轨道/独角兽错误：无法读取secret_key_base和 “配置/ secrets.yml”

Question

我用下面的版本 独角兽4.9 的Rails 4.2.1 的Ruby 2.2.1 Nginx的1.4.6 Capistrano的3.4 secret_token。 0

当我部署应用到生产服务器，并力争达到某个页面的我看到unicorn.log文件中的错误：“应用程序错误：缺少对‘生产’的环境中，在设置这些值secret_token和secret_key_baseconfig/secrets.yml（RuntimeError）“

我读过帖子的语气有关与独角兽和阅读ENV变量的问题，所以我包括那些“失踪”键恒定值config/secrets.yml：

production: 
    secret_key_base: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 
    secret_token: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 

但我仍然得到同样的错误信息，所以它可能不是一个独角兽+ ENV变量问题。 你能猜到这里发生了什么？

编辑：回溯此错误

E, [2015-05-11T16:06:55.297893 #26836] ERROR -- : app error: Missing `secret_token` and `secret_key_base` for 'production' environment, set these values in `config/secrets.yml` (RuntimeError) 
E, [2015-05-11T16:06:55.298352 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/railties-4.2.1/lib/rails/application.rb:534:in `validate_secret_key_config!' 
E, [2015-05-11T16:06:55.298592 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/railties-4.2.1/lib/rails/application.rb:246:in `env_config' 
E, [2015-05-11T16:06:55.298839 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/railties-4.2.1/lib/rails/engine.rb:514:in `call' 
E, [2015-05-11T16:06:55.299089 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/railties-4.2.1/lib/rails/application.rb:164:in `call' 
E, [2015-05-11T16:06:55.299313 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/rack-1.6.0/lib/rack/tempfile_reaper.rb:15:in `call' 
E, [2015-05-11T16:06:55.299550 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/rack-1.6.0/lib/rack/commonlogger.rb:33:in `call' 
E, [2015-05-11T16:06:55.299778 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/rack-1.6.0/lib/rack/chunked.rb:54:in `call' 
E, [2015-05-11T16:06:55.300011 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/rack-1.6.0/lib/rack/content_length.rb:15:in `call' 
E, [2015-05-11T16:06:55.300255 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/lib/unicorn/http_server.rb:580:in `process_client' 
E, [2015-05-11T16:06:55.300490 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/lib/unicorn/http_server.rb:674:in `worker_loop' 
E, [2015-05-11T16:06:55.300722 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/lib/unicorn/http_server.rb:529:in `spawn_missing_workers' 
E, [2015-05-11T16:06:55.300955 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/lib/unicorn/http_server.rb:540:in `maintain_worker_count' 
E, [2015-05-11T16:06:55.301197 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/lib/unicorn/http_server.rb:294:in `join' 
E, [2015-05-11T16:06:55.301506 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/bin/unicorn:126:in `<top (required)>' 
E, [2015-05-11T16:06:55.301746 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/bin/unicorn:23:in `load' 
E, [2015-05-11T16:06:55.301962 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/bin/unicorn:23:in `<main>' 

我已经注意到，它关系到一个名为ruby/2.2.0虽然ruby -v显示红宝石2.2.1p85目录。它有意义吗？

Answer 1

建议您不要在secretts.yml文件中包含实际的密钥。

因此，使用环境变量回滚到更安全的版本。

secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> 
etc. 

然后这两行添加到麒麟环境配置文件$ /等/默认/麒麟

# Application specific settings 
export SECRET_KEY=XXXXXXXXXXXXXXXXXXXXXXXXX 
export SECRET_KEY_BASE=XXXXXXXXXXXXXXXXXXXXXXXXXX 

杀死并重新启动独角兽流程，以获得这些环境变量加载。

Answer 2

部署应用程序时，安全性应该是头等大事。我知道这很难，但安全不应该是你之后实施的。

我写了一本指南，帮助人们安全地部署rails应用程序与capistrano。

设置是：Nginx的+麒麟+零个停机

步骤：

1. https://github.com/JensDebergh/guides/blob/master/operations/server/1-setup.md
2. https://github.com/JensDebergh/guides/blob/master/operations/server/2-deploy-setup.md
3. https://github.com/JensDebergh/guides/blob/master/operations/server/3-app-deploy.md

它使用dotenv-rails出口环境变量并用评论上面你可以在需要的地方安全地使用应用程序中的环境变量

希望它有帮助。