How to solve error Missing `secret_key_base` for 'production' environment (Rails 4.1)
I had the same problem and solved it by creating an environment variable to be loaded every time I logged in to the production server, and made a mini-guide of the steps to configure it:
I was using Rails 4.1 with Unicorn v4.8.2 and when I tried to deploy my application it didn't start properly and in the
unicorn.log file I found this error message:
app error: Missing `secret_key_base` for 'production' environment, set this value in `config/secrets.yml` (RuntimeError)
After some research I found out that Rails 4.1 changed the way to manage the
secret_key, so if you read the
secrets.yml file located at
exampleRailsProject/config/secrets.yml you'll find something like this:
# Do not keep production secrets in the repository,
# instead read values from the environment.
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
This means that Rails recommends you to use an environment variable for the
secret_key_base in your production server. In order to solve this error you should follow these steps to create an environment variable for Linux (in my case Ubuntu) in your production server:
In the terminal of your production server execute:
$ RAILS_ENV=production rake secret
This returns a large string with letters and numbers. Copy that, which we will refer to that code as
Login to your server
If you login as the root user, find this file and edit it:
$ vi /etc/profile
Go to the bottom of the file using Shift+G (capital "G") in vi.
Write your environment variable with the
GENERATED_CODE, pressing i to insert in vi. Be sure to be in a new line at the end of the file:
$ export SECRET_KEY_BASE=GENERATED_CODE
Save the changes and close the file using Esc and then "
:x" and Enter for save and exit in vi.
But if you login as normal user, let's call it "
example_user" for this gist, you will need to find one of these other files:
$ vi ~/.bash_profile
$ vi ~/.bash_login
$ vi ~/.profile
These files are in order of importance, which means that if you have the first file, then you wouldn't need to edit the others. If you found these two files in your directory
~/.profileyou only will have to write in the first one
~/.bash_profile, because Linux will read only this one and the other will be ignored.
Then we go to the bottom of the file using Shift+G again and write the environment variable with our
GENERATED_CODEusing i again, and be sure add a new line at the end of the file:
$ export SECRET_KEY_BASE=GENERATED_CODE
Having written the code, save the changes and close the file using Esc again and "
:x" and Enter to save and exit.
You can verify that our environment variable is properly set in Linux with this command:
$ printenv | grep SECRET_KEY_BASE
$ echo $SECRET_KEY_BASE
When you execute this command, if everything went ok, it will show you the
GENERATED_CODEfrom before. Finally with all the configuration done you should be able to deploy without problems your Rails application with Unicorn or some other tool.
When you close your shell and login again to the production server you will have this environment variable set and ready to use it.
And that's it! I hope this mini-guide helps you solve this error.
Disclaimer: I'm not a Linux or Rails guru, so if you find something wrong or any error I will be glad to fix it.
Rails: How to fix Missing secret_key_base for 'production' environment
Keep default the
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
#not_indented: key for all env in once
RAILS_ENV=production SECRET_KEY_BASE=production_test_key rails c
If using Rails 5.2.0, add to production env below, check this LINK
config.require_master_key = true #config/environments/production.rb
Missing `secret_key_base` for 'production' environment on Ubuntu 18.04 server (Rails 6.0), multiple topics tried
Rails 5.2 and later uses encrypted credentials for storing sensitive app's information, which includes
secret_key_base by default. These credentials are encrypted with the key stored in
master.key file. Git repository, generated by default Rails application setup, includes
credentials.yml.enc but ignores
master.key. After the deployment, which usually involves
git push, Rails production environment should be augmented with this key some way.
So you have two options. You can securely upload
master.key to production host via
sftp. Or you can establish shell environment variable
RAILS_MASTER_KEY within the context of a user that runs
rails server process. The former option is preferred, but as you have
dotenv-rails gem installed, you'd create
.env.production file under app's root and put there a line
Don't forget to ensure that gem
dotenv-rails isn't restricted within
Gemfile by development and test Rails environments.
By the way since
passenger module ver. 5.0.0 you can set shell environment variables right from
Missing `secret_key_base` for 'production' environment error on Heroku
Okay, I see what happened. Running
heroku run bash and checking which files were deployed has been enlightening.
It is true that
secrets.yml was not in the
.gitignore file for my local repo, but it seems that someone--possibly malicious hackers, possibly gremlins--had added
secrets.yml to my global .gitignore (
.gitignore_global), and so this file was in fact not being pushed to Heroku.
I've removed the secrets file from my global .gitignore, offloaded the dev and test environment secret keys to dotenv for management, and can run my deployed app successfully.
I thought about deleting the question, but will leave it in case others run into this problem, or even a similar one where using
heroku run bash may be helpful when diagnosing issues with apps on Heroku.
Missing `secret_key_base` for 'production' environment
It's expecting an environment variable that you can set either in your own code somewhere else, in your bash profile, or in a dotenv file.
See Is it possible to set ENV variables for rails development environment in my code? for more details.
Personally I just put all my sensitive stuff directly in secrets.yml and just keep that out of the repository since that seems to be the intended purpose of that file.
Missing secret_key_base for production environment - hosting a rails 4.1.4 app on heroku
When you deploy to Heroku, you're deploying via Git. Any files that aren't included in your git repository won't be pushed to your server. As a result, it doesn't matter what you have in your
secrets.yml right now - it's not being deployed.
There's nothing wrong with committing configuration files or YAML files - the problem is in committing secrets. If you commit your API keys and passwords then you have to trust everyone with access to your source code. That's impossible if your code is on Github (because you don't trust everyone on earth with a computer), but is still a bad idea in a small company. You'll be far less stressed if someone leaves, loses their laptop, or gets infected with malware if they don't have production credentials on their machines.
You're already doing the right thing to avoid this. Using environment variables to configure your app keeps those secrets out of your repository, even if those configuration files are committed.
Unable to set secret_key_base for the production environment in Ruby on Rails 4.1.4 application running on Heroku
config/secrets.yml to version control and deploy again. You might need to remove a line from
.gitignore so that you can commit the file.
.gitignore Github created for my Rails application included
Follow this steps:
heroku config(run this command in your terminal)
- Copy value from
- paste value to
secrets.ymlfile in place of
<%= ENV["SECRET_KEY_BASE"] %>(without any quote)
Note: Actually this is not safe but in-case you just wanted to run your app temporary in production mode for testing or in emergency condition
I hope it works for you...
Rails missing SECRET_KEY_BASE in production
First, note that
/etc/profile is only sourced when invoking an interactive login shell, so any variables set in this file wouldn't ever get run by a web-server daemon on startup, which is why it didn't work as expected in your attempt.
Since you're using Apache + Phusion Passenger, you can set application-specific environment variables within your Apache configuration files using the
SetEnv option of
Otherwise, you could set your environment variables from your application code by reading configuration on your application server's filesystem. You could use a gem like
dotenv to automate this pattern.
See Phusion Passenger's documentation About Environment Variables: Passenger-Served Apps for a documentation reference.