我使用以下版本 独角兽4.9 Rails 4.2.1 Ruby 2.2.1 Nginx 1.4.6 Capistrano 3.4.0
当我将我的应用程序部署到生产服务器并尝试访问其中一个页面时,我在unicorn.log文件中看到错误:"应用程序错误:缺少secret_token和secret_key_base '生产'环境,在config/secrets.yml(RuntimeError)"
我已经阅读了有关独角兽问题和阅读ENV变量的帖子,所以我把那些"缺失"密钥作为config/secrets.yml中的常量值:
production:
secret_key_base: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
secret_token: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
但是我仍然得到相同的错误信息,所以它可能不是unicorn + ENV变量问题。 你能猜出这里发生了什么吗?
编辑:此错误的回溯
E, [2015-05-11T16:06:55.297893 #26836] ERROR -- : app error: Missing `secret_token` and `secret_key_base` for 'production' environment, set these values in `config/secrets.yml` (RuntimeError)
E, [2015-05-11T16:06:55.298352 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/railties-4.2.1/lib/rails/application.rb:534:in `validate_secret_key_config!'
E, [2015-05-11T16:06:55.298592 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/railties-4.2.1/lib/rails/application.rb:246:in `env_config'
E, [2015-05-11T16:06:55.298839 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/railties-4.2.1/lib/rails/engine.rb:514:in `call'
E, [2015-05-11T16:06:55.299089 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/railties-4.2.1/lib/rails/application.rb:164:in `call'
E, [2015-05-11T16:06:55.299313 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/rack-1.6.0/lib/rack/tempfile_reaper.rb:15:in `call'
E, [2015-05-11T16:06:55.299550 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/rack-1.6.0/lib/rack/commonlogger.rb:33:in `call'
E, [2015-05-11T16:06:55.299778 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/rack-1.6.0/lib/rack/chunked.rb:54:in `call'
E, [2015-05-11T16:06:55.300011 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/rack-1.6.0/lib/rack/content_length.rb:15:in `call'
E, [2015-05-11T16:06:55.300255 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/lib/unicorn/http_server.rb:580:in `process_client'
E, [2015-05-11T16:06:55.300490 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/lib/unicorn/http_server.rb:674:in `worker_loop'
E, [2015-05-11T16:06:55.300722 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/lib/unicorn/http_server.rb:529:in `spawn_missing_workers'
E, [2015-05-11T16:06:55.300955 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/lib/unicorn/http_server.rb:540:in `maintain_worker_count'
E, [2015-05-11T16:06:55.301197 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/lib/unicorn/http_server.rb:294:in `join'
E, [2015-05-11T16:06:55.301506 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/gems/unicorn-4.9.0/bin/unicorn:126:in `<top (required)>'
E, [2015-05-11T16:06:55.301746 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/bin/unicorn:23:in `load'
E, [2015-05-11T16:06:55.301962 #26836] ERROR -- : /home/deploy/apps/MYAPP/shared/bundle/ruby/2.2.0/bin/unicorn:23:in `<main>'
我注意到它会转到名为ruby/2.2.0的目录,尽管ruby -v显示了ruby 2.2.1p85。 Dows有意义吗?
答案 0 :(得分:0)
建议不要在secretts.yml文件中包含您的实际密钥。
因此,使用环境变量将其恢复到更安全的版本。
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
etc.
然后将这两行添加到Unicorn环境配置文件 $ / etc / default / unicorn
# Application specific settings
export SECRET_KEY=XXXXXXXXXXXXXXXXXXXXXXXXX
export SECRET_KEY_BASE=XXXXXXXXXXXXXXXXXXXXXXXXXX
终止并重新启动Unicorn进程以加载这些环境变量。
答案 1 :(得分:-3)
部署应用程序时,安全性应该是首要任务。我知道这很难,但安全不应该是你之后实施的。
我已经编写了一份指南,帮助人们使用capistrano安全地部署rails应用程序。
设置为:Nginx +独角兽+零停机时间
步骤:
它使用dotenv-rails导出环境变量,使用上面的注释,您可以在需要时安全地在应用程序中使用环境变量。
希望它有所帮助。