway for my Rails App. Rails version 4.1.1
Upvotes: 2
Views: 4005
Answers (4)
Reputation: 7391
Simple fix would be:
development:
secret_key_base: 123...
test:
secret_key_base: 321...
# Do not keep production secrets in the repository,
# instead read values from the environment.
production:
secret_key_base: 123... # make/rebuild similar hash as defined in development and test variables
Upvotes: 0
Reputation: 157
Note, if you are running Rails 4.2.5.1 (or maybe any flavor of Rails 4.2 ?), you might find that, even with secrets.yml present in the production directory, it is not getting picked up, if running WEBrick. I'm running a small rails website, on a local LAN only (not exposed to world). If I start (in production) using command line:
rails server -b 0.0.0.0 -p 3000 -e p
the webserver starts ok, but from the browser, I get the "Missing secret_token and secret_key_base for 'p' environment..." error. But if I start the server with:
rails server -b 0.0.0.0 -p 3000 -e production
then everything works fine, as the secrets.yml file is accessed correctly. The string provided after the '-e' option determines which secret_key_base is picked up in the secrets.yml file. Options are: "development:", "test:" and "production:", and the word must spelled out in full.
Upvotes: 0
Reputation: 1040
Here's what I do in my production deployment script:
export SECRET_KEY_BASE=${SECRET_KEY_BASE:=`rake secret`}
This will occupy environment variable SECRET_KEY_BASE with the result of rake secret only if SECRET_KEY_BASE is empty.
Upvotes: 0
Reputation: 4713
It's expecting an environment variable that you can set either in your own code somewhere else, in your bash profile, or in a dotenv file.
See Is it possible to set ENV variables for rails development environment in my code? for more details.
Personally I just put all my sensitive stuff directly in secrets.yml and just keep that out of the repository since that seems to be the intended purpose of that file.
Upvotes: 7
Related Questions
- Rails: How to fix "Missing secret_key_base for 'production' environment"
- Missing production secret_key_base in rails
- How to solve error "Missing `secret_key_base` for 'production' environment" (Rails 4.1)
- Missing `secret_key_base` for 'production' environment on Ubuntu 18.04 server (Rails 6.0), multiple topics tried
- Rails doesn't pick up SECRET_KEY_BASE environment variable
- SemiFixed: Missing `secret_key_base` for 'production' environment
- Missing secret_key_base in rails production
- Missing secret_key_base for production environment - hosting a rails 4.1.4 app on heroku
- Missing `secret_key_base` for 'production' environment, set this value in `config/secrets.yml`
- Missing secret key base for production environment