Unfloyded/Legamunt
0
0
Fork 0
Code Activity

Merge remote-tracking branch 'upstream/main'

Browse source
This commit is contained in:
オスカー、 2024-10-28 21:25:56 +09:00
commit 1e70b14213
No known key found for this signature in database
GPG key ID: 139D6573F92DA9F7
385 changed files with 5806 additions and 3603 deletions
Download patch file Download diff file Expand all files Collapse all files

13
lib/tasks/db.rake
View file

@ -7,8 +7,19 @@ namespace :db do
namespace :encryption do
desc 'Generate a set of keys for configuring Active Record encryption in a given environment'
task :init do # rubocop:disable Rails/RakeEnvironment
if %w(
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY
).any? { |key| ENV.key?(key) }
pastel = Pastel.new
puts pastel.red(<<~MSG)
WARNING: It looks like encryption secrets have already been set. Please ensure you are not changing secrets for a Mastodon installation that already uses them, as this will cause data loss and other issues that are difficult to recover from.
MSG
end
puts <<~MSG
Add these secret environment variables to your Mastodon environment (e.g. .env.production):#{' '}
Add the following secret environment variables to your Mastodon environment (e.g. .env.production), ensure they are shared across all your nodes and do not change them after they are set:#{' '}
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=#{SecureRandom.alphanumeric(32)}
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=#{SecureRandom.alphanumeric(32)}