From 52bc33115d1dc0c544244aa008cb0f2c356531d1 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 15 Oct 2024 10:14:17 -0400 Subject: [PATCH] Add mention of encryption secrets to production sample (#32512) --- .env.production.sample | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.env.production.sample b/.env.production.sample index 0b458a1aa..87ea031c4 100644 --- a/.env.production.sample +++ b/.env.production.sample @@ -45,6 +45,16 @@ ES_PASS=password SECRET_KEY_BASE= OTP_SECRET= +# Encryption secrets +# ------------------ +# Must be available (and set to same values) for all server processes +# These are private/secret values, do not share outside hosting environment +# Use `bin/rails db:encryption:init` to generate fresh secrets +# ------------------ +# ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY= +# ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT= +# ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY= + # Web Push # -------- # Generate with `bundle exec rails mastodon:webpush:generate_vapid_key`