軌道/獨角獸錯誤：無法讀取secret_key_base和 「配置/ secrets.yml」

Question

我用下面的版本 獨角獸4.9 的Rails 4.2.1 的Ruby 2.2.1 Nginx的1.4.6 Capistrano的3.4 secret_token。 0

當我部署應用到生產服務器，併力爭達到某個頁面的我看到unicorn.log文件中的錯誤：「應用程序錯誤：缺少對‘生產’的環境中，在設置這些值secret_token和secret_key_baseconfig/secrets.yml（RuntimeError）「

我讀過帖子的語氣有關與獨角獸和閱讀ENV變量的問題，所以我包括那些「失蹤」鍵恆定值config/secrets.yml：

production: 
    secret_key_base: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 
    secret_token: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX 

但我仍然得到同樣的錯誤信息，所以它可能不是一個獨角獸+ ENV變量問題。 你能猜到這裏發生了什麼？

編輯：回溯此錯誤

E, [2015-05-11T16:06:55.297893 #26836] ERROR -- : app error: Missing `secret_token` and `secret_key_base` for 'production' environment, set these values in `config/secrets.yml` (RuntimeError) 
E, [2015-05-11T16:06:55.298352 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/railties-4.2.1/lib/rails/application.rb:534:in `validate_secret_key_config!' 
E, [2015-05-11T16:06:55.298592 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/railties-4.2.1/lib/rails/application.rb:246:in `env_config' 
E, [2015-05-11T16:06:55.298839 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/railties-4.2.1/lib/rails/engine.rb:514:in `call' 
E, [2015-05-11T16:06:55.299089 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/railties-4.2.1/lib/rails/application.rb:164:in `call' 
E, [2015-05-11T16:06:55.299313 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/rack-1.6.0/lib/rack/tempfile_reaper.rb:15:in `call' 
E, [2015-05-11T16:06:55.299550 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/rack-1.6.0/lib/rack/commonlogger.rb:33:in `call' 
E, [2015-05-11T16:06:55.299778 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/rack-1.6.0/lib/rack/chunked.rb:54:in `call' 
E, [2015-05-11T16:06:55.300011 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/rack-1.6.0/lib/rack/content_length.rb:15:in `call' 
E, [2015-05-11T16:06:55.300255 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/lib/unicorn/http_server.rb:580:in `process_client' 
E, [2015-05-11T16:06:55.300490 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/lib/unicorn/http_server.rb:674:in `worker_loop' 
E, [2015-05-11T16:06:55.300722 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/lib/unicorn/http_server.rb:529:in `spawn_missing_workers' 
E, [2015-05-11T16:06:55.300955 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/lib/unicorn/http_server.rb:540:in `maintain_worker_count' 
E, [2015-05-11T16:06:55.301197 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/lib/unicorn/http_server.rb:294:in `join' 
E, [2015-05-11T16:06:55.301506 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/bin/unicorn:126:in `<top (required)>' 
E, [2015-05-11T16:06:55.301746 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/bin/unicorn:23:in `load' 
E, [2015-05-11T16:06:55.301962 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/bin/unicorn:23:in `<main>' 

我已經注意到，它關係到一個名爲ruby/2.2.0雖然ruby -v顯示紅寶石2.2.1p85目錄。它有意義嗎？

Answer 1

建議您不要在secretts.yml文件中包含實際的密鑰。

因此，使用環境變量回滾到更安全的版本。

secret_key_base: <%= ENV["SECRET_KEY_BASE"] %> 
etc. 

然後這兩行添加到麒麟環境配置文件$ /等/默認/麒麟

# Application specific settings 
export SECRET_KEY=XXXXXXXXXXXXXXXXXXXXXXXXX 
export SECRET_KEY_BASE=XXXXXXXXXXXXXXXXXXXXXXXXXX 

殺死並重新啓動獨角獸流程，以獲得這些環境變量加載。

Answer 2

部署應用程序時，安全性應該是頭等大事。我知道這很難，但安全不應該是你之後實施的。

我寫了一本指南，幫助人們安全地部署rails應用程序與capistrano。

設置是：Nginx的+麒麟+零個停機

步驟：

1. https://github.com/JensDebergh/guides/blob/master/operations/server/1-setup.md
2. https://github.com/JensDebergh/guides/blob/master/operations/server/2-deploy-setup.md
3. https://github.com/JensDebergh/guides/blob/master/operations/server/3-app-deploy.md

它使用dotenv-rails出口環境變量並用評論上面你可以在需要的地方安全地使用應用程序中的環境變量

希望它有幫助。