Leatherface/mastodon
1
0
Fork 0
mirror of https://github.com/glitch-soc/mastodon.git synced 2025-12-14 00:08:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge commit '7c10b0fb7a078661558fef86399d86831423260c' into glitch-soc/merge-upstream

Browse Source
This commit is contained in:
Claire
2024-10-14 19:46:52 +02:00
parent 888e6a3439 7c10b0fb7a
commit 4d9b4ef72f
81 changed files with 738 additions and 533 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
lib/tasks/db.rake
View File

@@ -7,8 +7,19 @@ namespace :db do
namespace :encryption do
desc 'Generate a set of keys for configuring Active Record encryption in a given environment'
task :init do # rubocop:disable Rails/RakeEnvironment
if %w(
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY
).any? { |key| ENV.key?(key) }
pastel = Pastel.new
puts pastel.red(<<~MSG)
WARNING: It looks like encryption secrets have already been set. Please ensure you are not changing secrets for a Mastodon installation that already uses them, as this will cause data loss and other issues that are difficult to recover from.
MSG
end
puts <<~MSG
Add these secret environment variables to your Mastodon environment (e.g. .env.production):#{' '}
Add the following secret environment variables to your Mastodon environment (e.g. .env.production), ensure they are shared across all your nodes and do not change them after they are set:#{' '}
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=#{SecureRandom.alphanumeric(32)}
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=#{SecureRandom.alphanumeric(32)}