Add note about not changing ActiveRecord encryption secrets once they are set (#32413)
This commit is contained in:
parent
a295832960
commit
81472396bc
1 changed files with 1 additions and 1 deletions
|
@ -8,7 +8,7 @@ namespace :db do
|
||||||
desc 'Generate a set of keys for configuring Active Record encryption in a given environment'
|
desc 'Generate a set of keys for configuring Active Record encryption in a given environment'
|
||||||
task :init do # rubocop:disable Rails/RakeEnvironment
|
task :init do # rubocop:disable Rails/RakeEnvironment
|
||||||
puts <<~MSG
|
puts <<~MSG
|
||||||
Add these secret environment variables to your Mastodon environment (e.g. .env.production):#{' '}
|
Add the following secret environment variables to your Mastodon environment (e.g. .env.production), ensure they are shared across all your nodes and do not change them after they are set:#{' '}
|
||||||
|
|
||||||
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=#{SecureRandom.alphanumeric(32)}
|
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=#{SecureRandom.alphanumeric(32)}
|
||||||
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=#{SecureRandom.alphanumeric(32)}
|
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=#{SecureRandom.alphanumeric(32)}
|
||||||
|
|
Loading…
Reference in a new issue