impress/config/initializers
Emi Matchu 5b016673d7 Migrate secret key to Rails credentials file (and fix deprecation warn)
There's a bit happening behind the scenes of this change. Previously,
we kept a `SECRET_TOKEN` environment variable in `production.env`, and
used a `secret_token.rb` initializer to wire it up as the
`secret_key_base`.

In this change, we move to Rails's new-ish (two years old :p) encrypted
credentials system. Now, we set a `RAILS_MASTER_KEY` environment
variable in the deployed `production.env` instead (and in our local
`.env.production` in the project root for managing it), and we can run
`rails credentials:edit` to open the encrypted file in a text editor.

Inside, the content is just:
```yml
secret_key_base: "<OUR_SECRET_KEY>"
```

This indirection doesn't exactly do much for us functionally; it's just
the more standard way of achieving what our `secret_token.rb` situation
was achieving.

We could also migrate other secrets into there, and I just might! That
would simplify duplication between `/deploy/files/production.env` and
`/.env.production`, at any rate! The main notable one is
`MATCHU_EMAIL_PASSWORD` for sending auth emails from
`matchu@openneo.net` (and there's also a Stripe token that we don't
actually use in the app these days, those codepaths are old bones). Oh
and there's also the `IMPRESS_2020_SUPPORT_SECRET`!

Anyway, the motivation for this was to remove the warning when starting
the app that Devise is trying to use the deprecated
`Rails.application.secrets` method. I was expecting to have to do
[the workaround shared here](https://github.com/heartcombo/devise/issues/5644#issuecomment-1804626431),
but it turns out whatever default behavior Devise does under the hood
is happy enough with our new decision to use the credentials file, and
the deprecation warning is gone! Ok neat!
2024-02-22 12:36:30 -08:00
..
application_controller_renderer.rb Run rails app:update 2023-10-23 19:05:05 -07:00
asset_hosts.rb Use Fastly to cache our PNG assets from S3 2021-05-12 22:50:05 -07:00
assets.rb Fix typography on wardrobe 2020 page 2023-10-23 19:05:09 -07:00
attack.rb Try to fix the pet load limiter 2024-01-24 03:26:52 -08:00
backtrace_silencers.rb Upgrade to Rails 6.1.7.4 2023-10-23 19:05:07 -07:00
content_security_policy.rb Upgrade to Rails 7.1.1 2023-10-25 15:05:31 -07:00
cookies_serializer.rb Upgrade to Rails 6.0.6.1 2023-10-23 19:05:06 -07:00
devise.rb Can log into OpenNeo ID accounts directly! 2023-10-23 19:05:07 -07:00
filter_parameter_logging.rb Upgrade to Rails 7.1.1 2023-10-25 15:05:31 -07:00
impress_2020.rb Add support_staff flag to user record; they can use Support tools 2024-01-29 04:21:19 -08:00
inflections.rb Upgrade to Rails 7.1.1 2023-10-25 15:05:31 -07:00
locale_meta.rb latest i18n gem cares is stricter about locales, so configure better. this works, right? :x 2015-07-16 18:59:45 -04:00
mime_types.rb Run rails app:update 2023-10-23 19:05:05 -07:00
permissions_policy.rb Upgrade to Rails 7.1.1 2023-10-25 15:05:31 -07:00
rspec_generator.rb rspec:install 2010-05-14 18:17:10 -04:00
sentry.rb Add Sentry to Rails 2023-11-06 12:37:40 -08:00
session_store.rb Invalidate old session cookies 2023-10-23 19:05:06 -07:00
stripe.rb Remove references to the Stripe gem 2023-07-21 18:54:15 -07:00
wrap_parameters.rb Run rails app:update 2023-10-23 19:05:05 -07:00